Resetting Customization Spec Password after VCenter Upgrade

Following a recent upgrade from VCenter 6.5 to 6.7 I ran into an issue with Windows VM deployments using Customization Specifications. The deployments kept failing with the error "The VCenter Server is unable to decrypt passwords stored in the customization specification."

After some research I found out the this occurs because the encryption keys are updated during the VCenter upgrade and the passwords in the Customization Specs can no longer be decrypted. 



To resolve this issue I found out I would have to edit the Customization Spec and enter the passwords on the "Administrator Password" and "Workgroup or domain" tabs.

Re-enter the local Administrator password in the Customization Spec.

Re-enter the password for the Windows Domain account used to add servers to the Domain.

This works well if you only have a few deployments setup but I have to make this update to multiple Customization Specs in multiple Data Centers so this process would be very tedious. Since I am always looking at ways to script these types of tasks I started looking for the PowerCLI commands to accomplish this and it was actually very simple and this is what I have come up with.

Due to the way VCenter handles the encryption of the passwords in the Customization Specs I did have to run the script twice to update the passwords but this saved me hours of manual work.


Popular posts from this blog

Install Powershell and PowerCLI on Linux

Copying Large Files Using Copy-VMGuestFile