It’s pretty easy to create a new user using vSphere APIs in Java. If you want one or two lines of scripts, you can write a few line Python script using PyVimomi wrapped by a command line. Even easier is a solution discussed at PureVirtual.
The trick is really about how to access the adduser command, which is available but not accessible from console as it is. To use the command, you have to type the following command from ESXi console: (I assume there are a few more commands that can be used in the same way)
Bothered by SLOW Web UI to manage vSphere? Want to manage ALL your VMware vCenters, AWS, Azure, Openstack, container behind a SINGLE pane of glass? Want to search, analyze, report, visualize VMs, hosts, networks, datastores, events as easily as Google the Web? Find out more about vSearch 3.0: the search engine for all your private and public clouds.
# /usr/lib/vmware/busybox/bin/busybox adduser -s /bin/sh -G root -h / steve
The -s defines the shell; -G defines group; -h defines home directory. The last argument is the name of the user to be added. Upon typing the command, you will be prompted for new password. This interaction is fine for manual process, but not OK for full automation.
Luckily there is a switch -D that indicates no password to be defined, but not so lucky with including password directly, for example,
# /usr/lib/vmware/busybox/bin/busybox adduser -s /bin/sh -G root -h / -D steve
Although the command goes through without asking for password, it’s not a good idea to leave the user without password. So you got to change the password right afterwards.
After researching it and inspired by a stackoverflow discussion, I got the following script working. It changes the password for user “steve” to “doublecloud”. There is no need to include the busybox path there, so the script is shorter.
# echo doublecloud | passwd steve --stdin
Combined the above commands together, we can have a fully automated script that creates a new user in ESXi without leaving the password open.
Still, the API way is the preferred way to create a new user. If you can go with the API approach, just do it; otherwise the above pure shell scripting works just fine.