Azure VM: reset local user account password

Arif Usman 421

folks, I have about 200 az vm, contains local user account. I need to reset password for all vms. Now I can do it through portal fine, but like to do scripting.

I tried with
$Computer = "TestVM"
$vmcomp = Get-AzVM -Name $Computer
$vmName = $vmcomp.Name
$resourceGroupName = $vmName.ResourceGroupName
$location = $vmName.Location
$Password = "*P@ssword2022!!"
$UserName = "AzureVM"

        Set-AzureRmVMAccessExtension -ResourceGroupName $resourceGroupName -VMName $vmName -Name $name -Location $location -typeHandlerVersion "2.0" -ForceRerun

but didn't work, can someone give me examples or any ideas here

Thanks In Advance......

Accepted answer

Andreas Baumgarten 97,731 Reputation points MVP

2022-08-21T07:40:30.653+00:00

Hi @Arif Usman ,

The Az is the newer module and the replacement for the older AzureRM module.
I would recommend to use the Az only.
https://learn.microsoft.com/en-us/powershell/azure/new-azureps-module-az?view=azps-8.2.0

To uninstall the AzureRM module you could try the Uninstall-AzureRM cmdlet (which is in the Az.Account module): https://learn.microsoft.com/en-us/powershell/module/az.accounts/uninstall-azurerm?view=azps-8.2.0

Some more useful information you will find here:
https://basvo.github.io/azure/azurerm/powershell/2021/03/05/remove-azurerm-before-installing-az-module.html
https://stackoverflow.com/questions/34204373/how-to-clean-up-bad-azure-powershell-uninstall

----------

(If the reply was helpful please don't forget to upvote and/or accept as answer, thank you)

Regards
Andreas Baumgarten
Please sign in to rate this answer.

0 comments No comments
Sign in to comment

10 additional answers

Andreas Baumgarten 97,731 Reputation points MVP

2022-08-22T06:51:17.5+00:00
Hi @Arif Usman ,

this is really weird.

I am running the Az module version 8.2

Get-InstalledModule Az

I am logged in to Azure with an account that is Owner of the subscription.
My vm is running in the Azure region "NorthEurope".

Before:

I am running this script without any error message:

$UserName = "AzureVM" $Password = "*P@ssword2022!!" $Computer = "Repair01" $secPassword = ConvertTo-SecureString $Password -AsPlainText -Force $cred = New-Object System.Management.Automation.PSCredential ($userName, $secPassword) $vmcomp = Get-AzVM -Name $Computer $vmName = $vmcomp.Name $resourceGroupName = $vmcomp.ResourceGroupName $location = $vmcomp.Location Set-AzVMAccessExtension -Credential $cred -Location "$location" -Name "PasswordReset" -ResourceGroupName "$resourceGroupName" -VMName "$vmName"

And the result will look like this:

In which Azure region is your vm running?

There was an reported issue some time ago (October 2021):
https://learn.microsoft.com/en-us/answers/questions/588466/no-version-found-in-the-artifact-repository-that-s.html
Based on the thread it should have been resolved.

It might be an option to create a support request with Microsoft to get your issue resolved.
https://learn.microsoft.com/en-us/azure/azure-portal/supportability/how-to-create-azure-support-request

Or you could try the second option I posted before. There is no Set-AzVMAccessExtension involved but should be the same result -> Password of user should be modified.
https://github.com/abaumgarten42/Azure_Stuff/tree/main/Azure_VMs/RunPowerShellScriptsOnVMs

----------

(If the reply was helpful please don't forget to upvote and/or accept as answer, thank you)

Regards
Andreas Baumgarten
Please sign in to rate this answer.

1 person found this answer helpful.

0 comments No comments
Sign in to comment
Prrudram-MSFT 22,396 Reputation points

2022-08-19T04:36:03.12+00:00

Hello @Arif Usman ,

Thank you for reaching out to the Microsoft Q&A platform. Happy to answer your question.

The approach you followed earlier is correct. It should have worked, did it throw any error? If not, I would recommend you follow the approach mentioned in the following article and let me know how that goes.
https://social.technet.microsoft.com/wiki/contents/articles/40112.azure-how-to-reset-password-of-azure-virtual-machine-using-powershell.aspx

--please don't forget to upvote and accept as answer if the reply is helpful--
Please sign in to rate this answer.
Arif Usman 421 Reputation points

2022-08-19T16:49:00.467+00:00

@Prrudram-MSFT There is no -username and -password in Set-AzurermVMAccessExtension, so examples link, won't work.

@Limitless Technology thanks reply,
First link doesn't make sense to take snapshot ....
2nd I know how to reset password in portal.

I would like to reset user account password on over 200 Azure VM. We are only in Azure Cloud (no on premises). like to use Powershell so i can automate...
Sign in to comment
Limitless Technology 43,966 Reputation points

2022-08-19T14:14:10.78+00:00

Hello there,

Is azure guest agent installed ?

You can reset the local Windows password of a VM in Azure using the Azure portal or Azure PowerShell provided the Azure guest agent is installed.

Reset local Windows password for Azure VM offline https://learn.microsoft.com/en-us/troubleshoot/azure/virtual-machines/reset-local-password-without-agent

Reset Password of an Azure Virtual Machine VM https://learn.microsoft.com/en-us/shows/it-ops-talk/reset-password-of-an-azure-virtual-machine-vm

Hope this resolves your Query !!

--If the reply is helpful, please Upvote and Accept it as an answer--
Please sign in to rate this answer.
Vetrivel Ap 0 Reputation points

2023-04-10T14:19:06.3333333+00:00

while resetting password it get unsuccessful ...
Sign in to comment
Andreas Baumgarten 97,731 Reputation points MVP

2022-08-19T23:00:22.623+00:00
Hi @Arif Usman ,

Set-AzureRmVMAccessExtension (AzureRM module) or Set-AzVMAccessExtension (Az module) using the -Credential parameter to provide username and password.

https://learn.microsoft.com/en-us/powershell/module/azurerm.compute/set-azurermvmaccessextension?view=azurermps-6.13.0
https://learn.microsoft.com/en-us/powershell/module/az.compute/set-azvmaccessextension?view=azps-8.2.0

On both websites the -Credential parameter has the same description:

-Credential
Specifies the user name and password for the virtual machine as a PSCredential object. If you type a different name than the current local administrator account on your VM, the VMAccess extension will add a local administrator account with that name, and assign your specified password to that account. If the local administrator account on your VM exists, it will reset the password and if the account is disabled, the VMAccess extension enables it. To obtain a credential, use the Get-Credential cmdlet. For more information, type Get-Help Get-Credential.

There is one thing you should be aware when using Set-AzVMAccessExtension/Set-AzureRmVMAccessExtension:
As described the Set-AzVMAccessExtension will add the user as an administrator if the account does not exist on the VM. If the user account already exists the user must be a member of the local Administrators group or the extension will fail.

If this is ok for you please give this a try (tested a few minutes ago):

$UserName = "AzureVM" $Password = "*P@ssword2022!!" $Computer = "TestVM" $secPassword = ConvertTo-SecureString $Password -AsPlainText -Force $cred = New-Object System.Management.Automation.PSCredential ($userName, $secPassword) $vmcomp = Get-AzVM -Name $Computer $vmName = $vmcomp.Name $resourceGroupName = $vmcomp.ResourceGroupName $location = $vmcomp.Location Set-AzVMAccessExtension -Credential $cred -Location "$location" -Name "PasswordReset" -ResourceGroupName "$resourceGroupName" -TypeHandlerVersion '2.4' -VMName "$vmName"

----------

(If the reply was helpful please don't forget to upvote and/or accept as answer, thank you)

Regards
Andreas Baumgarten
Please sign in to rate this answer.

0 comments No comments
Sign in to comment