vRealize Automation

Using Powershell to work with vRealize Automation work items

Posted by

I’m going to show how to use Powershell to access a vRealize Automation (vRA) work item and use the work item data to add the machine requestor to the local admins group of the provisioned machine.

This script is for demonstration purposes only and not intended for production use. Please do not call VMware GSS with questions relating to this post as they will not be able to assist.

Work Item

A vRA work item is pushed down to a machine during provisioning and contains a lot of info that we can use. The info is stored in an XML filed located at c:\VRMGuestAgent\site\workitem.xml. Here is what this file looks like:

2017-01-30_20-23-53.png

We can use Powershell go parse the XML and print the above in an easier to read format.

 [xml] $workitem = gc “c:\VRMGuestAgent\site\workitem.xml”
$item = $workitem.GetElementsByTagName(“workitem”)
$item.properties.childnodes

2017-01-30_20-33-24.png

Now that we know how we can access this data, let’s build a vRA Software Component that will execute during machine provisioning.

Software Component

The Software Component is pretty basic. Give it a name and set the Container dropdown to Machine.

2017-01-30_19-57-56.png

There are no Properties for this example:

2017-01-30_19-58-19.png

Set the Script Type to powershell:

2017-01-30_19-58-37.png

Here are the contents of the script where we perform the following steps:

1. Parse the XML and store the results in $workitem
2. Actually get the workitem item.
4. Query the childnodes for a node (vRA Property) for an item named Lab.AddRequestorToAdmins. We will add this property to our blueprint later.
6. If the above value exist and is set to true:
7. Set $owner to the value of the Virtualmachine.Admin.Owner property
8. Add $owner to the local admins group
11. Echo $owner to a file for logging purposes

2017-01-30_19-59-11.png

Here is the code if you need to easily copy:

[xml] $workitem = gc “c:\VRMGuestAgent\site\workitem.xml”
$item = $workitem.GetElementsByTagName(“workitem”)

$addUserToLocalAdmins = $item.properties.childnodes | ? { $_.name -eq “lab.addrequestortoadmins” }

if ($addUserToLocalAdmins -and $addUserToLocalAdmins.value -eq ‘true’) {
$owner = $item.properties.childnodes | ? { $_.name -eq “virtualmachine.admin.owner” } | select -expandproperty value
net localgroup administrators $owner /add
}

echo $owner > c:\owner.txt

Blueprint

We need to add the property Lab.AddRequestorToAdmins and set it to true on the blueprint.

2017-01-30_20-00-42.png

Now when you provision a machine you’ll see that your account is in the local admins group. I was logged in as the cloudadmin user in this example:

2017-01-30_20-48-27.png

 

 

 

Leave a Reply

Fill in your details below or click an icon to log in:

Gravatar
WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Cancel

Connecting to %s