The commands vicfg-user.pl (esxcfg-user.pl) are used to manage local users and groups on your ESXi host. The commands will always require the –entity (-e) and –operation (-o) options. With this command you can add, modify, list and delete users and groups.
The vicfg-user.pl script has the following options.
--addgroup <group_names> (-g <group_name>) - A comma seperated list that the user will be added to
--adduser <user_list> (-u <user_list>) - A comma seperated list of users that will be added to a group
--entity <user | group > (-e <user | group>) - The entity upon which the operation will be performed
--operation <add | modify | delete | list> (-o <add | modify | delete | list>) - The operation to perform on the entity
--group <name> (-d <name>) - Group name
--grouid <group_id) (-D <group_id>) - Group ID of the group
--login <login_id> (-l <login_id>) - Login ID of the user
--newpassword <password> (-p <password>) - Password for the user
--newuserid <UUID> (-i <UUID>) - New UUID for the target user (optional)
--newusername <name> (-n <name>) - New username for the target user (optional)
--removegroup <group_name> (-G <group_name>) - A comma seperated list of groups to removed from the target user
--removeuser <user_list> (-U <user_list>) - A comma seperated list of users that will be removed from the target group
--role <administrator | read-only | no-access> (-r <admin | read-only | no-access>) - Role to be assigned to the target user or group. Note some documentation incorrectly specifies the adminstrator role when in should be specified as admin.
--shell <yes | no> (-s <yes | no>) - Grant shell access to the target user. This option is only applicable to ESX and not ESXi.
Sample Session
vicfg-user.pl –server 192.168.1.33 –entity user –operation add -l dave –newusername davem -p viclient
Created user dave Successfully
vicfg-user.pl –server 192.168.1.33 –entity user -o modify -l dave -n davemishchenko
Do you want to change the password (y/n) : n
Updated user dave Successfully
vicfg-user.pl –server 192.168.1.33 –entity user -o modify -l dave -g group1,group2
Do you want to change the password (y/n) : n
Updated user dave Successfully
Assigned to the group group1
Assigned to the group group2
vicfg-user.pl –server 192.168.1.33 –entity group -o modify -d group2 -U dave
Unassigned user dave from the group
vicfg-user.pl –server 192.168.1.33 –entity group -o delete -d group2
Deleted group2 successfully.
vicfg-user.pl –server 192.168.1.33 –entity user -o add -l dave –role admin
Do you want to change the password (y/n) : n
Updated user dave Successfully
Assigned the role admin
Managing users, groups and roles can also be done with the VI client.