We do automatic rollouts of Active Directory in Azure for our Customers with Ansible.
We want to install the AD iData Agent with the Unattend Package and Custom “install.xml” File.
These we are already doing successful for MA, Proxy and Restore Agent.
If you do Unattend AD Installation in the XML is PW for AD Agent needed. But it is expected a hash, but i cannot find what hash (for the PW) the Installer expect. Normal PW is not working and sha-256 hash of PW is not working, too.
This is the line in XML:
<userAccount password="3820c5c6992b6774aced93ecd88e04e35b4398d99e3f0a7d8" domainName="q1xyz.local" userName="svc-adbackup" />
So it would be important to know with what the setup when you create the package the PW encryptes, because during automatic rollout we get it from our central key Vault during installation.
Best answer by RMcG
You can use the utils class in the workflow engine to encrypt the password.
EncryptedString es = utils.encryptString("AStrongerPasswordThanThis");
The above JAVA code in a script activity will provide an EncryptedString type as the output that you can use with the workflow activities that accept / require that type or you can output the string representation of it by simply appending the .toString() method… which in this case above provides the string “3929014b2f18bbbff1e1b1d074001001e369c664f2c0ae4ea24da75e3a0b34ba367c0c7960675041b”
Does the format look familiar? … you can use this directly in the install XML.
Some process options you can consider:
- Call a workflow via Ansible, passing the password as an input, that simply returns the encrypted string for the input provided. Use that string with the rest of your existing process. (TIP: Put the workflow in API mode to avoid a job running and reduce the execution time.)
- Call a workflow via Ansible, passing the client, and AD settings that builds and executes an XML command to push install the AD agent to a new or existing CommCell client depending on your preference.
- Same as ‘2’ above but also have the workflow retrieve the password from your key vault