Closed pfoppe closed 2 years ago
Hi @pfoppe,
Your assumption is correct, the password should be being passed in within quotes, otherwise some special characters get escaped. To achieve this in powershell we need to add `" `"
around the password.
This will be addressed in the next release of the ArcGIS Module. However, in the meantime here is a workaround that can be used. I recommend using v3.2.0 and making the following changes in 3 spots:
Update to:
$Arguments += " PASSWORD=`"$($ServiceCredential.GetNetworkCredential().Password)`"";
Update to:
$Arguments += " /password `"$($RunAsAccount.GetNetworkCredential().Password)`""
Update to:
$Arguments += " --password `"$($RunAsAccount.GetNetworkCredential().Password)`""
However, keep in mind if using module v3.1.1, there is likely other\additional changes required such as:
Update to:
Arguments = "/qb USER_NAME=$($ServiceAccount.UserName) PASSWORD=`"$($ServiceAccount.GetNetworkCredential().Password)`"";
Thanks, Cameron K.
Thanks for the response and including it in the product plan. We actually just ran into this again last week and we just updated the password to remove the special character.
For now, we will keep apprised of this and try to avoid the special characters. Thanks again!
@cameronkroeker, your proposed fix would also work for https://github.com/Esri/arcgis-powershell-dsc/issues/258 (passwords containing |
and '
), I assume?
@cameronkroeker, your proposed fix would also work for #258 (passwords containing
|
and'
), I assume?
Hi @scma-esrich,
The pipe |
symbol may still cause issues during an install/upgrade even outside of DSC. I suspect it to be an issue with the setup.exe not being able to properly escape it. This is reproducible by manually running the Setup.exe via the GUI, as well as a manual silent install (including quotes doesn't help for |
):
setup.exe /qb USER_NAME=arcgis PASSWORD="Pa$$w0rd|Pa$$w0rd"
The installation will complete, but the service account is set to LocalSystem
rather than the specified USER_NAME.
However, I can confirm though that the following characters will work with above suggested workaround: &^)%$*@!
As for #258 additional testing still needs to be done to confirm if the above workaround will suffice or not.
Thanks, Cameron K.
Hello @pfoppe and @scma-esrich,
We have included a fix in v3.3.0 that will allow most special characters such as &^)%$*@!
. However, there are still certain limitations that come from the actual Setup itself with using special characters like |
.
Thanks, Cameron K.
Community Note
Module Version
Affected Resource(s)
Configuration Files
For the relevant section of the .json file -
Expected Behavior
This occurred during an upgrade from v10.7.1 to v10.8.1.
Expect the product should have been upgraded from 10.7.1 to 10.8.1
Actual Behavior
The Powershell DSC execution failed with the following message:
And the windows event log shows the following:
Steps to Reproduce
Setup a .json file with a special character in the password for "ServiceAccount" and "ADServiceUser".
Specifically... the "&" character is a problem. We suspect "^" is also a problem but that was not confirmed.
Important Factoids
My objective is: 1) At a minimum, Update the WIKI and document what special characters are not supported 2) Support these special characters (ideally)
We are running on premise. Our AD Service account passwords update every 60 days per our IT Security policies. Every-time we run a PSDSC execution, the .json file passwords are updated (prior to executing).
Many of our deployments use the same credentials. We update the passwords outside of PSDSC (we have scripts that take care of it). For this issue... we had to re-set the password and update it on all deployments before we could finish this upgrade.
I suspect the limitation is related to windows command line limitation. To reproduce some of this outside of PSDSC, we attempted a 'silent upgrade' from command line - https://enterprise.arcgis.com/en/portal/latest/administer/windows/upgrade-data-store.htm#ESRI_SECTION1_985D148F08A448F3AE0C2097DF617FCD
Basically - 1) Open cmd.exe as administrator 2) Navigate to the install directory 3) Attempted an upgrade from command line -