From bc9a08214288d27e9cad06c2e41ba903a88b423b Mon Sep 17 00:00:00 2001
From: Alessandro Pilotti <ap@pilotti.it>
Date: Tue, 13 Aug 2013 13:51:49 +0300
Subject: [PATCH] Fixes bug related to password complexity limits

In some cases the randomly generated password can not fulfill the
complexity requirements. This patch adds a retry in case of failure with
a maximum limit suitable from a practical standpoint.
---
 .../plugins/windows/setuserpassword.py        | 22 ++++++++++++++++---
 1 file changed, 19 insertions(+), 3 deletions(-)

diff --git a/cloudbaseinit/plugins/windows/setuserpassword.py b/cloudbaseinit/plugins/windows/setuserpassword.py
index 432bf5ea..be0ce8d2 100644
--- a/cloudbaseinit/plugins/windows/setuserpassword.py
+++ b/cloudbaseinit/plugins/windows/setuserpassword.py
@@ -30,6 +30,7 @@ LOG = logging.getLogger(__name__)
 
 class SetUserPasswordPlugin(base.BasePlugin):
     _post_password_md_ver = '2013-04-04'
+    _max_password_set_retry_count = 10
 
     def _encrypt_password(self, ssh_pub_key, password):
         cm = crypt.CryptManager()
@@ -75,6 +76,23 @@ class SetUserPasswordPlugin(base.BasePlugin):
                      'supported by this metadata version')
             return True
 
+    def _set_password(self, osutils, user_name):
+        i = 0
+        while True:
+            try:
+                # The retry is due to Windows not accepting some of
+                # the randomly generated passwords due to complexity
+                # constraints
+                password = self._get_password(osutils)
+                LOG.info('Setting the user\'s password')
+                osutils.set_user_password(user_name, password)
+                return password
+            except:
+                if i < self._max_password_set_retry_count:
+                    i += 1
+                else:
+                    raise
+
     def execute(self, service):
         user_name = CONF.username
 
@@ -88,9 +106,7 @@ class SetUserPasswordPlugin(base.BasePlugin):
         else:
             osutils = osutils_factory.OSUtilsFactory().get_os_utils()
             if osutils.user_exists(user_name):
-                password = self._get_password(osutils)
-                LOG.info('Setting the user\'s password')
-                osutils.set_user_password(user_name, password)
+                password = self._set_password(osutils, user_name)
                 self._set_metadata_password(password, service)
 
         return (base.PLUGIN_EXECUTE_ON_NEXT_BOOT, False)