This is a sample workflow on how to automatic create a CustomSpecFile. Note that the passwords in this is saved unencrypted (So do not use in a production environmnet unless you take other measures).
In my own environment I've solved this in this way:
The result of this is that both user/password combo's is useless as soon as the server is finished. (and ofcourse the CustomSpec file is deleted automatically after deployment)
// Note: con = VC:SDKConnection to the vCenter you want to create the CustomSpecFile var CustomSpecFile = "__vRO-AutoGenerated_"+ComputerName; try { var cms = con.customizationSpecManager; var Cust = new VcCustomizationSpecItem(); // Main Object // Attach Objects to MAIN Cust.spec = new VcCustomizationSpec(); Cust.info = new VcCustomizationSpecInfo(); // Do INFO Object Cust.info.type = "Windows"; Cust.info.name = CustomSpecFile; Cust.info.description = "Auto Generated from vRO"; // Do SPEC object Cust.spec.options = new VcCustomizationWinOptions(); Cust.spec.globalIPSettings = new VcCustomizationGlobalIPSettings(); // Should be Empty for vRA to use Network profile to fetch IP Cust.spec.identity = new VcCustomizationSysprep(); // Set WinOptions Params Cust.spec.options.changeSID = true; Cust.spec.options.deleteAccounts = true; Cust.spec.options.reboot = VcCustomizationSysprepRebootOption.reboot; Cust.spec.identity.userData = new VcCustomizationUserData(); Cust.spec.identity.userData.fullName = "Customer1"; Cust.spec.identity.userData.orgName = "Organization1"; Cust.spec.identity.userData.productId =""; // Must be defined (Cannot be null) // License setup Cust.spec.identity.userData.computerName = new VcCustomizationVirtualMachineName(); Cust.spec.identity.licenseFilePrintData = new VcCustomizationLicenseFilePrintData(); Cust.spec.identity.licenseFilePrintData.autoMode = VcCustomizationLicenseDataMode.perServer; Cust.spec.identity.licenseFilePrintData.autoUsers = 5; Cust.spec.identity.identification = new VcCustomizationIdentification(); // Domain Join Cust.spec.identity.identification.joinDomain = "customer1.ad.locale"; Cust.spec.identity.identification.domainAdmin = "UserWithJoinAccess"; Cust.spec.identity.identification.domainAdminPassword = new VcCustomizationPassword(); Cust.spec.identity.identification.domainAdminPassword.plainText = true; Cust.spec.identity.identification.domainAdminPassword.value = "SecretPassword"; // Setup Local Administrator Password Cust.spec.identity.guiUnattended = new VcCustomizationGuiUnattended(); Cust.spec.identity.guiUnattended.password = new VcCustomizationPassword(); Cust.spec.identity.guiUnattended.password.plainText = true; Cust.spec.identity.guiUnattended.password.value = "password1"; Cust.spec.identity.guiUnattended.autoLogon = true; Cust.spec.identity.guiUnattended.autoLogonCount = 1; Cust.spec.identity.guiUnattended.timeZone = 110; // DO NETWORK var AdapterList = new Array(); var Adapter1 = new VcCustomizationAdapterMapping(); Adapter1.adapter = new VcCustomizationIPSettings(); Adapter1.adapter.ip = new VcCustomizationDhcpIpGenerator(); AdapterList.push (Adapter1); Cust.spec.nicSettingMap = AdapterList; // SAVE cms.createCustomizationSpec(Cust); } catch (exception) { System.log ("Failed to create CustomSpecfile: "+CustomSpecFile+" Error: "+ exception); CustomSpecFile = null; }