Category Archives: vSphere Power Cli

vSphere 5.0 Hardening Guide – Official Release

This is the official release of the vSphere 5.0 Security Hardening Guide, v1.0.  The format of this guide has changed from previous versions. The guide is being released as a Excel spreadsheet only.  The guideline metadata from earlier guides has been greatly expanded and standardized.  CLI commands for assessment and remediation of the guidelines is included for the vCLI, ESXi Shell, and PowerCLI.  For additional information, please see the Intro tab of the spreadsheet.

http://communities.vmware.com/servlet/JiveServlet/downloadBody/19605-102-1-26036/HardeningGuide-vSphere50-v1.0.xlsx

HardeningGuide-vSphere50-v1.0

 

 

Tagged , ,

Extract ESX hosts serial numbers – vCLI

If you ever need to extract serial numbers from ESX hosts, the Power shell script below does the job. It will extract the serial numbers into a csv file.

Copy and paste the script below into a text editor and save it as a poweshell script. (.ps1) file extension.

 

#start of function
function Get-VMHostWSManInstance {
 param (
 [Parameter(Mandatory=$TRUE,HelpMessage="VMHosts to probe")]
 [VMware.VimAutomation.Client20.VMHostImpl[]]
 $VMHost,
[Parameter(Mandatory=$TRUE,HelpMessage="Class Name")]
 [string]
 $class,
[switch]
 $ignoreCertFailures,
[System.Management.Automation.PSCredential]
 $credential=$null
 )
$omcBase = "http://schema.omc-project.org/wbem/wscim/1/cim-schema/2/"
 $dmtfBase = "http://schemas.dmtf.org/wbem/wscim/1/cim-schema/2/"
 $vmwareBase = "http://schemas.vmware.com/wbem/wscim/1/cim-schema/2/"
if ($ignoreCertFailures) {
 $option = New-WSManSessionOption -SkipCACheck -SkipCNCheck -SkipRevocationCheck
 } else {
 $option = New-WSManSessionOption
 }
 foreach ($H in $VMHost) {
 if ($credential -eq $null) {
 $hView = $H | Get-View -property Value
 $ticket = $hView.AcquireCimServicesTicket()
 $password = convertto-securestring $ticket.SessionId -asplaintext -force
 $credential = new-object -typename System.Management.Automation.PSCredential -argumentlist $ticket.SessionId, $password
 }
 $uri = "https`://" + $h.Name + "/wsman"
 if ($class -cmatch "^CIM") {
 $baseUrl = $dmtfBase
 } elseif ($class -cmatch "^OMC") {
 $baseUrl = $omcBase
 } elseif ($class -cmatch "^VMware") {
 $baseUrl = $vmwareBase
 } else {
 throw "Unrecognized class"
 }
 Get-WSManInstance -Authentication basic -ConnectionURI $uri -Credential $credential -Enumerate -Port 443 -UseSSL -SessionOption $option -ResourceURI "$baseUrl/$class"
 }
}
#end of function
#start of script
Get-VMHost | ForEach-Object {
 $VMHost = $_
 $PhysicalPackage = Get-VMHostWSManInstance -VMHost $_ -class CIM_PhysicalPackage -ignoreCertFailures -credential $Credential | `
 Where-Object {$_.ElementName -eq "Chassis"}
 $Report = "" | Select-Object -Property VMHost,SerialNumber
 $Report.VMHost = $VMHost.Name
 $Report.SerialNumber = $PhysicalPackage.SerialNumber
 $Report
} | Export-Csv -NoTypeInformation -UseCulture -Path c:\EsxSerialNumbers.csv 
#end of script