5 Replies Latest reply on Jul 18, 2013 11:36 AM by LucD

    Odd listing with .vmx file

    DZ1 Hot Shot

      I'm hardening some VMs, and I have a script that I found online (can't remember who it was from, but probably LucD).  The script is not the issue, but the csv file that the script references has some of these lines:

       

      floppy0.present,FALSE

      ide0:0.present,FALSE

      logging,TRUE

       

       

      Well, the script seems to work fine, but then when I check the .vmx file with (Get-VM "Name").extensiondata.config.extraconfig, the $_.key for any line that has to do with virtual hardware does not appear.  I don't think this is really a scripting issue, but this section is so active, that maybe someone can lead me in the right direction, and I'm using PowerCLI to edit the settings, so I guess it's relevant.  There are multiple lines, and everything appears fine except for hardware related lines:

       

      floppy0.present,FALSE

      floppy1.present,FALSE

      ide0:0.present,FALSE

      ide0:1.present,FALSE

      ide1:0.present,FALSE

      ide1:1.present,FALSE

      parallel0.present,FALSE

      serial0.present,FALSE

       

      Other lines appear when I retrieve them:

       

      isolation.monitor.control.disable,TRUE

      isolation.tools.ghi.autologon.disable,TRUE

      isolation.bios.bbs.disable,TRUE

      isolation.tools.getCreds.disable,TRUE

       

      Even if I "edit settings" > Options > Advanced | General > Configuration Parameters, and add a line there, I can't retrieve it with powershell (only hardware lines)  if I directly edit the .vmx file and copy it back, those lines don't show up with powershell, but they will show up if I look at the .vmx file on Windows with Write, or some other text editor. 

       

      Has anyone experienced this?  More importantly, does anyone know what I'm doing wrong?

       

      The script is here, and there is a CSV file that I use, with the examples that I listed, it has the Key,Value columns correctly

       

      #This line imports the key and value pair for the .vmx setting

      $import = Import-Csv "C:\STIGapply\STIG_current.csv"

       

       

      $VMs = Get-folder STIG | Get-VM "*clone"

       

       

      $vmConfigSpec = New-Object VMware.Vim.VirtualMachineConfigSpec

      Foreach ($item in $import) {

       

       

      $extra = New-Object VMware.Vim.OptionValue

      $extra.Key = $item.Key

      $extra.Value = $item.Value

      $vmConfigSpec.extraconfig += $extra

       

       

      }

       

       

      Foreach ($vm in $vms) {

       

       

      $vm.ExtensionData.ReconfigVM($vmConfigSpec)

      }

        • 1. Re: Odd listing with .vmx file
          RvdNieuwendijk Virtuoso
          User ModeratorsvExpert

          I am not sure what you try to achieve with the hardware lines. Are you trying to remove hardware from the virtual machines? Should you not use  cmdlets like Remove-FloppyDrive to remove the hardware? I don't think that just editing the vmx is file is sufficient.

          • 2. Re: Odd listing with .vmx file
            DZ1 Hot Shot

            From the wording, it seems like it should be an option to prevent the devices from being added, or if they are added, preventing them from actually being enabled.  One of the options can be found here http://www.stigviewer.com/check/ESXI5-VM-000034 

             

            I'm familiar with the cmdlets for removing hardware after it is added, but this is proactive measure.  Thanks for the response.  My main issue is why the options don't show up when I type

            (Get-VM "Name").extensiondata.config.extraconfig.  It just seems odd, but again, I may just be doing something wrong. 

            • 3. Re: Odd listing with .vmx file
              LucD Guru
              Community WarriorsUser ModeratorsvExpert

              In ExtraConfig you will only see the VMX lines that do not have an actual entry in the VirtualMachine object.

              In the case of the devices, these can be found in $vm.ExtensionData.Config.Hardware.Device.

              Blog: http://lucd.info | Twitter: @LucD22 | PowerCLI Reference co-author: http://tinyurl.com/hkn4glz
              • 4. Re: Odd listing with .vmx file
                DZ1 Hot Shot

                Ahhhhh...thank you.  I actually saw a post that Alan Renouf had Working with VM Devices in PowerCLI | VMware PowerCLI Blog - VMware Blogs and he had some functions for removing devices like serial and parallel ports, but I didn't know why they would not show up if I added the line to the .vmx file.  Do you know if there is a way to prevent the adding of those devices beforehand?  

                 

                Regardless, that is useful information, and I appreciate it. 

                • 5. Re: Odd listing with .vmx file
                  LucD Guru
                  Community WarriorsUser ModeratorsvExpert

                  Unless you create your new VMs from templates, you will get a 'default' HW configuration for the VM.

                  What HW you get depends on the OS you have specified for the VM, the HW present on the ESXi host, the type of license you have on the ESXi host and a couple of other factors.

                  Afaik, this is not user configurable.

                  Blog: http://lucd.info | Twitter: @LucD22 | PowerCLI Reference co-author: http://tinyurl.com/hkn4glz