VMware Cloud Community
MrVmware9423
Expert
Expert
Jump to solution

Automate how to Create loca user, Role

Dear Team,

We have to perform below task on more than 200+ esxi hosts, all the esxi hosts are intergrated in PIMS just wanted to know what all tasks we can automate

-Create a new role as logcapture and assign "Daignostic" Privilege (All Privilege => Global => Daignotic)

-Create a local user as (vCenterLogs) on all ESXi host.

- Assign "logcapture" role to "vCenterLogs" user

- Configure the Log Collector for VMware Collection

Perform the following steps to configure the Log Collector for VMware collection.

Add the VMware Event Source Type:

1.In the Security Analytics menu, select Administration > Services.

2.In the Services grid, select a Log Collector service.

3.Click under Actions and select View > Config.

4.In the Log Collector Event Sources tab, select VMware/Config from the drop-down menu.

The Event Categories panel displays the VMware event sources that are configured, if any.

-.Click + to open the Available Event Source Types dialog.

pastedImage_7.png

- Select vmware-events or vmware-tasks from the Available Event Source Types dialog and click OK.

The VMware available event source types are as follows:

vmware-events: Setup vmware-events to collect events from vCenter Servers and ESX/ESXi servers.

vmware-tasks: (Optional) Setup vmware-tasks to collect tasks from vCenter Servers.

- Select the new type in the Event Categories panel, and click + in the Sources toolbar.

- Add a Name, Username and Password,and modify any other parameters that require changes.

pastedImage_12.png

Caution:If you need to enter the domain name as part of the Username, you must use a double-backslash as a separator. For example, if the domain|username is corp\smithj, you must specify corp\\smithj.

- Click OK to save your changes.

Request you to assist me to automate above task.

Reply
0 Kudos
1 Solution

Accepted Solutions
LucD
Leadership
Leadership
Jump to solution

Wow, that's a lot of questions in one thread. :smileygrin:

The first part is rather straightforward:

$newUser = 'vCenterLogs'

$newUserPsd = 'WhatEver!'

$newRole = 'logcapture'

$rootpswd = 'MyPswd'

foreach($esx in Get-VMHost){

    $esx = Connect-VIServer -Server $esx.Name -User root -Password $rootpswd

    New-VMHostAccount -Id $newUser -Password $newUserPsd -GrantShellAccess -Server $esx.Name

    New-VIRole -Name $newRole -Privilege "Diagnostics" -Server $esx.Name

    New-VIPermission -Entity $esx -Principal $newUser -Role $newRole -Server $esx.Name

    Disconnect-VIServer -Server $esx.Name -COnfirm:$false

}

Not too sure what Log Collector you are referring to?
Is that the VMware Log Intelligence? Can you provide a link to the docs with the steps you copied?


Blog: lucd.info  Twitter: @LucD22  Co-author PowerCLI Reference

View solution in original post

Reply
0 Kudos
1 Reply
LucD
Leadership
Leadership
Jump to solution

Wow, that's a lot of questions in one thread. :smileygrin:

The first part is rather straightforward:

$newUser = 'vCenterLogs'

$newUserPsd = 'WhatEver!'

$newRole = 'logcapture'

$rootpswd = 'MyPswd'

foreach($esx in Get-VMHost){

    $esx = Connect-VIServer -Server $esx.Name -User root -Password $rootpswd

    New-VMHostAccount -Id $newUser -Password $newUserPsd -GrantShellAccess -Server $esx.Name

    New-VIRole -Name $newRole -Privilege "Diagnostics" -Server $esx.Name

    New-VIPermission -Entity $esx -Principal $newUser -Role $newRole -Server $esx.Name

    Disconnect-VIServer -Server $esx.Name -COnfirm:$false

}

Not too sure what Log Collector you are referring to?
Is that the VMware Log Intelligence? Can you provide a link to the docs with the steps you copied?


Blog: lucd.info  Twitter: @LucD22  Co-author PowerCLI Reference

Reply
0 Kudos