Can someone please help me to find a script that I can enable Host Encryption Mode for our 200+ ESXi hosts by a powershell script?
Thanks in advance!
@NeenaJim You can follow below method to achieve your task. This has been tested on mentioned powerCLi version and working fine as well.
<#
Set-VMHost_Encrypt.ps1
Prerequisties: Install PowerCLI module version:VMware.PowerCLI 12.6.0 build 19610541.
Validate that below Cmdlet is available in this.
Get-Command -Name Get-KeyProvider --> To validate Keyprovider Cmdlet
Cmdlet Get-KeyProvider 12.6.0.19609013 VMware.VimAutomation.Storage
#>
Import-Module VMware.VMEncryption
$vmhosts = Get-VMHost -State Connected #Get-Content "C:\HostList.txt"
foreach ( $vmhost in $vmhosts){
$keyprovider = Get-KeyProvider | select -First 1
Get-VMHost $vmhost |Set-VMHost -KeyProvider $keyprovider
}
@LucD , would you please help me to perform this task?
See Solved: Re: Powercli command to enable host encryption - VMware Technology Network VMTN
Blog: lucd.info Twitter: @LucD22 Co-author PowerCLI Reference
Many thanks for sharing and very useful link
I am not sure if I am doing this correct or not. I am getting this message. I have connected the ESXi host with its root account from powershell and ran that command. Any suggestion @LucD ?
Looks like you didn't install the VMware.VMEncryption module.
That is a open source module and doesn't come automatically when you install PowerCLI.
Blog: lucd.info Twitter: @LucD22 Co-author PowerCLI Reference
Try it like this:
set-vmhost ESX111 -KmsCluster (get-kmscluster kmscluster111)
If you don't have two different modules that contain the same Get-KmsCluster command the module identifier should not be required.
I've tried to install the module: VMware.VMEncryption. But I dont think I am doing it right. What I have done is. Open that page and I could see this:
Then I opened the file and copied its content and ran it from PowerShell. But nothing happened. So at this point I am stuck. I am really sorry I couldn't follow the steps.
You have to install both files (.psd1 and .psm1) in a folder that you name VMware.VMEncryption
That folder has be in one of the folders mentioned in $env:PSModulePath
Blog: lucd.info Twitter: @LucD22 Co-author PowerCLI Reference
I've copied both files in the location and then ran that command again and getting this:
That Get-KmsCluster is part of the VMware.VimAutomation.Storage module.
Like Kamen already said, you don't need to specify that module prefix.
The problem is that the Get-KmsCluster cmdlet is also part of the VMware.VMEncryption module.
Just try with Get-KmsCluster, without prefix.
Or try with VMware.VMEncryption\Get-KmsCluster
Blog: lucd.info Twitter: @LucD22 Co-author PowerCLI Reference
@NeenaJim You can follow below method to achieve your task. This has been tested on mentioned powerCLi version and working fine as well.
<#
Set-VMHost_Encrypt.ps1
Prerequisties: Install PowerCLI module version:VMware.PowerCLI 12.6.0 build 19610541.
Validate that below Cmdlet is available in this.
Get-Command -Name Get-KeyProvider --> To validate Keyprovider Cmdlet
Cmdlet Get-KeyProvider 12.6.0.19609013 VMware.VimAutomation.Storage
#>
Import-Module VMware.VMEncryption
$vmhosts = Get-VMHost -State Connected #Get-Content "C:\HostList.txt"
foreach ( $vmhost in $vmhosts){
$keyprovider = Get-KeyProvider | select -First 1
Get-VMHost $vmhost |Set-VMHost -KeyProvider $keyprovider
}