VMware Cloud Community
hharold
Enthusiast
Enthusiast
Jump to solution

Help with Host Profiles and PowerCLI needed

Hello,

I have 2 questions on using PowerCLI to edit vSphere Host Profiles:

1) How can I clone a host profile, by using PowerCLI ?

2) How can I modify Host profiles, by using PowerCLI, to update these settings ?
    a) Networking configuration - DNS configuration - Host name
    b) Authentication configuration - Active Directory configuration - Domain Name


Thanks!

Regards,
Harold

1 Solution

Accepted Solutions
LucD
Leadership
Leadership
Jump to solution

1) There are, in the current version no cmldets to clone a hostprofile.

But you can use the API. Something like this

$hostProfileName = "MyProfile" 
$prof = Get-VMHostProfile -Name $hostProfileName

$profMgr
= Get-View HostProfileManager
$spec
= New-Object VMware.Vim.HostProfileCompleteConfigSpec
$spec.Annotation = $prof.ExtensionData.Config.Annotation
$spec
.ApplyProfile = $prof.ExtensionData.Config.ApplyProfile
$spec
.CustomComplyProfile = $prof.ExtensionData.Config.CustomComplyProfile
$spec.DisabledExpressionList = $prof.ExtensionData.Config.DisabledExpressionList
$spec.Enabled = $prof.ExtensionData.Config.Enabled
$spec
.Name = $prof.ExtensionData.Config.Name + " - COPY"
$profMgr
.CreateProfile($spec)

2) Changing settings in hostprofiles can be done, but oit requires a thorough knowledge of the internals

See for example my Change the root password in hosts and Host Profiles post.


Blog: lucd.info  Twitter: @LucD22  Co-author PowerCLI Reference

View solution in original post

Reply
0 Kudos
21 Replies
LucD
Leadership
Leadership
Jump to solution

1) There are, in the current version no cmldets to clone a hostprofile.

But you can use the API. Something like this

$hostProfileName = "MyProfile" 
$prof = Get-VMHostProfile -Name $hostProfileName

$profMgr
= Get-View HostProfileManager
$spec
= New-Object VMware.Vim.HostProfileCompleteConfigSpec
$spec.Annotation = $prof.ExtensionData.Config.Annotation
$spec
.ApplyProfile = $prof.ExtensionData.Config.ApplyProfile
$spec
.CustomComplyProfile = $prof.ExtensionData.Config.CustomComplyProfile
$spec.DisabledExpressionList = $prof.ExtensionData.Config.DisabledExpressionList
$spec.Enabled = $prof.ExtensionData.Config.Enabled
$spec
.Name = $prof.ExtensionData.Config.Name + " - COPY"
$profMgr
.CreateProfile($spec)

2) Changing settings in hostprofiles can be done, but oit requires a thorough knowledge of the internals

See for example my Change the root password in hosts and Host Profiles post.


Blog: lucd.info  Twitter: @LucD22  Co-author PowerCLI Reference

Reply
0 Kudos
hharold
Enthusiast
Enthusiast
Jump to solution

Thanks Luc,

I will try the clone part tomorrow! thanks a lot!

For the second part of my own question:

2) How can I modify Host profiles, by using PowerCLI, to update these settings ?
    a) Networking configuration - DNS configuration - Host name
    b) Authentication configuration - Active Directory configuration - Domain Name

Your link was super, finally I was able to do some reverse engineering on your code and got the code to do both settings:

# Setting the Admin Password in the Host Profile 
$newAdminPswd
= "MyPassword"
$secpol = New-Object VMware.Vim.ProfilePolicy
$secpol
.Id = "AdminPasswordPolicy"
$secpol
.PolicyOption = New-Object VMware.Vim.PolicyOption
$secpol
.PolicyOption.Id = "FixedAdminPasswordOption"
$secpol
.PolicyOption.Parameter += New-Object VMware.Vim.KeyAnyValue
$secpol
.PolicyOption.Parameter[0].Key = "password"
$secpol
.PolicyOption.Parameter[0].Value = New-Object VMware.Vim.PasswordField
$secpol
.PolicyOption.Parameter[0].Value.Value = $newAdminPswd
$spec.ApplyProfile.Security.Policy = @($secpol) # Setting the DNS Host Name setting in the Host Profile
$nwpol
= New-Object VMware.Vim.ProfilePolicy
$nwpol
.Id = "HostNamePolicy"
$nwpol.PolicyOption = New-Object VMware.Vim.PolicyOption
$nwpol
.PolicyOption.Id = "UserInputHostName"
$spec
.applyprofile.network.dnsconfig.policy = @($nwpol) # Setting the Domain Name and OU setting in the Host Profile
$domain = "mydomain.hs.nl/Global/ESXiHosts"
$domainpol = New-Object VMware.Vim.ProfilePolicy
$domainpol
.Id = "JoinedDomainPolicy"
$domainpol
.PolicyOption = New-Object VMware.Vim.PolicyOption
$domainpol
.PolicyOption.Id = "FixedJoinedDomainOption"
$domainpol.PolicyOption.Parameter += New-Object VMware.Vim.KeyAnyValue
$domainpol
.PolicyOption.Parameter[0].Key = "joinedDomain"
$domainpol.PolicyOption.Parameter[0].Value = $domain
$spec.applyprofile.authentication.activedirectory.policy = @($domainpol)

Thanks again Luc.

Regards,

Harold

https://twitter.com/hharold

Reply
0 Kudos
LucD
Leadership
Leadership
Jump to solution

Thanks for sharing.


Blog: lucd.info  Twitter: @LucD22  Co-author PowerCLI Reference

Reply
0 Kudos
hharold
Enthusiast
Enthusiast
Jump to solution

Couldn't wait to test the clone host profile code, you provided.

Almost worked perfectly!

I just had to add the reference host in the code, as it was failing on this. ($spec.ValidatorHost)

This is the final code I got:

 $profMgr = Get-View HostProfileManager
$spec = New-Object VMware.Vim.HostProfileCompleteConfigSpec 
$spec
.Annotation = $hp.ExtensionData.Config.Annotation $spec.ApplyProfile = $hp.ExtensionData.Config.ApplyProfile $spec.CustomComplyProfile = $hp.ExtensionData.Config.CustomComplyProfile $spec.DisabledExpressionList = $hp.ExtensionData.Config.DisabledExpressionList $spec.ValidatorHost = $hp.extensiondata.referencehost $spec.Enabled = $hp.ExtensionData.Config.Enabled $spec.Name = $hp.ExtensionData.Config.Name + " - BACKUP"
$profMgr.CreateProfile($spec)                        

Thanks again !

Regards,

Harold

https://twitter.com/hharold

Reply
0 Kudos
allaurente
Contributor
Contributor
Jump to solution

I have a dumb question.  Where can I get a complete listing of the different ID names in a host profile.  In the sample posted how do you know that there is a PolicyOption Id called "FixedAdminPasswordOption".  I'm trying to edit a different policyOption Id but I dont what it is called.

LucD
Leadership
Leadership
Jump to solution

I'm afraid there is a bit of reverse engineering involved.


Blog: lucd.info  Twitter: @LucD22  Co-author PowerCLI Reference

Reply
0 Kudos
Sany_1973
Enthusiast
Enthusiast
Jump to solution

Any info regarding getting the policy ID and policy option ID

Reply
0 Kudos
LucD
Leadership
Leadership
Jump to solution

Not sure I get the question, what do you mean?
Any specific option


Blog: lucd.info  Twitter: @LucD22  Co-author PowerCLI Reference

Reply
0 Kudos
Sany_1973
Enthusiast
Enthusiast
Jump to solution

How did you get "JoinedDomainPolicy" and "FixedJoinedDomainOption" for that particular Policy.

$domainpol.Id = "JoinedDomainPolicy"
$domainpol.PolicyOption.Id = "FixedJoinedDomainOption"

Reply
0 Kudos
LucD
Leadership
Leadership
Jump to solution

Reverse engineering :smileygrin:


Blog: lucd.info  Twitter: @LucD22  Co-author PowerCLI Reference

Reply
0 Kudos
Sany_1973
Enthusiast
Enthusiast
Jump to solution

I am looking for Powercli script to add VSS portgroup with VLANID to Host Profile (without Reference host) also I am looking for adding LUN as a datastore to Host Profile.

Editing the Host Profile.

Reply
0 Kudos
Sany_1973
Enthusiast
Enthusiast
Jump to solution

Hi I ran following script and got some general system error:

Exception calling "UpdateHostProfile" with "1" argument(s): "A general system error occurred: Not i

nitialized"

At C:\Temp\alaska\Set-ProfileEx.ps1:69 char:45

+     $Profile.ExtensionData.UpdateHostProfile <<<< ($spec)

    + CategoryInfo          : NotSpecified: (:) [], MethodInvocationException

    + FullyQualifiedErrorId : DotNetMethodException

function Set-ProfileEx{

#$vlanid="310"

#$vswitch="vSwitch0"

#$Profile="Test-HP"

param([PSObject]$Profile="Test-HP")

begin{

    function Copy-Property ($From, $To, $PropertyName ="*")

        {

            foreach ($p in Get-Member -In $From -MemberType Property -Name $propertyName)

            {        trap {

                            Add-Member -In $To -MemberType NoteProperty -Name $p.Name -Value $From.$($p.Name) -Force

                            continue

                            }

            $To.$($P.Name) = $From.$($P.Name)

            Write-Output $P.Name

            }

        }

}

process{

if($Profile.GetType().Name -eq "string"){

$Profile = Get-VMHostProfile -Name $Profile

Write-Output $Profile

}

$spec = New-Object VMware.Vim.HostProfileCompleteConfigSpec

Copy-Property -From $Profile.ExtensionData.Config -To $spec

     $vlanpol = New-Object VMware.Vim.ProfilePolicy

    $vlanpol.Id = "VlanIdPolicy"

    $vlanpol.PolicyOption = New-Object VMware.Vim.PolicyOption

    $vlanpol.PolicyOption.Id = "FixedVlanIdOption"

    $vlanpol.PolicyOption.Parameter += New-Object VMware.Vim.KeyAnyValue

    $vlanpol.PolicyOption.Parameter[0].Key = "vlanId"

    $vlanpol.PolicyOption.Parameter[0].Value = "310"

    $vswitchpol = New-Object VMware.Vim.ProfilePolicy

    $vswitchpol.Id = "VswitchSelectionPolicy"

    $vswitchpol.PolicyOption = New-Object VMware.Vim.PolicyOption

    $vswitchpol.PolicyOption.Id = "FixedVswitchSelectionOption"

    $vswitchpol.PolicyOption.Parameter += New-Object VMware.Vim.KeyAnyValue

    $vswitchpol.PolicyOption.Parameter[0].Key = "vswitchName"

    $vswitchpol.PolicyOption.Parameter[0].Value = "vSwitch0"

   

$portpol = New-Object VMware.Vim.ProfilePolicy

$portpol.Id = "PortgroupCreatePolicy"

$portpol.PolicyOption = New-Object VMware.Vim.PolicyOption

$portpol.PolicyOption.Id = "CreateAlways"

    $myport = New-Object VMware.Vim.VmPortGroupProfile

    $myport.Name="VMDATA"

    $myport.Enabled=$true

    $myport.Key="key-vim-profile-host-VmPortgroupProfile-VMDATA"

    $myport.NetworkPolicy=New-Object VMware.Vim.NetworkPolicyProfile

    $myport.Vlan=New-Object VMware.Vim.VlanProfile

    $myport.Vswitch=New-Object VMware.Vim.VirtualSwitchSelectionProfile

    $myport.Vlan.Policy=@($vlanpol)

    $myport.Vswitch.Policy=@($vswitchpol)

    $myport.Policy=@($portpol)

  

    $spec.ApplyProfile.Network.VmPortGroup +=$myport

    Write-Output $spec.ApplyProfile.Network.VmPortGroup

   

    $Profile.ExtensionData.UpdateHostProfile($spec) 

   

    Get-VMHostProfile -Name $Profile.Name

    }

}

Set-ProfileEx

Reply
0 Kudos
LucD
Leadership
Leadership
Jump to solution

This error doesn't give a lot of clues.

Check the vpxd logs to see if they contain some more information on the error


Blog: lucd.info  Twitter: @LucD22  Co-author PowerCLI Reference

Reply
0 Kudos
Sany_1973
Enthusiast
Enthusiast
Jump to solution

Hi LucD,

Thanks for the reply. Here I am trying to add a vmportgroup to Host Profile.

Could you please check the objects are fine. Do I need to use create subprofile by CreateDefaultProfile method?

Thanks

Reply
0 Kudos
hchchchc
Contributor
Contributor
Jump to solution

hi luc,

i tried to change pciIndex in a auto deploy host profile to react on different hardware.

my script run's through but "UpdateHostProfile" ends up with an error "".

anyway $spec is what i expect to be (changed the index from "2" in the host profile to "3").

do you have any idea what run's wrong here ?

i'm really struggeling ..

thanks a lot in advance, chris

function Copy-Property ($From, $To, $PropertyName ="*") {

  foreach ($p in Get-Member -In $From -MemberType Property -Name $propertyName) {

  trap {

  Add-Member -In $To -MemberType NoteProperty -Name $p.Name -Value $From.$($p.Name) -Force

  continue

  }

  $To.$($P.Name) = $From.$($P.Name)

  }

}

$hostProfileName = "AutoDeployProfile2"

$prof = Get-VMHostProfile -Name $hostProfileName

$profMgr = Get-View HostProfileManager

$spec = New-Object VMware.Vim.HostProfileCompleteConfigSpec

Copy-Property -From $prof.ExtensionData.Config -To $spec

$PCIPolicy = New-Object VMware.Vim.ProfilePolicy

$PCIPolicy.Id = "LinkSpecPolicy"

$PCIPolicy.PolicyOption = New-Object VMware.Vim.PolicyOption

$PCIPolicy.PolicyOption.Id = "PnicsByPCIOrder"

$PCIPolicy.PolicyOption.Parameter += New-Object VMware.Vim.KeyAnyValue

$PCIPolicy.PolicyOption.Parameter[0].Key = "pciIndices"

$PCIPolicy.PolicyOption.Parameter[0].Value = @("3")

$spec.ApplyProfile.Network.Vswitch.Link.Policy = @($PCIPolicy)

$prof.ExtensionData.UpdateHostProfile($spec)

Reply
0 Kudos
LucD
Leadership
Leadership
Jump to solution

Can you include the complete error message you are seeing?

Also include the content of $error[0].exception[0].innerexception

And have a look in the vpxd log on the vCenter.

There i soften more info on these kind of exceptions in that log.


Blog: lucd.info  Twitter: @LucD22  Co-author PowerCLI Reference

Reply
0 Kudos
hchchchc
Contributor
Contributor
Jump to solution

hi luc,

thanks for your quick reply !

it still says invalid parameter type for pciIndices.

i tried with 3, "3", @(3), @("3"). but the error stays.

appreciate your help Smiley Happy

br/chris

the script looks like this:

$hostProfileName = "AutoDeployProfile2"

$prof= Get-VMHostProfile -Name $hostProfileName

$profMgr = Get-View HostProfileManager

$spec = New-Object VMware.Vim.HostProfileCompleteConfigSpec

Copy-Property -From $prof.ExtensionData.Config -To $spec

$PCIPolicy = New-Object VMware.Vim.ProfilePolicy

$PCIPolicy.Id = "LinkSpecPolicy"

$PCIPolicy.PolicyOption = New-Object VMware.Vim.PolicyOption

$PCIPolicy.PolicyOption.Id = "PnicsByPCIOrder"

$PCIPolicy.PolicyOption.Parameter += New-Object VMware.Vim.KeyAnyValue

$PCIPolicy.PolicyOption.Parameter[0].Key = "pciIndices"

$PCIPolicy.PolicyOption.Parameter[0].Value = 3

$spec.ApplyProfile.Network.Vswitch.Link.Policy = @($PCIPolicy)

$prof.ExtensionData.UpdateHostProfile($spec)

the error message in PowerCLI is:

PowerCLI Q:\05_SERV\VMware\Scripting> $prof.ExtensionData.UpdateHostProfile($spec)

Exception calling "UpdateHostProfile" with "1" argument(s): "There is an error in the XML document."

At line:1 char:1

+ $prof.ExtensionData.UpdateHostProfile($spec)

+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

    + CategoryInfo          : NotSpecified: (:) [], MethodInvocationException

    + FullyQualifiedErrorId : InvalidOperationException

the parameters seein in vpxd.log are:

-->                profileTypeName = "VirtualSwitchProfile",

-->                profileVersion = "6.0.0",

-->                key = "key-vim-profile-host-VirtualSwitchProfile-vSwitch0",

-->                name = "vSwitch0",

-->                link = (vim.profile.host.VirtualSwitchProfile.LinkProfile) {

-->                   enabled = true,

-->                   policy = (vim.profile.Policy) [

-->                      (vim.profile.Policy) {

-->                         id = "LinkSpecPolicy",

-->                         policyOption = (vim.profile.PolicyOption) {

-->                            id = "PnicsByPCIOrder",

-->                            parameter = (vmodl.KeyAnyValue) [

-->                               (vmodl.KeyAnyValue) {

-->                                  key = "pciIndices",

-->                                  value = "3"

-->                               }

-->                            ]

-->                         }

-->                      }

-->                   ],

-->                   profileTypeName = "LinkProfile",

-->                   profileVersion = "6.0.0",

the error message in vpxd.log is:

2017-07-04T07:14:58.057Z info vpxd[7F052BA74700] [Originator@6876 sub=Default opID=3c8f0267] [VpxLRO] -- ERROR task-448458 -- hostprofile-203 -- vim.profile.host.HostProfile.update: vim.fault.ProfileUpdateFailed:

--> Result:

--> (vim.fault.ProfileUpdateFailed) {

-->    faultCause = (vmodl.MethodFault) null,

-->    failure = (vim.fault.ProfileUpdateFailed.UpdateFailure) [

-->       (vim.fault.ProfileUpdateFailed.UpdateFailure) {

-->          profilePath = (vim.profile.ProfilePropertyPath) {

-->             profilePath = "network.vswitch["key-vim-profile-host-VirtualSwitchProfile-vSwitch0"].link",

-->             policyId = "LinkSpecPolicy",

-->             parameterId = "pciIndices"

-->          },

-->          errMsg = (vmodl.LocalizableMessage) {

-->             key = "com.vmware.vim.profile.host.UpdateError.InvalidParameterType.label",

-->             arg = (vmodl.KeyAnyValue) [

-->                (vmodl.KeyAnyValue) {

-->                   key = "paramName",

-->                   value = "pciIndices"

-->                }

-->             ],

-->             message = "Invalid parameter type for parameter pciIndices"

-->          }

-->       }

-->    ],

-->    msg = "Received SOAP response fault from [<cs p:00007f04d4bd0550, TCP:<host>:443>]: bookKeep

--> Received SOAP response fault from [<cs p:1f364958, TCP:localhost:8307>]: bookKeep

--> Profile validation failed. Check the profile for errors."

Reply
0 Kudos
LucD
Leadership
Leadership
Jump to solution

There are a couple of things that I would change.

  • the vswitch property is an array. You will have to find which entry is the one you want to change
  • the existing LinkSpecPolicy can already contain a pciIndices entry. You will have to check, and if it exists, you will have to replace it with your new entry. Other entries can be copied.
  • the Policy property is an array, so you should do: spec.ApplyProfile.Network.Vswitch.Link.Policy += $PCIPolicy

What is the name of the vSwitch you want to update?


Blog: lucd.info  Twitter: @LucD22  Co-author PowerCLI Reference

Reply
0 Kudos
hchchchc
Contributor
Contributor
Jump to solution

hi luc,

sorry for my late reply - i figured it out with some kind of re-engineering 🙂

so i share what i found out.

it was - mostly - a problem with the Object-Type (array of integers) that did the trick in the end (see as ReplacementHelper).

thanks for your help !

chris

$hostProfileName = "AutoDeployProfile2"

$prof= Get-VMHostProfile -Name $hostProfileName

$profMgr = Get-View HostProfileManager

$spec = New-Object VMware.Vim.HostProfileCompleteConfigSpec

$spec.Annotation = $prof.ExtensionData.Config.Annotation

$spec.ApplyProfile = $prof.ExtensionData.Config.ApplyProfile

$spec.CustomComplyProfile = $prof.ExtensionData.Config.CustomComplyProfile

$spec.DisabledExpressionList = $prof.ExtensionData.Config.DisabledExpressionList

$spec.ValidatorHost = $prof.extensiondata.referencehost

$spec.Enabled = $prof.ExtensionData.Config.Enabled

$ReplacementHelper = New-Object VMware.Vim.KeyAnyValue

$ReplacementHelper.Key = "pciIndices"

[int[]] $ReplacementHelper.Value = @(6)

$spec.ApplyProfile.Network.Vswitch.Link.Policy[0].PolicyOption[0].Parameter = $ReplacementHelper

$prof.ExtensionData.UpdateHostProfile($spec)

Reply
0 Kudos