Hello together.
Is it possible to read the security settings from an ESX host and a Virtual Center Server over a PowerCLI Script?
My idea is to run a script over the whole environment and read all security settings such local user password aging, an overview of all local account of an ESX Host, all roles with set privileges and the assigned Active directory groups and other settings.
Is this possible?
Thanks for any input.
Regards
ron999
For the permissions and roles you can use respectively the Get-VIRole and Get-VIPermission cmdlets.
To see the privileges use the Get-Privilege cmdlet.
Local accounts can be retrieved with the Get-VMHostAccount cmdlet.
For password aging of local accounts on ESX servers you will have to retrieve the /etc/login.defs file.
You could use plink.exe from the PuTTY Suite for that.
____________
Blog: LucD notes
Twitter: lucd22
Blog: lucd.info Twitter: @LucD22 Co-author PowerCLI Reference
Hi LucD.
Thank you for the information. The backround of my request is to create an script for our SAS 70 II Audit to check the whole VMware environment with the parameter i asked and something more. At the moment i have no idea how i can start the script. Maybe someone else has a script that do the job I'm searching for.
An easy entry would be to use the VMware Community PowerPack for PowerGui or vEcoShell which allows you to report on permissions, roles and privileges.
____________
Blog: LucD notes
Twitter: lucd22
Blog: lucd.info Twitter: @LucD22 Co-author PowerCLI Reference