Solved: Re: Set firewall with powershell - constructor pro...

Olivier_Domy · ‎06-02-2008

Hi.

I'm trying to set ESX firewall rules with powershell and VI API. After the connection to the virtual center, I use the following code :

$hsImpl = Get-VMHost -Name $ESXServer
$hs = Get-View $hsImpl.ID
$FWMoRef = $hs.ConfigManager.firewallSystem
$FW = Get-View -MoRef $FWMoRef
$FWConfig = New-Object Vmware.Vim.HostFirewallSystem

I have the following error message : Constructor not found. Cannot find an appropriate constructor for type Vmware.Vim.HostFirewallSystem.

Please, have you any idea?

admin · ‎06-02-2008

It looks as if all objects based on ExtensibleManagedObject can not be created with the New-Object cmdlet.
You can create these sorts of objects, but their constructors require arguments, so you would have to use new-object's -argumentlist switch. The question then becomes -- what do I do with such an object, since it doesn't represent anything in the system.
In order to make changes to the firewall, as LucD suggests, start with
$esxImpl = Get-VMHost -Name <ESX-host>
$esx = Get-View $esxImpl.ID
$fwImpl = $esx.ConfigManager.FirewallSystem
$fw = Get-View $fwImpl

And then you can make calls like $fw.EnableRuleset or $fw.UpdateDefaultPolicy, etc.

View solution in original post

LucD · ‎06-02-2008

Try loading the assembly before you do the New-Object.

See

Blog: lucd.info Twitter: @LucD22 Co-author PowerCLI Reference

Olivier_Domy · ‎06-02-2008

Sorry, but it doesn't work. I have already on the begin of my script : [http://Reflection.Assembly|http://Reflection.Assembly]::LoadWithPartialName("vmware.vim") and it doesn't work.

My code :

http://Reflection.Assembly::LoadWithPartialName("vmware.vim")
$VCVariables = get-content "D:\PS_Scripts\Conf_Files\VC.xml" # Load XML File

Connection to virtual center

$Connection = $VCVariables.VirtualCenter.Connection
$VCServer= $Connection.Server
$VCLogin = $Connection.login
$VCPassword = $Connection.password
$VCPort = $Connection.port
$VCProtocol = $Connection.protocol

Get-VIServer -Server $VCServer -Protocol $VCProtocol -Port $VCPort -User $VCLogin -Password $VCPassword | Out-Null
$root=Get-Folder -NoRecursion
$ESXVariables = get-content "D:\PS_Scripts\Conf_Files\ESX_Global.xml" # Load XML File
#Variables for ESX Connection
$ESXConnect=$ESXVariables.ESXConfiguration.ESXConnection # Node XML
$ESXServer=$ESXConnect.ESXServer
$ESXLogin=$ESXConnect.ESXLogin
$ESXPassword=$ESXConnect.ESXPassword

Firewall configuration

$hsImpl = Get-VMHost -Name $ESXServer
$hs = Get-View $hsImpl.ID
$FWMoRef = $hs.ConfigManager.firewallSystem
$FW = Get-View -MoRef $FWMoRef
$FWConfig = New-Object Vmware.Vim.HostFirewallSystem

When I run my script with PowerGui, my output is :

GAC Version Location

--- -

-

True v2.0.50727 C:\WINNT\assembly\GAC_MSIL\vmware.vim\1.0.0.0__10980b...

Constructor not found. Cannot find an appropriate constructor for type Vmware.Vim.HostFirewallSystem. At line 32, position 23 $FWConfig = New-Object Vmware.Vim.HostFirewallSystem

Nota Bene : If I try without PowerGui (in command line mode), I have the same result.

If you have any idea?

ykalchev · ‎06-02-2008

You're trying to create HostFirewallSystem which is a managed object. Managed Objects can be get/created using get-view cmdlet and their MoRef. BTW you have already done it with the code $FW = Get-View -MoRef $FWMoRef.

Are you trying to create HostFirewallDefaultPolicy object?

Yasen Kalchev, vSM Dev Team

halr9000 · ‎06-02-2008

This is a different problem (and error msg) than you get with the unloaded assy. See:

35# New-Object Vmware.Vim.HostFirewallSystem
New-Object : Cannot find type [http://Vmware.Vim.HostFirewallSystem|http://Vmware.Vim.HostFirewallSystem]: make sure the assembly containing t
his type is loaded.
At line:1 char:11
+ New-Object <<<<  Vmware.Vim.HostFirewallSystem
36# New-Object Vmware.Vim.HostFirewallSystem
New-Object : Constructor not found. Cannot find an appropriate constructor for type Vmware.Vim.Hos
tFirewallSystem.
At line:1 char:11
+ New-Object <<<<  Vmware.Vim.HostFirewallSystem

But this works fine. I did some searching using the .NET Reflector against a VI client assy (C:\Program Files\VMware\Infrastructure\Virtual Infrastructure Client\2.5\VimSoapService.25.dll) and did not see this type referenced anywhere which is odd...Is it possible we're not using the right type here?

38# New-Object vmware.vim.hostfirewallinfo

DefaultPolicy            Ruleset                  DynamicType              DynamicProperty
-------------            -------                  -----------              ---------------

Hal Rottenberg

Co-Host, PowerScripting Podcast (http://powerscripting.net)

My signature used to be pretty, but then the forum software broked it. vExpert. Microsoft MVP (Windows PowerShell). Author, Podcaster, Speaker. I'm @halr9000

LucD · ‎06-02-2008

It looks as if all objects based on ExtensibleManagedObject can not be created with the New-Object cmdlet.

On the other hand if you want a HostFirewallSystem object can't you copy the one connected to the HostSystem object and set the desired properties.

Something like this

$esxImpl = Get-VMHost -Name <ESX-host>
$esx = Get-View $esxImpl.ID
$fwImpl = $esx.ConfigManager.FirewallSystem
$fw = Get-View $fwImpl
$MyFw = $fw

Blog: lucd.info Twitter: @LucD22 Co-author PowerCLI Reference

admin · ‎06-02-2008

It looks as if all objects based on ExtensibleManagedObject can not be created with the New-Object cmdlet.
You can create these sorts of objects, but their constructors require arguments, so you would have to use new-object's -argumentlist switch. The question then becomes -- what do I do with such an object, since it doesn't represent anything in the system.
In order to make changes to the firewall, as LucD suggests, start with
$esxImpl = Get-VMHost -Name <ESX-host>
$esx = Get-View $esxImpl.ID
$fwImpl = $esx.ConfigManager.FirewallSystem
$fw = Get-View $fwImpl

And then you can make calls like $fw.EnableRuleset or $fw.UpdateDefaultPolicy, etc.

All

Set firewall with powershell - constructor problem