VMware Cloud Community
agnihotrit
Contributor
Contributor

how use remediate-inventory and get baseline ?

can anybody explain me with a script about how to use Remediate-Inventory With powercli version 6.3 R1 Build 3737840 & 6.3 R1 Build 3709130 to perform any operation?

when i am performing below script it is showing error in get baseline cmdlet.

the script is :

$baseline = Get-Baseline -Name "*"

Remediate-Inventory -Entity VM -Baseline $baseline -RunAsync

error :

Get-Baseline : 9/27/2016 8:21:44 PM    Get-Baseline        Unable to connect to the remote server   

At line:4 char:13

+ $baseline = Get-Baseline -Name "*"

+             ~~~~~~~~~~~~~~~~~~~~~~

    + CategoryInfo          : NotSpecified: (:) [Get-Baseline], VimException

    + FullyQualifiedErrorId : Core_BaseCmdlet_UnknownError,VMware.VumAutomation.Commands.GetBaseline

Update-Entity : Cannot validate argument on parameter 'Baseline'. The argument is null or empty. Provide an

argument that is not null or empty, and then try the command again.

At line:6 char:42

+ Remediate-Inventory -Entity VM -Baseline $baseline -RunAsync

+                                          ~~~~~~~~~

    + CategoryInfo          : InvalidData: (:) [Update-Entity], ParameterBindingValidationException

    + FullyQualifiedErrorId : ParameterArgumentValidationError,VMware.VumAutomation.Commands.RemediateInvento

   ry

any help will be appreciated Smiley Happy

thanks

Reply
0 Kudos
10 Replies
LucD
Leadership
Leadership

Did you do a Connect-VIServer to start with?


Blog: lucd.info  Twitter: @LucD22  Co-author PowerCLI Reference

Reply
0 Kudos
agnihotrit
Contributor
Contributor

yes i did connect it !

m getting error for get baseline.

the exact code is :

Connect-VIServer -Server *.*.*.* -User abc -Password xyz!

$baseline = Get-Baseline -Name "*"

Remediate-Inventory -Entity VM -Baseline $baseline -RunAsync

Disconnect-VIServer -Server *

Reply
0 Kudos
LucD
Leadership
Leadership

Then the message "Unable to connect to the remote server" could indicate that the Update Manager instance can not be reached.

Does the Update Manager tab work correctly from the vSphere client and/or Web client?


Blog: lucd.info  Twitter: @LucD22  Co-author PowerCLI Reference

Reply
0 Kudos
gajuambi
Enthusiast
Enthusiast

I had the same problem.

I was using NAT ip address of the vcenter from my network and obviously the vum powercli goes to the vcenter, gets the address of vum (which is internal ip and fqdn) and hence it fails Here it is complaining about powercli being not able to reach the update manager server and not vcenter itself. If you have both VC and VUM in the same server then you accessing VC from a different network will work.
from wherever u r running this script from, if u can't resolve the vum with its fqdn and actual ip (not NAT) then it will fail.

---------------------- Gajendra D Ambi [pardon my chat lingo]
Reply
0 Kudos
Norik
Contributor
Contributor

This works for me:

$cluster = "enter cluster/VM/Host name"
$basename = "Maintenance Patches: 10-05-2017 - Build 6765062"
$baseline = get-baseline -name $basename

Remediate-Inventory -Baseline $baseline -Entity $cluster

Reply
0 Kudos
ifany
VMware Employee
VMware Employee

VUM PowerCLI module requires connectivity to vCenter on TCP 8084.

This is what usually causes the issue, either firewall etc. 

Reply
0 Kudos
LucD
Leadership
Leadership

That sounds like a "feature"?

I would expect the station where you run the Update Manager cmdlets to only need 443 (or 80).
I assumed 8084 was only needed between the vCenter and the Update Manager.

Can you enlighten us why that port would be needed from my station to the Update Manager?


Blog: lucd.info  Twitter: @LucD22  Co-author PowerCLI Reference

Reply
0 Kudos
ifany
VMware Employee
VMware Employee

Hi Luc,

Indeed it is a "feature"

I worked this out for myself while trying to set this up in a gateway environment for a customer,

VCSA with integrated VUM was working fine, the VUM tab was loading fine, but "could not connect to remote host" error still a problem, though all base PowerCLI cmdlets were ok.

Then I hit this blog entry (coincidentally from someone I know Matt Alford... ) here https://virtualtassie.com/2018/quick-post-powercli-firewall-requirements/

I went through it and after checking the firewall logs 8044 was being dropped by the firewall, we created a rule from the jumpbox to the vcsa for 8044 and it is now working like a charm.

This does indeed need to be documented/flagged somewhere because like you I just assumed I'd need 443 and as you can see in Matt's post he figured it would be rolled in to 443 in the near future.

Reply
0 Kudos
LucD
Leadership
Leadership

Thanks for confirming my suspicion Anthony.

Is there a bug report open for this?
I guess an internal bug report, might carry a bit more weight than one from us normal folk. :smileygrin:


Blog: lucd.info  Twitter: @LucD22  Co-author PowerCLI Reference

Reply
0 Kudos
ifany
VMware Employee
VMware Employee

I'm not sure, and I get limited access to bugzilla as I'm a contractor, but I'll hit up one of my permanent counterparts and see if we can get one raised and get back to you

Reply
0 Kudos