VMware Cloud Community
StefanPahrmann

Disable VIX API in Vmware tools

Through PowerCLI it's possible to execute commands inside a guest with invoke-vmscript if you have the right privileges inside vCenter - so far so good, this works very well.

We now just want the direct opposite, where we want VMware admins not being able to execute anything in some highly protected/confidential guests. I figured that it's the VIX API-plugin in VMware tools, which is responsible for handling these calls.

So far we just disabled the vmtools-service (and that works effectively), but I'm wondering if there is some more elegant option to just disable this feature/plugin from the guest-side and still have the insights in vCenter.

I couldn't find anything in the official documentation, but I know that they have some options for tools.conf, which aren't documented (or only as needed, for instance here: VMware Knowledge Base​)

Did anyone else came across this issue?

Regards

Stefan

Reply
0 Kudos
0 Replies