seamusobr1
Enthusiast
Enthusiast

Script to change lockdown settings and add users to exception list

Hi

I wonder if somebody can help. With the code below I am able to change the lockdown mode on the esxi host but I am not able to get the script to list the local users on the Esxi host and get those added to the exception list

Just wondering if a foreach is needed to get this done (second line from bottom)

Thanks in advance

 

 

 

Connect-VIServer -Server vcenter_username -User  -password 

 

$hosts = Get-VMHost

 

Foreach ($vmhost in $hosts) {

    $status = (Get-VMHost -name $vmhost).ExtensionData.Config.LockdownMode # checks lockdown mode

    Write-Host "$status is set on $vmhost"

    if ($status -eq "lockdownDisabled") {

        (Get-VMHost $vmhost | Get-View).EnterLockdownMode() # sets lockdown mode to enabled.

        Write-Host "Lockdown is now set to enabled on $vmhost"

    }

    else{

        Write-Host "Lockdown is already set to enabled on $vmhost"

}

   

$HostAccess = Get-View -Id $vmhost.ExtensionData.ConfigManager.HostAccessManager

$currentUsers = $HostAccess.QueryLockdownExceptions()

$newUsers = $currentUsers + $username

foreach ($user in $newusers) {

   $HostAccess.UpdateLockdownExceptions($newuser)}

}

 

 

Reply
0 Kudos