WilliamLam.com

  • About
    • About
    • Privacy
  • VMware Cloud
  • Tanzu
    • Application Modernization
    • Tanzu services
    • Tanzu Community Edition
    • Tanzu Kubernetes Grid
    • vSphere with Tanzu
  • Home Lab
  • Nested Virtualization
  • Apple
You are here: Home / Automation / Using PowerCLI to automate the retrieval of VCSA Identity Sources

Using PowerCLI to automate the retrieval of VCSA Identity Sources

03.02.2020 by William Lam // 3 Comments

Similiar to automating the retrieval of the vCenter Server Appliance (VCSA) password policies using PowerCLI, we can extend that example and leverage the Guest Operations API via Invoke-VMScript cmdlet to also retrieve the identity sources configured for a given VCSA without requiring SSH access.

I have created a new VCSA.psm1 PowerCLI Module which now includes the previous Get-VCSAPasswordPolicy function along with the new Get-VCSAIdentitySource function which accepts the name of the VCSA VM and root password to the VM as shown in the screenshot below.

If you need to add a specific Identity Source such as an Active Directory Domain which you have joined the VCSA, you can simply use Invoke-VMScript cmdlet and pass in the following command:

/opt/vmware/bin/sso-config.sh -add_identity_source -type nativead -domain vmware.corp

More from my site

  • Can you really deploy the vCenter Server Appliance (VCSA) without DNS and NTP?
  • How to deploy the vCenter Server Appliance (VCSA) with a custom MAC Address?
  • How to exclude VCSA UI/CLI Installer from MacOS Catalina Security Gatekeeper?
  • Using PowerCLI to automate the retrieval of VCSA Password Policies
  • Is a DNS server still required when using a Static IP for VCSA?
Share this...
  • Twitter
  • Facebook
  • Linkedin
  • Reddit
  • Pinterest

Categories // Automation, PowerCLI, VCSA Tags // identity source, vcenter server appliance, vcsa

Comments

  1. Jason Hong-Turney says

    03/26/2020 at 9:45 pm

    I've only been waiting for forever for the option to add an AD domain during VCSA deployment/configuration, but I'm not seeing that sso-config.sh supports the option for -add_identity_source. Is this perhaps something that's in v7, and not v6.7?

    Reply
    • Jason Hong-Turney says

      03/26/2020 at 9:48 pm

      Yep, just confirmed for myself with the v7 RC3 build, sso-config.sh _does_ have a command for add_identity_source. Really wish this would get backported to 6.7 builds as well...

      Reply
      • William Lam says

        03/27/2020 at 4:53 am

        This HAS already been back ported to both 6.5/6.7 since last March 🙂 See https://kb.vmware.com/kb/67304 and this is how I'm using it in my 6.7 env

        Reply

Thanks for the comment! Cancel reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Search

Author

William Lam is a Senior Staff Solution Architect working in the VMware Cloud team within the Cloud Infrastructure Business Group (CIBG) at VMware. He focuses on Cloud Native technologies, Automation, Integration and Operation for the VMware Cloud based Software Defined Datacenters (SDDC)

Privacy & Cookies: This site uses cookies. By continuing to use this website, you agree to their use.
To find out more, including how to control cookies, see here: Cookie Policy

Connect

  • Email
  • GitHub
  • LinkedIn
  • RSS
  • Twitter
  • Vimeo

Support

Recent

  • A first look at the new vSphere+ & vSAN+ Cloud Service 07/01/2022
  • Quick Tip - Prepare VMware Photon OS for use with vSphere Guest OS Customization and cloud-init 06/29/2022
  • Using the new vSphere Guest OS Customization with cloud-init in vSphere 7.0 Update 3 06/27/2022
  • How to forcefully disconnect a vSphere VM Console session? 06/24/2022
  • Quick Tip - Using ESXi Scripted Installation (kickstart) to configure IPv6 networking 06/21/2022

Advertisment

Copyright WilliamLam.com © 2022

 

Loading Comments...