vSphere

VMware Event Broker Appliance (VEBA) v0.6.1

06.16.2021 by William Lam // Leave a Comment

It has only been about two months since our jammed packed v0.6 release of the VMware Event Broker Appliance (VEBA) solution but the adoption and feedback has been extremely well received by our community. Within the first week or so, we already had a number of folks who had successfully deployed the new version and we started to see new feature enhancements as well as a couple of defects which were quickly resolved. In addition to working through the Github Issues, the team also spent quite a bit of time on creating more example functions demonstrating how easy it is to author new Knative functions for VEBA across a number of different scripting and programming languages.

Today, we are excited to share a quick update with the release of VEBA v0.6.1 which is a dot release, but it certainly contains several new features that we believe the community can benefit from. For full change log, please refer to v0.6.1 release notes

Here are a few of the new highlighted features:

[Read more...]

Quick Tip - How to check password expiry for a specific vSphere SSO user?

06.04.2021 by William Lam // Leave a Comment

The default password expiry for vSphere Single-Sign On (SSO) users within the vCenter Server Appliance (VCSA) is 90 days and this of course be changed to match your organizations policy. Although the vSphere UI can remind you right before your password expires, you may want to manually check or proactively inventory this information periodically.

To do so, you will need to SSH to the VCSA and use the dir-cli command with --level 2 option to get additional details for a given vSphere SSO user as shown in the example below:

/usr/lib/vmware-vmafd/bin/dir-cli user find-by-name --account william --level 2
Account: william
UPN: william[a]VSPHERE.LOCAL
Account disabled: FALSE
Account locked: FALSE
Password never expires: FALSE
Password expired: FALSE
Password expiry: 8916 day(s) 2 hour(s) 39 minute(s) 30 second(s)

In this particular environment, I have the vSphere SSO password expiry configured to 9000 days and as we can see for this user, there is ~8916 days left before the password expires.

For those looking to automate this, it looks like this is currently only possible using dir-cli but I have submitted a feature request to the recently released PowerCLI vSphere SSO Module to see if this information can also be included in the Get-SsoPersonUser cmdlet. If you need to retrieve the current configured vSphere SSO password expiry, you can use ldapsearch command within the VCSA or the Get-SsoPasswordPolicy cmdlet.

Updated Character Limits for vSphere Objects

04.22.2021 by William Lam // 1 Comment

I recently saw a question asking about the character limit for the various vSphere Inventory Objects like a Datacenter or Virtual Machine as an example. I was not aware of anything formally documented, but I did come across this 2018 blog post by fellow colleague Todd Simmons, who did some testing with vSphere 6.7 and shared his initial results.

I was curious myself on whether these limits have changed but I also noticed there were many other vSphere Objects that were not tested. I figured this would be an interesting exercise to re-evaluate against the latest vSphere 7.0 Update 2 release and using some PowerShell code like the following to help:

$str = "w" * 80

Below are my findings which have been verified using the vSphere UI and I have also expanded the object list to cover more recent solutions such as vSphere with Tanzu.

[Read more...]