WilliamLam.com

  • About
    • About
    • Privacy
  • VMware Cloud Foundation
  • VKS
  • Homelab
    • Hardware Options
    • Hardware Reviews
    • Lab Deployment Scripts
    • Nested Virtualization
    • Homelab Podcasts
  • VMware Nostalgia
  • Apple

Setup HTTPS for OIDC endpoint with Authentik and Keycloak for vCenter Server or VCF Identity Federation

02.13.2025 by William Lam // Leave a Comment

If you have been following my recent adventures in playing with both Authentik and Keycloak as an OAuth/OIDC Identity Provider (IdP) for use with vCenter Server or VMware Cloud Foundation (VCF) Identity Federation, you can take it one step further and authenticate with a Yubico YubiKey or Apple Face ID for additional security.

In my original setup, the OIDC endpoint provided by both Authentik and Keycloak was using HTTP and works perfectly fine with both vCenter Server and SDDC Manager for a VCF-based environment. With that said, if you have a requirement to serve the OIDC endpoint over HTTPS, which is a requirement for using WebAuthn (e.g. YubiKey, Face Id, etc), then some additional configurations are required on both the identity provider as well on the vCenter Server side depending on the type of TLS certificate you are using.

[Read more...]

Categories // VCSA, VMware Cloud Foundation, vSphere, vSphere 8.0 Tags // Authentik, Identity Provider, Keycloak, OAuth, OIDC, vCenter Server

Quick Tip - Auditing ESXi boot firmware type

02.10.2025 by William Lam // Leave a Comment

I had a customer that recently reached out asking how they could easily audit their entire ESXi infrastructure to determine which hosts was still booting using the legacy BIOS firmware, which has been deprecated and will be removed in a future vSphere release, in favor of the industry standard UEFI firmware type.

In vSphere 8.0 Update 2, a new vSphere API property called firmwareType was introduced and added to the ESXi Hardware BIOS info object that makes it very simple to retrieve with the following PowerCLI 1-Liner:

(Get-VMHost).ExtensionData.Hardware.BiosInfo

Here is an example output for an ESXi host booting with UEFI firmware:


Here is an example output for an ESXi host booting with BIOS firmware:


Since this vSphere API property was recently introduced in vSphere 8.0 Update 2, if you attempt to use this on an ESXi host that is not running 8.0 Update 2, then you will see the field being blank if you are using a newer release of PowerCLI that understands this new property or it will simply not show if you are using an older version of PowerCLI.


Alternatively, if you still need to retrieve this information, you can go directly to ESXi host via SSH, not ideal but you can use the following VSISH command to retrieve this exact information:

vsish -e get /hardware/firmwareType

Categories // Automation, ESXi, PowerCLI Tags // bios, ESXi, firmware, UEFI

Updated vSphere Login UI customizations for vSphere 7.x & 8.x

02.04.2025 by William Lam // 2 Comments

It has been more than a decade since the vSphere UI has transition to an HTML-based interface and while not officially supported, users do have the ability to customize the login screen for a variety of use cases from internal disclaimers and compliance to customer branding as I have demonstrated in the past.

Although the general modification process has mostly stayed consistent, there has been subtle changes across vCenter Server releases which I have blogged about here, here and here.

I recently had a few folks ask whether the previous guidance was still applicable to the latest vCenter Server releases and given the previous articles were focused on vSphere 6.0 and 6.5, I figured its time for an update 🙂

Disclaimer: This is not officially supported by VMware, please use at your own risk.

Here is an example of one of my development vCenter Servers running the latest 8.0 Update 3 release ... I wonder if would make the cut as a feature enhancement for a default theme? 😅

via GIPHY

[Read more...]

Categories // VCSA, vSphere 7.0, vSphere 8.0 Tags // VCSA, vSphere UI

  • « Previous Page
  • 1
  • …
  • 7
  • 8
  • 9
  • 10
  • 11
  • …
  • 561
  • Next Page »

Search

Thank Author

Author

William is Distinguished Platform Engineering Architect in the VMware Cloud Foundation (VCF) Division at Broadcom. His primary focus is helping customers and partners build, run and operate a modern Private Cloud using the VMware Cloud Foundation (VCF) platform.

Connect

  • Bluesky
  • Email
  • GitHub
  • LinkedIn
  • Mastodon
  • Reddit
  • RSS
  • Twitter
  • Vimeo

Recent

  • Automating the vSAN Data Migration Pre-check using vSAN API 06/04/2025
  • VCF 9.0 Hardware Considerations 05/30/2025
  • VMware Flings is now available in Free Downloads of Broadcom Support Portal (BSP) 05/19/2025
  • VMUG Connect 2025 - Minimal VMware Cloud Foundation (VCF) 5.x in a Box  05/15/2025
  • Programmatically accessing the Broadcom Compatibility Guide (BCG) 05/06/2025

Advertisment

Privacy & Cookies: This site uses cookies. By continuing to use this website, you agree to their use.
To find out more, including how to control cookies, see here: Cookie Policy

Copyright WilliamLam.com © 2025

 

Loading Comments...