Hi there
Does anyone know how to set/enable SecureBoot on PowerCLI?
I can see the below on one of the Forums but this only sets to EFI firmware and doesn't enable Secure Boot
$vm = Get-VM TestVM
$spec = New-Object VMware.Vim.VirtualMachineConfigSpec
$spec.Firmware = [VMware.Vim.GuestOsDescriptorFirmwareType]::efi
$vm.ExtensionData.ReconfigVM($spec)
Thanks
Try like this
$vm = Get-VM TestVM
$spec = New-Object VMware.Vim.VirtualMachineConfigSpec
$spec.Firmware = [VMware.Vim.GuestOsDescriptorFirmwareType]::efi
$boot = New-Object VMware.Vim.VirtualMachineBootOptions
$boot.EfiSecureBootEnabled = $true
$spec.BootOptions = $boot
$vm.ExtensionData.ReconfigVM($spec)
Blog: lucd.info Twitter: @LucD22 Co-author PowerCLI Reference
Try like this
$vm = Get-VM TestVM
$spec = New-Object VMware.Vim.VirtualMachineConfigSpec
$spec.Firmware = [VMware.Vim.GuestOsDescriptorFirmwareType]::efi
$boot = New-Object VMware.Vim.VirtualMachineBootOptions
$boot.EfiSecureBootEnabled = $true
$spec.BootOptions = $boot
$vm.ExtensionData.ReconfigVM($spec)
Blog: lucd.info Twitter: @LucD22 Co-author PowerCLI Reference
Thanks for the reply
Unfortunately it doesn't recognise the EfiSecureBootEnabled option:
The property 'EfiSecureBootEnabled' cannot be found on this object. Verify that the property exists and can be set.
At C:\Scripts\SecureBoot.ps1:11 char:1
+ $boot.EfiSecureBootEnabled = $true
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+ CategoryInfo : InvalidOperation: (:) [], RuntimeException
+ FullyQualifiedErrorId : PropertyAssignmentException
That property requires vSphere API 6.5.
Are you on that version?
Blog: lucd.info Twitter: @LucD22 Co-author PowerCLI Reference
And which PowerCLI version are you using?
Blog: lucd.info Twitter: @LucD22 Co-author PowerCLI Reference
Ah unfortunately PowerCLI v6.0
PowerCLI C:\> Get-PowerCLIVersion
PowerCLI Version
----------------
VMware vSphere PowerCLI 6.0 Release 2 build 3056836
---------------
Component Versions
---------------
VMWare AutoDeploy PowerCLI Component 6.0 build 2358282
VMWare ImageBuilder PowerCLI Component 6.0 build 2358282
VMware vSphere PowerCLI Component 6.0 build 3052101
VMware Cloud Infrastructure Suite PowerCLI Component 6.0 build 3052101
VMware VDS PowerCLI Component 6.0 build 3052101
VMware vCloud Director PowerCLI Component 6.0 build 3041812
VMware HA PowerCLI Component 6.0 build 2591578
VMware License PowerCLI Component 6.0 build 2998043
VMware vCloud Air PowerCLI Component 6.0 build 3041812
VMware PowerCLI Component for Storage Management 6.0 build 2966225
VMware vROps PowerCLI Component 6.0 build 3056837
VMware vSphere Update Manager PowerCLI 6.0 build 2943165
Thank you
Can you upgrade your PowerCLI version, the version you are using doesn't include the 6.5 framework afaik.
See Welcome PowerCLI to the PowerShell Gallery – Install Process Updates
Blog: lucd.info Twitter: @LucD22 Co-author PowerCLI Reference
How can I modify this just to check if any hosts/VM's are enable for secure mode?
Try with
Get-VM |
Select Name,
@{N='EFISecureBootEnabled';E={$_.ExtensionData.Config.BootOptions.EfiSecureBootEnabled}}
Blog: lucd.info Twitter: @LucD22 Co-author PowerCLI Reference
Thanks Luc. I was trying to over-engineer it, this is much simpler. Cheers!