Bulk Edit NTP servers in vSphere using PowerCLI

Props to the following blog on these steps.  He did a great write up.
Bulk configure NTP for vSphere hosts using PowerCLI

Whether you need to bulk edit or enable NTP on your hosts the following script will do the job through PowerCLI

First connect to your vcenter using PowerCLI.  Once that is done run the following lines of code.  Replace time1 and time2 with appropriate IP or fully qualified names for your domain.  This will set the NTP server and start the services.

Get-VMHost | Add-VMHostNtpServer time1-FQDN
Get-VMHost | Add-VMHostNtpServer time2-FQDN
Get-VMHost | Get-VMHostFirewallException | where {$_.Name -eq “NTP client”} | Set-VMHostFirewallException -Enabled:$true
Get-VMHost | Get-VmHostService | Where-Object {$_.key -eq “ntpd”} | Start-VMHostService
Get-VMhost | Get-VmHostService | Where-Object {$_.key -eq “ntpd”} | Set-VMHostService -policy “automatic”


Enable SSH across all vmHosts

I had the need to enable SSH on all my hosts to make configuration changes.  Instead of manually going to each host and enabling the service I searched for a powercli command.  I was able to find the following little snipit – and it did exactly what I wanted

Get-VMHost | Get-VMHostService | Where { $_.Key -eq “TSM-SSH”} | Start-VMHostService

This rolled through each host in the cluster and turned on the service.

When I was done I changed start to stop and turned off SSH across all the hosts.


Powershell to the rescue – Setting MTU size on a vmkernel port

During an implementation of Cisco UCS – one of the vmkernel ports on a standard switch was acting funny – it wasn’t getting set to the desired  MTU of 9000.  What made it odd is other kernel ports on that same switch were setting themselves correctly.  To resolve this – PowerShell to the rescue.  A quick search of google lead me to a post by Martijn Smit.  His blog post came in very handy as it provided the context of setting MTU for either a port group a vSwitch  or a standard switch.  In my case I was only worried about setting it on a VMKernel port.

From your vcenter you can capture the appropriate vmk port you need to set.  From PowerCLI

$vmkernel = GetVMHostNetworkAdapter Name vmk0 VMHost (GetVMHost Name esxi01.lab.local)
SetVMHostNetworkAdapter VirtualNic $vmkernel MTU 9000

Determine ESXi / ESX host versions

How often are you looking to see if all your ESX hosts are at the same revision level?  Did one get left behind, or did someone run odd updates against one and you are trying to figure out the out one out?

This is very easy to find via PowerCLI.  Once you are authenticated to one or many vcenter instances (connect-viserver) you can run one of the following commands – it really depends how much data you want to capture.

getview ViewType HostSystem -Property Name,Config.Product | select Name,{$_.Config.Product.FullName}
This will give you output similar to:
Name $_.Config.Product.FullName
—- ————————–
mnepesx35p.corporate.ltcg.com VMware ESXi 6.0.0 build-3825889
mnepesx22-p.corporate.ltcg.com VMware ESXi 6.0.0 build-3825889


getview ViewType HostSystem -Property Name,Config.Product | foreach {$_.Name, $_.Config.Product}
This will give you output similar to:
Name : VMware ESXi
FullName : VMware ESXi 6.0.0 build-3825889
Vendor : VMware, Inc.
Version : 6.0.0
Build : 3825889
LocaleVersion : INTL
LocaleBuild : 000
OsType : vmnix-x86
ProductLineId : embeddedEsx
ApiType : HostAgent
ApiVersion : 6.0
InstanceUuid :
LicenseProductName : VMware ESX Server
LicenseProductVersion : 6.0

Both could be tagged with a >filename at the end if you wish to save to a file versus output to the console screen.


Credit to vmdev.info’s post found here.


PowerShell to find recently changed accounts

There is so much a sysadmin can do with PowerShell.  This is some code I captured from someone’s site  on seeing what accounts have been changed in the last -x days.  Simply change the value after AddDays to the time frame you want – this will give you all accounts that have changed within that window.

Get-ADUser -LDAPFilter {(useraccountcontrol:1.2.840.113556.1.4.803:=2)} -Properties whenChanged | Where-Object {$_.whenChanged -gt (Get-Date).AddDays(-3)} | Select-Object Name, whenChanged

I’ll try to do better in the future with ping backs, but for this post – sorry dude who I got this from – you will be unknown.


This is the post excerpt.

I’ll be using the blog to document hints and tricks I’ve found / created / used over the years.  I’ve been focusing on vmware and sharepoint for the past 5 years working in IT.  It about time I get some of these things off of notes and into somewhere more flexible.