PowerCLI :: Update VM IP Addresses without runas administrator


Hello Friends, Yet another issue I have faced recently on updating the server VM IP address through powerCLI without running console or remote in to server.

Situation was we were moving our existing production VMware environment from  one hardware solution another, vmotion of the VM from one vCenter to another failed for few servers due to improper configuration of VLAN and its trunking.

 

With thousands of VMs and hundreds of port group, it is tough to figure out the missing VLAN on the target environment,  We have come up with a solution migrate a test VM to new environment and reconfigure this VM with all available port group and respective IP for checking the availability.

We have created a script as shown below

# ————————————- Start Script # ————————————

Add-PSSnapin VMware.VimAutomation.Core

Connect-VIServer -Credential (Get-Credential -Message “Credential to connect Vcenter server eg:\”)

$Cred = Get-Credential -Message “Credential to connect VM Guest eg: <TESTVM>\admin”

do

{

$IPSwitch = Read-host “Enter dvSwitch name”

$IP = Read-host “Enter IP address”

$Subnet = Read-host “Enter subnetmask”

$gatew = Read-host “Enter gatway details”

get-vm | Get-NetworkAdapter | Set-NetworkAdapter -NetworkName $IPSwitch -Confirm:$false

$netsh = “c:\windows\system32\netsh.exe interface IP set address Ethernet static $IP $Subnet $gatew”

 

Invoke-VMScript -VM -GuestCredential $Cred -ScriptType bat -ScriptText $netsh

Write-Host “Do you want to Continue checking VLAN? ” -ForegroundColor green  -NoNewline

Write-Host ” ‘Y’ for Yes and ‘N’ for No” -ForegroundColor Yellow  -NoNewline

$continueee = Read-Host “:”

}

until ($continueee -eq “N”)

# ————————————- End Script # ————————————

It was failing, it end up with an access denied error “The requested action requires elevated privileges”

vcli3

We tried to pass all the possible option to pass it is as a runas credential but failed.

At last we decided to drop the UAC (User access control ) to low

vcli

 

Situation was not changed even after reboot, later we figured out,  “We must turn off UAC via registry by changing the DWORD EnableLUA from 1 to 0 in HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system. And reboot it to take effect. Did the same and that did the trick.

We were able to test 100+ portgroups and its network access within one hour.

Note:

Used below command on old and new vcenter to gather portgroup and VLAN information

Get-VDPortgroup | ?{$_.Datacenter -eq “”} | select Name, VLAN configuration

And IP range for each VLAN from network team

 

 

 

 

 

 

 

 

Leave a Reply

Fill in your details below or click an icon to log in:

Gravatar
WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Cancel

Connecting to %s