Automation

 View Only
  • 1.  Issue with New-VIPermission and ESXi 8 local perms

    Posted Jun 11, 2024 03:13 PM

    Hi,

    I'm setting up some new ESXi 8 based servers and when I try to use PowerCLI to setup local AD user access, it fails.

    This works fine on ESXi 7 and was wondering if I'm missing a new requirement.

        $VIServer = Connect-VIServer -Server $VMHost -User $user -Password $pass
        $VMFolder = Get-Folder -Name root -Server $VIServer
        New-VIPermission -Entity $VMFolder -Principal 'domain\esx_readonly' -Role ReadOnly -Server $VIServer

    New-VIPermission : 6/11/2024 2:01:38 PM New-VIPermission                A general system error occurred: Error accessing directory: Can't set LDAP options.
    At line:1 char:1
    + New-VIPermission -Entity $VMFolder -Principal "domain\esx_readonly ...
    + ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
        + CategoryInfo          : NotSpecified: (:) [New-VIPermission], SystemError
        + FullyQualifiedErrorId : Client20_VmHostServiceImpl_RetrieveUserGroups_ViError,VMware.VimAutomation.ViCore.Cmdlets.Commands.PermissionManagement.NewVIPermission
     
    New-VIPermission : 6/11/2024 2:01:38 PM New-VIPermission                Could not find VIAccount with name 'domain\esx_readonly'.
    At line:1 char:1
    + New-VIPermission -Entity $VMFolder -Principal "domain\esx_readonly ...
    + ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
        + CategoryInfo          : ObjectNotFound: (domain\esx_readonly:String) [New-VIPermission], VimException
        + FullyQualifiedErrorId : Core_ObnSelector_SelectObjectByNameCore_ObjectNotFound,VMware.VimAutomation.ViCore.Cmdlets.Commands.PermissionManagement.NewVIPermission

    PowerCLI Version
    ----------------
       VMware.PowerCLI 13.2.1 build 22851661
    ---------------
    Component Versions
    ---------------
       VMware Common PowerCLI Component 13.2 build 22643733
       VMware Cis Core PowerCLI Component PowerCLI Component 13.2 build 22643734
       VMware VimAutomation VICore Commands PowerCLI Component PowerCLI Component 13.2 build 22643732

    I verified the node is added properly to AD and if I try to manually add the group/role via ESXi Host Client, it works as expected.



  • 2.  RE: Issue with New-VIPermission and ESXi 8 local perms

    Posted Jun 12, 2024 12:52 AM

    To make sure, are you having a vCenter?



    ------------------------------


    Blog: lucd.info  Twitter: @LucD22  Co-author PowerCLI Reference


    ------------------------------



  • 3.  RE: Issue with New-VIPermission and ESXi 8 local perms

    Broadcom Employee
    Posted Jun 12, 2024 12:56 AM

    Hi SCrlove, 

    Thank you for your feedback. This is a known issue, and it has already been reported to the ESX team.




  • 4.  RE: Issue with New-VIPermission and ESXi 8 local perms

    Posted Jun 12, 2024 12:29 PM

    Thanks for that update.

    Is there any workaround or impending fix?




  • 5.  RE: Issue with New-VIPermission and ESXi 8 local perms

    Broadcom Employee
    Posted Jun 13, 2024 02:34 AM

    At this point there is no workaround. Will follow up, when updates are available.