Automation

 View Only
  • 1.  Script for VMSA-2020-0023 to turn off CIM service on ESXi hosts

    Posted Nov 12, 2020 03:53 PM

    HI everyone,

     

    could someone please help me with a script that would turn off this CIM service. It needs the ability to run this on multiple hosts.

    Thank you



  • 2.  RE: Script for VMSA-2020-0023 to turn off CIM service on ESXi hosts

    Posted Nov 12, 2020 04:05 PM

    Are you referring to the procedure described in KB76372?



  • 3.  RE: Script for VMSA-2020-0023 to turn off CIM service on ESXi hosts

    Posted Nov 12, 2020 04:11 PM


  • 4.  RE: Script for VMSA-2020-0023 to turn off CIM service on ESXi hosts

    Posted Nov 12, 2020 04:12 PM

    Hello Luc,

    Yes that is the one.

    Thank you



  • 5.  RE: Script for VMSA-2020-0023 to turn off CIM service on ESXi hosts

    Posted Nov 12, 2020 04:48 PM

    If the conditions in the KB are met, you could use the following

     

    But be aware that this does not do the check if the SLP service is active.

    Further, the command to stop the service (/etc/init.d/slpd stop) will need to be done through an SSH session.
    The same goes for the command (chkconfig) to make the change persistent through reboots.

    For an SSH session, if that is an option for you, you can use the Posh-Sssh module.
    See for example my Use Posh-SSH instead of PuTTY dive.

     



  • 6.  RE: Script for VMSA-2020-0023 to turn off CIM service on ESXi hosts

    Posted Nov 12, 2020 04:55 PM

    Hello Luc,

     

    Than kyou very much, 

     

    Do you have script that does all of those functions?, Sorry I am not very knowledgeable with scripting. 

     

    Thank you



  • 7.  RE: Script for VMSA-2020-0023 to turn off CIM service on ESXi hosts
    Best Answer

    Posted Nov 12, 2020 05:25 PM

    There is a script I wrote in Re: PowerCLI - Workaround for OpenSLP security vul... - VMware Technology Network VMTN

    But there might be a problem, as the KB also mentions, with stopping the SLP service when it is in use.
    You might also want to have a look at Solved: Re: Do we need the SLP Service on Port 427 - VMware Technology Network VMTN for more background info on the procedure.



  • 8.  RE: Script for VMSA-2020-0023 to turn off CIM service on ESXi hosts

    Posted Nov 12, 2020 05:30 PM

    Hi Luc,

    Great!

    Thank you so much