VMware Host Profile Compliance Checks Using Powercli – VirtuallyThatGuy

Welcome to VirtuallyThatGuy – today we are going to discuss how to quickly check host profile compliance and export the results to a CSV. You can use windows task scheduler to auto schedule this and even get the csv to be sent via an email. I’m sure most of you know how to schedule a powershell script job in windows. I will try to cover this in a later post.

## Start-Transcript
Start-Transcript -Path C:\scripts\HostProfileComplianceChecks.txt 

## Set Variables

## Connect to vCenters 
Connect-VIServer uk3p-vc01.lab.local, ntcp-vc01.lab.local -User "rboadi@lab.local" -Password "StandUpIfYouHateTottenham"


$HostProfileDetails = @()
Foreach ($VMHost in Get-VMHost) {
   $HostProfile = $VMHost | Get-VMHostProfile
   if ($VMHost | Get-VMHostProfile) {
      $HP = $VMHost | Test-VMHostProfileCompliance
      If ($HP.ExtensionData.ComplianceStatus -eq "nonCompliant") {
         Foreach ($issue in ($HP.IncomplianceElementList)) {
            $Details = "" | Select VMHost, Compliance, HostProfile, IncomplianceDescription
            $Details.VMHost = $VMHost.Name
            $Details.Compliance = $HP.ExtensionData.ComplianceStatus
            $Details.HostProfile = $HP.VMHostProfile
            $Details.IncomplianceDescription = $Issue.Description
            $HostProfileDetails += $Details
         }
      } Else {
         $Details = "" | Select VMHost, Compliance, HostProfile, IncomplianceDescription
         $Details.VMHost = $VMHost.Name
         $Details.Compliance = "Compliant"
         $Details.HostProfile = $HostProfile.Name
         $Details.IncomplianceDescription = ""
         $HostProfileDetails += $Details
      }
   } Else {
      $Details = "" | Select VMHost, Compliance, HostProfile, IncomplianceDescription
      $Details.VMHost = $VMHost.Name
      $Details.Compliance = "No profile attached"
      $Details.HostProfile = ""
      $Details.IncomplianceDescription = ""
      $HostProfileDetails += $Details
   }
}
## Generate the report and export to a CSV 

$HostProfileDetails | Export-Csv -Path C:\scripts\HostProfileComplianceChecks.csv -NoTypeInformation


Stop-Transcript

## End of Script 

## Start-Transcript

Start-Transcript​​ -Path​​ C:\scripts\HostProfileComplianceChecks.txt​​ 

 

## Set Variables

 

## Connect to vCenters​​ 

Connect-VIServer​​ uk3p-vc01.lab.local,​​ ntcp-vc01.lab.local​​ -User​​ "rboadi@lab.local"​​ -Password​​ "StandUpIfYouHateTottenham"

 

 

$HostProfileDetails​​ =​​ @()

Foreach​​ ($VMHost​​ in​​ Get-VMHost) {

 ​​ ​​​​ $HostProfile​​ =​​ $VMHost​​ |​​ Get-VMHostProfile

 ​​ ​​​​ if​​ ($VMHost​​ |​​ Get-VMHostProfile) {

 ​​ ​​ ​​ ​​ ​​​​ $HP​​ =​​ $VMHost​​ |​​ Test-VMHostProfileCompliance

 ​​ ​​ ​​ ​​ ​​​​ If​​ ($HP.ExtensionData.ComplianceStatus​​ -eq​​ "nonCompliant") {

 ​​ ​​ ​​ ​​ ​​ ​​ ​​ ​​​​ Foreach​​ ($issue​​ in​​ ($HP.IncomplianceElementList)) {

 ​​ ​​ ​​ ​​ ​​ ​​ ​​ ​​ ​​ ​​ ​​​​ $Details​​ =​​ ""​​ |​​ Select​​ VMHost,​​ Compliance,​​ HostProfile,​​ IncomplianceDescription

 ​​ ​​ ​​ ​​ ​​ ​​ ​​ ​​ ​​ ​​ ​​​​ $Details.VMHost​​ =​​ $VMHost.Name

 ​​ ​​ ​​ ​​ ​​ ​​ ​​ ​​ ​​ ​​ ​​​​ $Details.Compliance​​ =​​ $HP.ExtensionData.ComplianceStatus

 ​​ ​​ ​​ ​​ ​​ ​​ ​​ ​​ ​​ ​​ ​​​​ $Details.HostProfile​​ =​​ $HP.VMHostProfile

 ​​ ​​ ​​ ​​ ​​ ​​ ​​ ​​ ​​ ​​ ​​​​ $Details.IncomplianceDescription​​ =​​ $Issue.Description

 ​​ ​​ ​​ ​​ ​​ ​​ ​​ ​​ ​​ ​​ ​​​​ $HostProfileDetails​​ +=​​ $Details

 ​​ ​​ ​​ ​​ ​​ ​​ ​​ ​​​​ }

 ​​ ​​ ​​ ​​ ​​​​ }​​ Else​​ {

 ​​ ​​ ​​ ​​ ​​ ​​ ​​ ​​​​ $Details​​ =​​ ""​​ |​​ Select​​ VMHost,​​ Compliance,​​ HostProfile,​​ IncomplianceDescription

 ​​ ​​ ​​ ​​ ​​ ​​ ​​ ​​​​ $Details.VMHost​​ =​​ $VMHost.Name

 ​​ ​​ ​​ ​​ ​​ ​​ ​​ ​​​​ $Details.Compliance​​ =​​ "Compliant"

 ​​ ​​ ​​ ​​ ​​ ​​ ​​ ​​​​ $Details.HostProfile​​ =​​ $HostProfile.Name

 ​​ ​​ ​​ ​​ ​​ ​​ ​​ ​​​​ $Details.IncomplianceDescription​​ =​​ ""

 ​​ ​​ ​​ ​​ ​​ ​​ ​​ ​​​​ $HostProfileDetails​​ +=​​ $Details

 ​​ ​​ ​​ ​​ ​​​​ }

 ​​ ​​​​ }​​ Else​​ {

 ​​ ​​ ​​ ​​ ​​​​ $Details​​ =​​ ""​​ |​​ Select​​ VMHost,​​ Compliance,​​ HostProfile,​​ IncomplianceDescription

 ​​ ​​ ​​ ​​ ​​​​ $Details.VMHost​​ =​​ $VMHost.Name

 ​​ ​​ ​​ ​​ ​​​​ $Details.Compliance​​ =​​ "No profile attached"

 ​​ ​​ ​​ ​​ ​​​​ $Details.HostProfile​​ =​​ ""

 ​​ ​​ ​​ ​​ ​​​​ $Details.IncomplianceDescription​​ =​​ ""

 ​​ ​​ ​​ ​​ ​​​​ $HostProfileDetails​​ +=​​ $Details

 ​​ ​​​​ }

}

## Generate the report and export to a CSV​​ 

 

$HostProfileDetails​​ |​​ Export-Csv​​ -Path​​ C:\scripts\HostProfileComplianceChecks.csv​​ -NoTypeInformation

 

 

Stop-Transcript

 

## End of Script​​ 

​​ 

 

VmhostComplianceHostProfileIncomplianceDescription
UK3P-ESXi01.lab.localcompliantUK3P-Prod-6.7-MasterProfile 
UK3P-ESXi02.lab.localnoncompliantUK3P-Prod-6.7-MasterProfileNTP configuration doesn’t match the specification 
UK3P-ESXi02.lab.localnoncompliantUK3P-Prod-6.7-MasterProfileDNS configuration doesn’t match the specification 
UK3P-ESXi02.lab.localnoncompliantUK3P-Prod-6.7-MasterProfileIPV6 vmknic gateway configuration doesn’t match specification
UK3P-ESXi03.lab.local no profile attached 

You May Also Like

About the Author: VirtuallyThatGuy

5 Comments

  1. with details:

    $HostProfileDetails = @()

    Foreach ($VMHost in Get-VMHost) {
    $HostProfile = $VMHost | Get-VMHostProfile
    if ($VMHost | Get-VMHostProfile) {
    $HP = $VMHost | Test-VMHostProfileCompliance
    If ($HP.ExtensionData.ComplianceStatus -eq “nonCompliant”) {
    Foreach ($issue in ($HP.IncomplianceElementList)) {
    $Details = “” | Select VMHost,Compliance,HostProfile,IncomplianceDescription,ProfileInstance,ComparisonIdentifier,HostValue,ProfileValue
    $HPFailrues = $HP.ExtensionData.Failure| Where {$_.ExpressionName -eq $issue.PropertyName} | select -ExpandProperty FailureValues
    $Details.VMHost = $VMHost.Name
    $Details.Compliance = $HP.ExtensionData.ComplianceStatus
    $Details.HostValue = “$($HPFailrues.HostValue)”
    $Details.ProfileValue = “$($HPFailrues.ProfileValue)”
    $Details.ProfileInstance = “$($HPFailrues.ProfileInstance)”
    $Details.ComparisonIdentifier = “$($HPFailrues.ComparisonIdentifier)”
    $Details.HostProfile = $HP.VMHostProfile
    $Details.IncomplianceDescription = $Issue.Description
    $HostProfileDetails += $Details
    }
    } Else {
    $Details = “” | Select VMHost,Compliance,HostProfile,IncomplianceDescription,ProfileInstance,ComparisonIdentifier,HostValue,ProfileValue
    $Details.VMHost = $VMHost.Name
    $Details.Compliance = “Compliant”
    $Details.HostProfile = $HostProfile.Name
    $Details.IncomplianceDescription = “”
    $HostProfileDetails += $Details
    }
    } Else {
    $Details = “” | Select VMHost,Compliance,HostProfile,IncomplianceDescription,ProfileInstance,ComparisonIdentifier,HostValue,ProfileValue
    $Details.VMHost = $VMHost.Name
    $Details.Compliance = “No profile attached”
    $Details.HostProfile = “”
    $Details.IncomplianceDescription = “”
    $HostProfileDetails += $Details
    }
    }

Leave a Reply

Your email address will not be published. Required fields are marked *