Wrote a couple handy scripts lately. First one checks for ISOs mounted on VMs, because if they are, you can't VMotion them (and then often have to shut the guest OS down - annoying!)
#! /bin/bash
rm -rf /root/isocheck.txt
touch /root/isocheck.txt
for host in `cat isohosts.txt`
do
echo $host
for vmx in `ssh $host vmware-cmd -l`
do
echo $vmx >> isocheck.txt
ssh $host grep -i 'ide0:0.startConnected\ \=\ \"true\"' $vmx >> isocheck.txt
done
done
I have MIME-Lite installed on this ESX box, which is a simple perl-based SMTP agent, it emails me this file afterwards.
The second script sets up all the options to authenticate accounts on an ESX server user a domain account (in this example, esxrangerservice). You need only do "useradd username" after this to allow new users to connect.
#!/bin/bash
/usr/sbin/esxcfg-firewall -o 88,tcp,out,KerberosClient
/usr/sbin/esxcfg-firewall -o 464,tcp,out,KerberosPasswordChange
/usr/sbin/esxcfg-auth --enablead --addomain=yourdomain.com --addc=yourDC.yourdomain.com
/usr/sbin/esxcfg-auth --enablekrb5 --krb5realm=yourdomain.com --krb5kdc=yourDC.yourdomain.com
cp /etc/pam.d/vmware-authd /etc/pam.d/vmware-authd.old
/usr/sbin/useradd esxrangerservice
echo "#%PAM-1.0" > /etc/pam.d/vmware-authd
echo "auth sufficient pam_unix_auth.so shadow nullok" >> /etc/pam.d/vmware-authd
echo "auth required pam_stack.so service=system-auth" >> /etc/pam.d/vmware-authd
echo "account required pam_stack.so service=system-auth" >> /etc/pam.d/vmware-authd
Subscribe to:
Post Comments (Atom)
1 comment:
This is exactly what I have been looking for. Works great!!
Brad Hearn
http://bradstechblog.com
Post a Comment