vRO: Securing Your PowerShell Execution and Password in vRO (SKKB1035)

It’s only fair to share… In this blog post we will take a look at how we can secure your end to end PowerShell Execution from vRO. Including how not to show passwords when using CredSSP in a double-hop authentication scenario. Lab Environment Introduction UseCase 1 (least secure) UseCase 2 UseCase 3 (most secure) Securing Read more about vRO: Securing Your PowerShell Execution and Password in vRO (SKKB1035)[…]

How to Add a Linux Machine as PowerShell Host in vRO (Linux PS over SSH) (SKKB1030)

It’s only fair to share… In this article we will look into the alpha version of PowerShell v6 for both Linux and Windows. We will show how to execute PowerShell commands between Linux and Windows machines and Vmware vRealize Orchestrator (vRO) Introduction Lab Environment Installing and Configuring PowerShell 6 Setup on Windows Setup on Linux Read more about How to Add a Linux Machine as PowerShell Host in vRO (Linux PS over SSH) (SKKB1030)[…]

Troubleshooting Tips: Orchestrator PowerShell Plug-in (SKKB1028)

It’s only fair to share… In this post we will take a look at some at some common issues that one might experience when using the VMware vRealize Orchestrator (vRO) PowerShell Plug-In and especially when using HTTPS protocol or Kerberos authentication for the PowerShell host (PSHost). Introduction Lab Environment Background and General Conciderations Troubleshooting issues Read more about Troubleshooting Tips: Orchestrator PowerShell Plug-in (SKKB1028)[…]

Wrong encoding or formatting of Linux configuration files can cause problems in VMware Appliances (SKKB1017)

It’s only fair to share… Introduction Lab Environment Use Case: Malformed Krb5.conf file Introduction Correctly encoded and formated file Malformed file Fixing a malformed file vRO (Add A PowerShell Host) Workflow fails with “cannot locate default realm” error Introduction In this blog post we will look into some use cases that can lead to malformed Read more about Wrong encoding or formatting of Linux configuration files can cause problems in VMware Appliances (SKKB1017)[…]

How to build vRO PowerShell Host (PSHost) for high availability (HA) (SKKB1016)

It’s only fair to share… Introduction Lab Environment Initial Windows Cluster setup Clustering the WinRM service Adding the cluster to vRO Test vRO PowerShell execution and cluster failover Introduction In this post we will take a look how to build and configure a highly available PowerShell host for vRO. The vRO PSHost has always been Read more about How to build vRO PowerShell Host (PSHost) for high availability (HA) (SKKB1016)[…]

Introducing the Add CredSSP to a PowerShell script (vROCmdlet) workflow (SKKB1015)

It’s only fair to share… Introduction Lab Environment Getting the vROC workflow Examining the tabs Examining the Settings Presentation Tab Examining the Connection Presentation Tab Use Case 1: Execute PowerShell command locally on the PShost against the PSHost itself Use Case 2: Invoke PowerShell command locally on the PSHost against remote computer Use Case 3: Read more about Introducing the Add CredSSP to a PowerShell script (vROCmdlet) workflow (SKKB1015)[…]

Adding vCO Powershell Host with account other than the default domain administrator account (SKKB1005)

It’s only fair to share… In this post we will take a look how we can we add a vCO powershell host with account other than the default domain administrator account. Also we will take a look how to generally configure which accounts and user groups can remotely execute powershell commands in Windows. This post Read more about Adding vCO Powershell Host with account other than the default domain administrator account (SKKB1005)[…]

Using CredSSP with the vCO PowerShell Plugin (SKKB1002)

It’s only fair to share… Lab Environment Introduction Security Considerations Configure WinRM and user token delegation (CredSSP). Configure Windows Credential Delegation using the Credential Security Service Provider (CredSSP) module. Configure Windows service principal names (SPN’s) for WinRM Grant WinRM service access to the private key of valid certificate Edit the Kerberos Domain realm on the Read more about Using CredSSP with the vCO PowerShell Plugin (SKKB1002)[…]