Authenticating to the NSX-T API via PowerShell

I've had the chance to work on some NSX-T scripting lately, as we work to integrate some other solutions with the tool.  I don't have a ton of experience with API access, but I have been slowly learning... and one of the big hurdles that I had to overcome was just figuring out how to authenticate with the system!  So, that's where I'm going to start here. First, let's talk about the basics of how authentication works when accessing the API.  To use Basic authentication, you need to put together your credentials in the format of "username:password" and pass them to NSX-T.  Since this is being passed through a web request and special characters could mess everything up, so you need to Base64 encode that authentication string.  Once you've got it encoded, you need to put that into the Headers of your requests so that NSX-T will know who you are.  So, let's look at how to actually do that process! First, I'm going to prepare two variables.  One wil

Using Powershell to Edit Substrings

On my 3D Printing blog , I recently realized that Blogger made a change to the way that images are displayed.  It used to show the full size image when you clicked it, but it has changed to only show a slightly larger version of the image.  That has almost no impact on this blog since I rarely post images, but I frequently write tutorials that have screenshots from Blender or PrusaSlicer... and it's pretty important that the settings in those images be legible!  Well, some google-fu revealed an easy work-around; just change the href links to point to a different subfolder, so that the full resolution image will be displayed.  That's great, except that manually editing the HTML from my blog posts and changing the file path is a highly repetitive and boring task... well, you see where this is going.  PowerShell to the rescue! I've done a fair amount of string manipulation with PowerShell, so I thought this was going to be a trivial task... but this one had a bit of a wrinkle

Using the NSX-T API

I've been writing some PowerShell scripts to automate NSX-T configuration lately, so I figured that I should put together a primer with notes about how to get started!  Firstly, if you're working with the API, you're going to want to be able to reference the official documentation .  There's a lot that can be done via the API, and that guide will tell you what calls to make to do most of it!  If you're like me and haven't spent a lot of time working with APIs before, that document will present a pretty steep learning curve... so I'm writing out my notes here, to make it easier for people to get started! At its most basic, using the API is just sending a web request to the NSX-T manager and then reading the response.  Since this is potentially sensitive information, you're going to have to authenticate with the server though, so you'll need to include a Header with that login information.  If you want to change anything, you're also going to need

Reporting Systems that use KMS

 I was helping a customer resolve an issue with their KMS server recently and we decided that we'd like to get a look at which systems were actually using it, instead of just looking at the total number of systems as displayed by slmgr /dlv.  I couldn't find any slmgr switches that looked like they'd generate a report with this data, but my customer pointed out that we could find it in the event logs (under the Key Management Service grouping), but that it'd be a pain to go through all of the events and pull out the client names.  Well, you can probably guess where this is going - I put together a quick script to do exactly that! This is a really quick and dirty script; I built it to run on the KMS server and generate a table with the client ID in one column and a list of client computer names in the other.  Why is it a list of client computer names?  Well, this particular customer is running a VDI environment and there can be a bit of a problem with KMS and Instant Clo

Problem while Connecting Horizon 7.12 to vCenter

I was setting up a quick Horizon 7.12 PoC environment and ran into a bit of trouble getting Horizon to talk to vCenter.  Every time I tried to add the vCenter server to the Horizon environment, I got an error: "Certificate validation failed" and gave me no option to accept the certificate.  This was more than a little confusing because the vCenter server had a proper certificate signed by the enterprise CA and we verified that our Connection Server, as a domain member, trusted that CA and could even browse to vCenter via the web browser with no certificate issues. So, I did what we all do in this sort of situation; I started digging through the the logs.  Eventually, I found the line that I needed in the C:\programdata\vmware\vdm\logs\debug-<date>.txt log file on the Connection Server (after searching for my vCenter server's name to help narrow down the contents of the log): "Permission to perform this operation was denied." Well, that struck me as int

Error during Pre-Checks for vCSA Upgrade from 6.0 to 6.7

Hi everyone - I was helping a customer upgrade their vCenter Server Appliance from 6.0 to 6.7 and we came across a bit of trouble.  During the pre-upgrade checks phase, our logs revealed these errors: No file found matching /etc/vmware/install-defaults/cm.url No file found matching /etc/vmware-vpx/ No file found matching /etc/vmware-vpx/vc-extn-cisreg.prop Googling around revealed some possible DNS related issues, but we doublechecked that all of our DNS records were good so figured that was unlikely to be the issue.  So, after some more unfruitful research, we decided to check on the current version of the vCenter server.  It was a very early version of 6.0.  Lacking further direction, we went ahead and used the management interface (via port 5480) to download the latest 6.0 updates.  After those were applied, we tried the 6.7 upgrade once again and everything went great! So, if you come across those error messages, you may just need to upgrade to a newer version o

Deploying the vCloud Director OVAs from the Command Line

I've recently had the opportunity to do some work with a vCloud Director deployment, which has been a lot of fun! We've been working on a lab environment at the moment, and we want the ability to quickly redeploy the lab now and we want to be able to reliably deploy a similar configuration into production later. So, to that end, I spent a bit of time figuring out how to deploy the VCD Appliance via the CLI, and I'm ready to share my results! I started by spending some quality time with the Deploying vCloud Director with the OVF Tool Guide  to get an idea about what options I was going to need. There's a lot of options in there, and there's a moderate amount of variety to their syntax! After looking over the various options, it looks like we can basically break down the option syntax into 3 parts: a Paramter, a Name, and a Value. Various options use these parts in different combinations. Let's look at these lines from their example: --allowAllExtraConfig --d