Securing VMware Tools

Similar Questions

• Need for security upgrade VMware Tools?

  Hello, Im using a VMware environment that runs a good handful of Linux VM.  We're running 5.1 VMware update 3 on all hosts.

  Im not a Linux guy and im going to have to start learning more about Linux, but I've noticed to allocate to the virtual machine is here who have Linux, either do not have VMware tools installed, or are obsolete.  Its mix of Red Hat Enterprise 6, SUSE Linux 11, CentOS 4/5/6/7 and Ubuntu.

  My first concern is security, from a point of view security should I get these Linux VM up to date with the latest VMware tools, or else get installed on it?

  A feature point of view im says that the virtual machine is working well.

  Thank you

  Mike

  Hi Defrogger,

  I have a small number of Linux virtual machines in my environment and I have VMware tools installed, its always good to keep up to date.

  They also provide the required drivers for the VM Client interact with the reliable ESXi host. This interface allows also ESXi host be able to check on the health of the client VM during its operation.

  Here's a link below to help you install vmware tools on linux servers

  VMware Tools for Linux clients

  Rob

• vCenter 5.5 change VMware Tools for push-to-VM

  We use vShield endpoint and Trend Micro Deep Security 9 for the protection of the virtual machine

  You can change vmware tools to include pilot and void VMCI / content? (Also takes a reboot)

  Then push to selected VM instead of the manual way. At approximately 300 vm

  Check if help: Add Vmtools vShield drivers for Endpoint Protection on ESX VM - Bonus Bits Wiki

• What happened to the Repo of VMWare tools?

  It worked literally 2 days ago and I've synced it with our internal repo. Now he's dead and I was wondering if someone at - he heard of this. It is quite convenient to have a place to enter the VMWare tools and get them installed at the same time, the operating system is installed.

  http://packages.VMware.com/tools/ESX/5.5U2/rhel6/x86_64/index.html

  They have changed something in their security settings I guess. I saw it for a few days.

  You can't browse the server more, but when you know the direct path it still works.

  If you delete the / index.html to your link, for example, it works:

  Index of /45848/tools/esx/5.5u2/rhel6/x86_64

  Tim

• Windows Server 2008 Enterprise R2 VMware tools installation - "device installation was prevented by a strategy."

  P2V'ed a Windows 2008 R2 Enterprise Server using the stand-alone converter. Converted OK, can launch the machine in 10 Workstation, log with the ID of the administrator, but no network adapter or mouse. Several web search performance of the possible solutions for this - change the local security policy to everyone, the services to disable Ctrl-M - they have not worked with me. After several uninstall, re-installation of VMware tools (manually via the keyboard navigation for the update of the operating system host by mapping shared folders), now when the machine starts I see in the system, try "device installation was prevented by a policy." Do not see anything particularly related to, with this verbiage, at the request of Windows and security logs events. In addition, the physical machine has been sent, is no longer available unfortunately, but I think that it is just config and can be corrected.

  Any help appreciated in advance.

  1. Change the strategy of Local computer, computer, Configuration models of administration, system, Device Installation Restrictions of Installation of device to ' not configured.'
  2. Delete all the USB unknown devices in Device Manager, then do a search for the hardware changes.

  Both of the above have been made manually via the keyboard navigation, but analysis of changes of material made me my mouse back and let me launch the installation of VMware tools.

  Woot!

• Time-out error waiting for VMware Tools start in the prompt

  Hello people,

  I used PowerCLI 5.5 Release 1 connection to my 5.1.036098 vcenter (ESXi host 5.1.0 1065491 management).

  I'm connected (non secure warning) and be able to start the virtual machines.

  I try to run a task on the network of a VM VMware documentation example below interface.

  The first two commands work fine, but finally it fails with the error below.

  I upgraded VMware tools and hardware to the latest version.

  $vm1 = get-VM-name VM1

  $guest = get-VMGuest $vm1

  $interface = get-VMGuestNetworkInterface - VMGuest $guest - GuestUser password1 administrator - GuestPassword - ToolsWaitSecs 100

  Timeout error while you wait for VMware tools start in the comments.

  
  

  Someone at - it suggestions?

  Thank you

  romatlo

  The 3rd line to access the guest OS via VMware tools that must be installed in the virtual machine.

  There are a number of other prerequisites to be able to make that kind of call.

  See my work Will Invoke-VMScript? post.

• install Vmware Tools without rebooting

  We need to update the VMware Tools automatically without a reboot. The reboot will be during a security patch deployment.

  What is the procedure for that. ?

  Check out http://kb.vmware.com/kb/1018377 for command-line syntax, or manually, use the Upgrade of interactive tools and choose not to restart. Automatic upgrade tools will restart without asking for confirmation.

• How to enable shared folders on VMWare Tools under ESX4

  On a windows server is running on a host ESX 4, VMWare Tools reports that the shared folders are currently disabled on the host.

  How enable and use it?

  Hello

  (VMware Shared Folders) vmhgfs driver will not work with ESX or ESXi, it is only for the workstation, Fusion, a player of nd. I would put in a virtual firewall that denies all access and dev environment, until you're ready to share data.

  You can then open a port on the firewall and have a system to capture these data via the port. The alternative is to use something like a Keyspan USB hub IP and write data on a USB key, and then physically move to the side of the "production" of the House.

  In general I find instead of much easier virtual firewall... VMsafe even won't work here.

  Best regards
  Edward L. Haletky VMware communities user moderator, VMware vExpert 2009

  URL = http://www.virtualizationpractice.com Virtualization practice analyst [url]
  Now available: url = http://www.astroarch.com/wiki/index.php/VMware_Virtual_Infrastructure_Security'VMware vSphere (TM) and Virtual Infrastructure Security' [/ URL]
  Also available url = http://www.astroarch.com/wiki/index.php/VMWare_ESX_Server_in_the_Enterprise"VMWare ESX Server in the enterprise" [url]
  [url =http://www.astroarch.com/wiki/index.php/Blog_Roll] SearchVMware Pro [url] | URL = http://www.astroarch.com/blog Blue Gears [url] | URL = http://www.astroarch.com/wiki/index.php/Top_Virtualization_Security_Links Top security virtualization [url] links |
  [url =http://www.astroarch.com/wiki/index.php/Virtualization_Security_Round_Table_Podcast] virtualization Security Table round Podcast [url]

• Sharing folders VMWare Tools

  So this isn't really a question but a survey.

  Since ESX 2.5 when having shared folders enabled on a workgroup server has prevented you from a domain controller promotion (workaround was to join to the first domain) I have always done a custom install, tools and deleted shared folders.  In VServer I see as useful to have, but I can't understand why you would need it in ESX Server.  I never need in the environment, I was successful.

  Anyone using the option of shared folders in ESX environments and if not... Maybe VMWare should remove it as a default installation option (or just remove it altogether I assumed)

  So any that use shared folders if they install by default and if remove you it, why...

  Hello

  NEVER leave the VMHGFS and ESX host. This could be very bad from a security perspective. The only "VM Escape" for VMware products on disc is also due the VMHGFS within the workstation. ESX must never be a universal file server.

  Probably cause VMware Tools can be 'universal' for VMware virtualization products.

  This is the real reason. There is a single source for VMware Tools now, so it includes elements for Workstation, Server, and ESX.

  For awhile, there was a bug report on VMware Tools on edit fstab to accommodate the vmhgfs even if it is not built or used in ESX. This is a bug, etc.

  Best regards, Edward L. Haletky VMware communities user moderator, VMware vExpert 2009, url = http://www.dabcc.com/channel.aspx?id=279DABCC analyst [url]
  "Now available on Rough Cuts: url = http://www.astroarch.com/wiki/index.php/VMware_Virtual_Infrastructure_Security' VMware vSphere (TM) and Virtual Infrastructure Security: ESX security and virtual environment ' [url]
  Also available url = http://www.astroarch.com/wiki/index.php/VMWare_ESX_Server_in_the_Enterprise"VMWare ESX Server in the enterprise" [url]
  [url =http://www.astroarch.com/wiki/index.php/Blog_Roll] SearchVMware Pro [url] | URL = http://www.astroarch.com/blog Blue Gears [url] | URL = http://www.astroarch.com/wiki/index.php/Top_Virtualization_Security_Links Top security virtualization [url] links | URL = http://www.astroarch.com/wiki/index.php/Virtualization_Security_Round_Table_Podcast Virtualization Security Table round Podcast [url]

• error general system when installing vmware tools

  Hello world

  "I converted two servers today and it went well except that when I try to install vmware tools I get the message" an error General sysytem ' internal error.

  the windows.iso file is not in the folder vmimages sos I think that's the problem. is that correct? I have the vmware cd in the drive, no idea how to recover the iso in directory and this causes my error?

  My two vms have connections of 10 MB and I need them for Monday morning, any help is greatly appreciated. my support is with dell and they told me today they have no experts in vmware at the weekend? (ill b that resuming Monday morning to our account mgr)

  Hello

  Transferred to the virtual machine and OS forum comments.

  You get the error then 'install' or 'mount' the ISO image?

  Also, you go through and remove all equipment and unused hardware drivers of your virtual machine after the P2V?

  Best regards
  Edward L. Haletky
  VMware communities user moderator, VMware vExpert 2009
  ====
  Author of the book ' VMWare ESX Server in the enterprise: planning and securing virtualization servers, Copyright 2008 Pearson Education.
  Blue gears and SearchVMware Pro items - top of page links of security virtualization - Security Virtualization Round Table Podcast

• Update the VMware Tools without installing gcc

  Hello everyone,

  I have a couple of boxes Debian and Ubuntu (& gt; 100) in various race DMZ. When I am updating the linux kernel, I have to update the VMware tools as well. My problem is that these boxes are not allowed to have an Internet connection and an installed gcc.

  Does anyone has an idea how Handel who? Is it not possible to have a central host where the new version of VMware tools are compiled and one can distribute them to other boxes?

  Thanks in advance!

  Robert

  Hello

  See http://communities.vmware.com/message/786017 for assistance.

  Best regards
  Edward L. Haletky
  VMware communities user moderator, VMware vExpert 2009
  ====
  Author of the book ' VMWare ESX Server in the enterprise: planning and securing virtualization servers, Copyright 2008 Pearson Education.
  Blue gears and SearchVMware Pro items - top of page links of security virtualization - Security Virtualization Round Table Podcast

• VMware Tools recommended for several VMware products

  I am managing a large library of virtual machines that are used on a wide range of VMware products (5.5 - 6.5, server 1-2 workstation, ESX 3 to 3.5, fusion 2).  I've built tools to automate the installation of various operating systems and I'm looking for a kind of best practices as to which version of VMware Tools, should I have install automation.  Is there a significant difference between the VMware tools that come with the different products (for example, workstation 6.5 and ESX)?  Should I just use the latest (non-beta) version of VMware Tools without worrying about which is the host, or should I use a minimum version of VMware Tools (such as ESX 3.0.2 which in my opinion, the smaller build number of each of them) and to remind users to upgrade if necessary?

  Hello

  Modern tools from VMware (ESX 3.5, 6.5 WS, etc) must be interchangeable. Some of the 3.0.x beginning were not. However, those 3.0.2 should be as well. You can get a version that works on all platforms to which you want to deploy. Or you can use open Vmware tools to achieve the same thing.

  If the version of VMware Tools you have chosen will not work on all your destinations and it of modern tools, then you should report as those indicated on the last Podcast of VMTN communities, they must work for VMware.

  Best regards
  Edward L. Haletky
  VMware communities user moderator
  ====
  Author of the book ' VMWare ESX Server in the enterprise: planning and securing virtualization servers, Copyright 2008 Pearson Education.
  Blue gears and SearchVMware Pro items - top of page links of security virtualization - Security Virtualization Round Table Podcast

• When you run the script via VMware tools when power changed, some commands in script (as a copy) has failed.

  I came across a very strange question. I tried to create some custom vmware scripting tools, such as a new .bat file. This file contains a large number of orders, mostly as copy command "copy file://\\192.168.172.5\abc.exe c:\. ». I set this file as a custom script for Script event - power on guest operating system. Everything goes well with the bat file when I tested it. But after that I changed the State of power to power on, all other commands work fine except the copy commands in the bat file. Why? How can I make it work? Of course the problem of network. And that makes me very confused.

  Hello

  First copy the files on local disk was OK.

  If this works for local disk, but not to a network drive, then hit you indeed a permissions issue any.

  But if I run the script with tools VMware service script, the commands of copy (of the remote shared folder) failed while other controls worked well. I'm quite confused.

  In fact, it is easily explained. The VMware tools service (Yes, it's a service) runs under the account Local system and by default, the local system account has no access to the network for security reasons. You can change the user of the service runs under and see if that solves your problem (very likely)

  To do this, go to computer management (right-click icon desktop, select 'Manage') and open Services and Applications, service page, locate the VMware Tools service in the list. Select properties, log on to the page tabs and change account at your own Local System account. Restart the service and it should work.

  --

  Wil

  _____________________________________________________

  Visit the new VMware developers at http://www.vi-toolkit.com wiki

• Upgrade VMware Tools-hardware virtual FOV 7.0 Build 130927.1406

  Hello

  I tried to update the version of VMware FOV tools, but all that seemed to do is strip out...  Any ideas on how to retrieve and update, including the virtual hardware version also?

  Thank you very much.

  Alex.

  Hi Alex,

  Installation of the tools is a feature of vCenter and VMware would better understand if there is a problem with the installation.  Their support may be able to help solve the problem you are experiencing.

  That being said, I would like to offer assistance if I can.  I installed VMware tools in the same way that you have described.  In the past, if I had a problem installing, vCenter would let know me the reason why.  It would also seem that if tools have been "stripped" of the existing virtual machine.

  I suspect that something similar is happening in your environment.

  I can't be sure this link applies, but we found this VMware.

  http://KB.VMware.com/selfservice/microsites/search.do?language=en_US&cmd=displayKC&externalID=1001354

  VMware support should be able to help you further with the installation of the tools. Unfortunately, because it is not our product, I can only offer advice on how to solve the problem with the installation of the tools.

  Bill

• Is it possible to automate upgrades of VMware Tools with Foglight Standard Edition?

  Its probably a stupid question but don't Foglight Standard Edition (6.5) have an automated function upgrade VMware Tools?

  Thank you!

  HI - not sorry that it's not, you will have to do it in vCenter. (there is no such thing a stupid question on these forums!)