NTP Settings on all Hosts with recommended parameters

This post was originally published on this site

I have created the below script in order to:

  • Check NTP on all ESXi hosts
  • Make change if required
  • Start NTPD service
  • Set policy to automatic
  • Allow NTP queries outbound through the firewall

 

issue:

  1. not able to set policy to automatic
  2. Not able to create a function to check NTP queries outbound through the firewall and correct it if required
  3. there’s errors when I run the script

 

Error :

 

###############################################

#Checking NTP Servers…                      #

###############################################

Server XXX.XXX.XXX.XXX is missing

Remove-VMHostNtpServer : 26/09/2020 16:28:41    Remove-VMHostNtpServer          The NtpServer ‘YYY.YYY.YYY.YYY’ does not exist on VMHost ‘ESX03.TEST.LOCAL’.

At K:ScriptstestScript_Test_Hardening.ps1:44 char:60

+ … _.$domain” | Remove-VMHostNtpServer -NtpServer $ntp2 -Confirm:$false}

+                  ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

    + CategoryInfo          : InvalidArgument: (:) [Remove-VMHostNtpServer], VimException

    + FullyQualifiedErrorId : Client20_SystemManagementServiceImpl_RemoveVmHostNtpServer_NameDoesNotExists,VMware.VimAutomation.ViCore.Cmdlets.Commands.Host.RemoveVMHostNtpServer

 

Remove-VMHostNtpServer : 26/09/2020 16:28:41    Remove-VMHostNtpServer          The NtpServer ‘YYY.YYY.YYY.YYY’ does not exist on VMHost ‘ESX03.TEST.LOCAL’.

At K:ScriptstestScript_Test_Hardening.ps1:44 char:60

+ … _.$domain” | Remove-VMHostNtpServer -NtpServer $ntp2 -Confirm:$false}

+                  ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

    + CategoryInfo          : InvalidArgument: (:) [Remove-VMHostNtpServer], VimException

    + FullyQualifiedErrorId : Client20_SystemManagementServiceImpl_RemoveVmHostNtpServer_NameDoesNotExists,VMware.VimAutomation.ViCore.Cmdlets.Commands.Host.RemoveVMHostNtpServer

 

Remove-VMHostNtpServer : 26/09/2020 16:28:41    Remove-VMHostNtpServer          The NtpServer ‘YYY.YYY.YYY.YYY’ does not exist on VMHost ‘ESX03.TEST.LOCAL’.

At K:ScriptstestScript_Test_Hardening.ps1:44 char:60

+ … _.$domain” | Remove-VMHostNtpServer -NtpServer $ntp2 -Confirm:$false}

+                  ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

    + CategoryInfo          : InvalidArgument: (:) [Remove-VMHostNtpServer], VimException

    + FullyQualifiedErrorId : Client20_SystemManagementServiceImpl_RemoveVmHostNtpServer_NameDoesNotExists,VMware.VimAutomation.ViCore.Cmdlets.Commands.Host.RemoveVMHostNtpServer

 

Remove-VMHostNtpServer : 26/09/2020 16:28:42    Remove-VMHostNtpServer          The NtpServer ‘YYY.YYY.YYY.YYY’ does not exist on VMHost ‘ESX02.TEST.LOCAL’.

At K:ScriptstestScript_Test_Hardening.ps1:44 char:60

+ … _.$domain” | Remove-VMHostNtpServer -NtpServer $ntp2 -Confirm:$false}

+                  ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

    + CategoryInfo          : InvalidArgument: (:) [Remove-VMHostNtpServer], VimException

    + FullyQualifiedErrorId : Client20_SystemManagementServiceImpl_RemoveVmHostNtpServer_NameDoesNotExists,VMware.VimAutomation.ViCore.Cmdlets.Commands.Host.RemoveVMHostNtpServer

 

Remove-VMHostNtpServer : 26/09/2020 16:28:42    Remove-VMHostNtpServer          The NtpServer ‘YYY.YYY.YYY.YYY’ does not exist on VMHost ‘ESX02.TEST.LOCAL’.

At K:ScriptstestScript_Test_Hardening.ps1:44 char:60

+ … _.$domain” | Remove-VMHostNtpServer -NtpServer $ntp2 -Confirm:$false}

+                  ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

    + CategoryInfo          : InvalidArgument: (:) [Remove-VMHostNtpServer], VimException

    + FullyQualifiedErrorId : Client20_SystemManagementServiceImpl_RemoveVmHostNtpServer_NameDoesNotExists,VMware.VimAutomation.ViCore.Cmdlets.Commands.Host.RemoveVMHostNtpServer

 

Remove-VMHostNtpServer : 26/09/2020 16:28:42    Remove-VMHostNtpServer          The NtpServer ‘YYY.YYY.YYY.YYY’ does not exist on VMHost ‘ESX02.TEST.LOCAL’.

At K:ScriptstestScript_Test_Hardening.ps1:44 char:60

+ … _.$domain” | Remove-VMHostNtpServer -NtpServer $ntp2 -Confirm:$false}

+                  ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

    + CategoryInfo          : InvalidArgument: (:) [Remove-VMHostNtpServer], VimException

    + FullyQualifiedErrorId : Client20_SystemManagementServiceImpl_RemoveVmHostNtpServer_NameDoesNotExists,VMware.VimAutomation.ViCore.Cmdlets.Commands.Host.RemoveVMHostNtpServer

 

Add-VMHostNtpServer : 26/09/2020 16:28:43       Add-VMHostNtpServer             The NtpServer ‘XXX.XXX.XXX.XXX’ already exist on VMHost ‘ESX03.TEST.LOCAL’.

At K:ScriptstestScript_Test_Hardening.ps1:45 char:60

+ … .$domain” | Add-VMHostNtpServer -NtpServer $ntp1,$ntp2 -Confirm:$fals …

+                 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

    + CategoryInfo          : InvalidArgument: (:) [Add-VMHostNtpServer], VimException

    + FullyQualifiedErrorId : Client20_SystemManagementServiceImpl_AddVmHostNtpServer_NameAlredyExists,VMware.VimAutomation.ViCore.Cmdlets.Commands.Host.AddVmHostNtpServer

 

XXX.XXX.XXX.XXX

YYY.YYY.YYY.YYY

Add-VMHostNtpServer : 26/09/2020 16:28:43       Add-VMHostNtpServer             The NtpServer ‘XXX.XXX.XXX.XXX’ already exist on VMHost ‘ESX03.TEST.LOCAL’.

At K:ScriptstestScript_Test_Hardening.ps1:45 char:60

+ … .$domain” | Add-VMHostNtpServer -NtpServer $ntp1,$ntp2 -Confirm:$fals …

+                 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

    + CategoryInfo          : InvalidArgument: (:) [Add-VMHostNtpServer], VimException

    + FullyQualifiedErrorId : Client20_SystemManagementServiceImpl_AddVmHostNtpServer_NameAlredyExists,VMware.VimAutomation.ViCore.Cmdlets.Commands.Host.AddVmHostNtpServer

 

Add-VMHostNtpServer : 26/09/2020 16:28:43       Add-VMHostNtpServer             The NtpServer ‘YYY.YYY.YYY.YYY’ already exist on VMHost ‘ESX03.TEST.LOCAL’.

At K:ScriptstestScript_Test_Hardening.ps1:45 char:60

+ … .$domain” | Add-VMHostNtpServer -NtpServer $ntp1,$ntp2 -Confirm:$fals …

+                 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

    + CategoryInfo          : InvalidArgument: (:) [Add-VMHostNtpServer], VimException

    + FullyQualifiedErrorId : Client20_SystemManagementServiceImpl_AddVmHostNtpServer_NameAlredyExists,VMware.VimAutomation.ViCore.Cmdlets.Commands.Host.AddVmHostNtpServer

 

Add-VMHostNtpServer : 26/09/2020 16:28:43       Add-VMHostNtpServer             The NtpServer ‘XXX.XXX.XXX.XXX’ already exist on VMHost ‘ESX03.TEST.LOCAL’.

At K:ScriptstestScript_Test_Hardening.ps1:45 char:60

+ … .$domain” | Add-VMHostNtpServer -NtpServer $ntp1,$ntp2 -Confirm:$fals …

+                 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

    + CategoryInfo          : InvalidArgument: (:) [Add-VMHostNtpServer], VimException

    + FullyQualifiedErrorId : Client20_SystemManagementServiceImpl_AddVmHostNtpServer_NameAlredyExists,VMware.VimAutomation.ViCore.Cmdlets.Commands.Host.AddVmHostNtpServer

 

Add-VMHostNtpServer : 26/09/2020 16:28:43       Add-VMHostNtpServer             The NtpServer ‘YYY.YYY.YYY.YYY’ already exist on VMHost ‘ESX03.TEST.LOCAL’.

At K:ScriptstestScript_Test_Hardening.ps1:45 char:60

+ … .$domain” | Add-VMHostNtpServer -NtpServer $ntp1,$ntp2 -Confirm:$fals …

+                 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

    + CategoryInfo          : InvalidArgument: (:) [Add-VMHostNtpServer], VimException

    + FullyQualifiedErrorId : Client20_SystemManagementServiceImpl_AddVmHostNtpServer_NameAlredyExists,VMware.VimAutomation.ViCore.Cmdlets.Commands.Host.AddVmHostNtpServer

 

Add-VMHostNtpServer : 26/09/2020 16:28:43       Add-VMHostNtpServer             The NtpServer ‘XXX.XXX.XXX.XXX’ already exist on VMHost ‘ESX03.TEST.LOCAL’.

At K:ScriptstestScript_Test_Hardening.ps1:45 char:60

+ … .$domain” | Add-VMHostNtpServer -NtpServer $ntp1,$ntp2 -Confirm:$fals …

+                 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

    + CategoryInfo          : InvalidArgument: (:) [Add-VMHostNtpServer], VimException

    + FullyQualifiedErrorId : Client20_SystemManagementServiceImpl_AddVmHostNtpServer_NameAlredyExists,VMware.VimAutomation.ViCore.Cmdlets.Commands.Host.AddVmHostNtpServer

 

Add-VMHostNtpServer : 26/09/2020 16:28:43       Add-VMHostNtpServer             The NtpServer ‘YYY.YYY.YYY.YYY’ already exist on VMHost ‘ESX03.TEST.LOCAL’.

At K:ScriptstestScript_Test_Hardening.ps1:45 char:60

+ … .$domain” | Add-VMHostNtpServer -NtpServer $ntp1,$ntp2 -Confirm:$fals …

+                 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

    + CategoryInfo          : InvalidArgument: (:) [Add-VMHostNtpServer], VimException

    + FullyQualifiedErrorId : Client20_SystemManagementServiceImpl_AddVmHostNtpServer_NameAlredyExists,VMware.VimAutomation.ViCore.Cmdlets.Commands.Host.AddVmHostNtpServer

 

Add-VMHostNtpServer : 26/09/2020 16:28:43       Add-VMHostNtpServer             The NtpServer ‘XXX.XXX.XXX.XXX’ already exist on VMHost ‘ESX02.TEST.LOCAL’.

At K:ScriptstestScript_Test_Hardening.ps1:45 char:60

+ … .$domain” | Add-VMHostNtpServer -NtpServer $ntp1,$ntp2 -Confirm:$fals …

+                 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

    + CategoryInfo          : InvalidArgument: (:) [Add-VMHostNtpServer], VimException

    + FullyQualifiedErrorId : Client20_SystemManagementServiceImpl_AddVmHostNtpServer_NameAlredyExists,VMware.VimAutomation.ViCore.Cmdlets.Commands.Host.AddVmHostNtpServer

 

XXX.XXX.XXX.XXX

YYY.YYY.YYY.YYY

Add-VMHostNtpServer : 26/09/2020 16:28:43       Add-VMHostNtpServer             The NtpServer ‘XXX.XXX.XXX.XXX’ already exist on VMHost ‘ESX02.TEST.LOCAL’.

At K:ScriptstestScript_Test_Hardening.ps1:45 char:60

+ … .$domain” | Add-VMHostNtpServer -NtpServer $ntp1,$ntp2 -Confirm:$fals …

+                 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

    + CategoryInfo          : InvalidArgument: (:) [Add-VMHostNtpServer], VimException

    + FullyQualifiedErrorId : Client20_SystemManagementServiceImpl_AddVmHostNtpServer_NameAlredyExists,VMware.VimAutomation.ViCore.Cmdlets.Commands.Host.AddVmHostNtpServer

 

Add-VMHostNtpServer : 26/09/2020 16:28:43       Add-VMHostNtpServer             The NtpServer ‘YYY.YYY.YYY.YYY’ already exist on VMHost ‘ESX02.TEST.LOCAL’.

At K:ScriptstestScript_Test_Hardening.ps1:45 char:60

+ … .$domain” | Add-VMHostNtpServer -NtpServer $ntp1,$ntp2 -Confirm:$fals …

+                 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

    + CategoryInfo          : InvalidArgument: (:) [Add-VMHostNtpServer], VimException

    + FullyQualifiedErrorId : Client20_SystemManagementServiceImpl_AddVmHostNtpServer_NameAlredyExists,VMware.VimAutomation.ViCore.Cmdlets.Commands.Host.AddVmHostNtpServer

 

Add-VMHostNtpServer : 26/09/2020 16:28:44       Add-VMHostNtpServer             The NtpServer ‘XXX.XXX.XXX.XXX’ already exist on VMHost ‘ESX02.TEST.LOCAL’.

At K:ScriptstestScript_Test_Hardening.ps1:45 char:60

+ … .$domain” | Add-VMHostNtpServer -NtpServer $ntp1,$ntp2 -Confirm:$fals …

+                 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

    + CategoryInfo          : InvalidArgument: (:) [Add-VMHostNtpServer], VimException

    + FullyQualifiedErrorId : Client20_SystemManagementServiceImpl_AddVmHostNtpServer_NameAlredyExists,VMware.VimAutomation.ViCore.Cmdlets.Commands.Host.AddVmHostNtpServer

 

Add-VMHostNtpServer : 26/09/2020 16:28:44       Add-VMHostNtpServer             The NtpServer ‘YYY.YYY.YYY.YYY’ already exist on VMHost ‘ESX02.TEST.LOCAL’.

At K:ScriptstestScript_Test_Hardening.ps1:45 char:60

+ … .$domain” | Add-VMHostNtpServer -NtpServer $ntp1,$ntp2 -Confirm:$fals …

+                 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

    + CategoryInfo          : InvalidArgument: (:) [Add-VMHostNtpServer], VimException

    + FullyQualifiedErrorId : Client20_SystemManagementServiceImpl_AddVmHostNtpServer_NameAlredyExists,VMware.VimAutomation.ViCore.Cmdlets.Commands.Host.AddVmHostNtpServer

 

Add-VMHostNtpServer : 26/09/2020 16:28:44       Add-VMHostNtpServer             The NtpServer ‘XXX.XXX.XXX.XXX’ already exist on VMHost ‘ESX02.TEST.LOCAL’.

At K:ScriptstestScript_Test_Hardening.ps1:45 char:60

+ … .$domain” | Add-VMHostNtpServer -NtpServer $ntp1,$ntp2 -Confirm:$fals …

+                 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

    + CategoryInfo          : InvalidArgument: (:) [Add-VMHostNtpServer], VimException

    + FullyQualifiedErrorId : Client20_SystemManagementServiceImpl_AddVmHostNtpServer_NameAlredyExists,VMware.VimAutomation.ViCore.Cmdlets.Commands.Host.AddVmHostNtpServer

 

Add-VMHostNtpServer : 26/09/2020 16:28:44       Add-VMHostNtpServer             The NtpServer ‘YYY.YYY.YYY.YYY’ already exist on VMHost ‘ESX02.TEST.LOCAL’.

At K:ScriptstestScript_Test_Hardening.ps1:45 char:60

+ … .$domain” | Add-VMHostNtpServer -NtpServer $ntp1,$ntp2 -Confirm:$fals …

+                 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

    + CategoryInfo          : InvalidArgument: (:) [Add-VMHostNtpServer], VimException

    + FullyQualifiedErrorId : Client20_SystemManagementServiceImpl_AddVmHostNtpServer_NameAlredyExists,VMware.VimAutomation.ViCore.Cmdlets.Commands.Host.AddVmHostNtpServer

 

Add-VMHostNtpServer : 26/09/2020 16:28:44       Add-VMHostNtpServer             The NtpServer ‘XXX.XXX.XXX.XXX’ already exist on VMHost ‘ESX01.TEST.LOCAL’.

At K:ScriptstestScript_Test_Hardening.ps1:45 char:60

+ … .$domain” | Add-VMHostNtpServer -NtpServer $ntp1,$ntp2 -Confirm:$fals …

+                 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

    + CategoryInfo          : InvalidArgument: (:) [Add-VMHostNtpServer], VimException

    + FullyQualifiedErrorId : Client20_SystemManagementServiceImpl_AddVmHostNtpServer_NameAlredyExists,VMware.VimAutomation.ViCore.Cmdlets.Commands.Host.AddVmHostNtpServer

 

Add-VMHostNtpServer : 26/09/2020 16:28:44       Add-VMHostNtpServer             The NtpServer ‘YYY.YYY.YYY.YYY’ already exist on VMHost ‘ESX01.TEST.LOCAL’.

At K:ScriptstestScript_Test_Hardening.ps1:45 char:60

+ … .$domain” | Add-VMHostNtpServer -NtpServer $ntp1,$ntp2 -Confirm:$fals …

+                 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

    + CategoryInfo          : InvalidArgument: (:) [Add-VMHostNtpServer], VimException

    + FullyQualifiedErrorId : Client20_SystemManagementServiceImpl_AddVmHostNtpServer_NameAlredyExists,VMware.VimAutomation.ViCore.Cmdlets.Commands.Host.AddVmHostNtpServer

 

Add-VMHostNtpServer : 26/09/2020 16:28:44       Add-VMHostNtpServer             The NtpServer ‘XXX.XXX.XXX.XXX’ already exist on VMHost ‘ESX01.TEST.LOCAL’.

At K:ScriptstestScript_Test_Hardening.ps1:45 char:60

+ … .$domain” | Add-VMHostNtpServer -NtpServer $ntp1,$ntp2 -Confirm:$fals …

+                 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

    + CategoryInfo          : InvalidArgument: (:) [Add-VMHostNtpServer], VimException

    + FullyQualifiedErrorId : Client20_SystemManagementServiceImpl_AddVmHostNtpServer_NameAlredyExists,VMware.VimAutomation.ViCore.Cmdlets.Commands.Host.AddVmHostNtpServer

 

Add-VMHostNtpServer : 26/09/2020 16:28:44       Add-VMHostNtpServer             The NtpServer ‘YYY.YYY.YYY.YYY’ already exist on VMHost ‘ESX01.TEST.LOCAL’.

At K:ScriptstestScript_Test_Hardening.ps1:45 char:60

+ … .$domain” | Add-VMHostNtpServer -NtpServer $ntp1,$ntp2 -Confirm:$fals …

+                 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

    + CategoryInfo          : InvalidArgument: (:) [Add-VMHostNtpServer], VimException

    + FullyQualifiedErrorId : Client20_SystemManagementServiceImpl_AddVmHostNtpServer_NameAlredyExists,VMware.VimAutomation.ViCore.Cmdlets.Commands.Host.AddVmHostNtpServer

 

Add-VMHostNtpServer : 26/09/2020 16:28:44       Add-VMHostNtpServer             The NtpServer ‘XXX.XXX.XXX.XXX’ already exist on VMHost ‘ESX01.TEST.LOCAL’.

At K:ScriptstestScript_Test_Hardening.ps1:45 char:60

+ … .$domain” | Add-VMHostNtpServer -NtpServer $ntp1,$ntp2 -Confirm:$fals …

+                 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

    + CategoryInfo          : InvalidArgument: (:) [Add-VMHostNtpServer], VimException

    + FullyQualifiedErrorId : Client20_SystemManagementServiceImpl_AddVmHostNtpServer_NameAlredyExists,VMware.VimAutomation.ViCore.Cmdlets.Commands.Host.AddVmHostNtpServer

 

Add-VMHostNtpServer : 26/09/2020 16:28:44       Add-VMHostNtpServer             The NtpServer ‘YYY.YYY.YYY.YYY’ already exist on VMHost ‘ESX01.TEST.LOCAL’.

At K:ScriptstestScript_Test_Hardening.ps1:45 char:60

+ … .$domain” | Add-VMHostNtpServer -NtpServer $ntp1,$ntp2 -Confirm:$fals …

+                 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

    + CategoryInfo          : InvalidArgument: (:) [Add-VMHostNtpServer], VimException

    + FullyQualifiedErrorId : Client20_SystemManagementServiceImpl_AddVmHostNtpServer_NameAlredyExists,VMware.VimAutomation.ViCore.Cmdlets.Commands.Host.AddVmHostNtpServer

 

Add-VMHostNtpServer : 26/09/2020 16:28:44       Add-VMHostNtpServer             The NtpServer ‘XXX.XXX.XXX.XXX’ already exist on VMHost ‘ESX01.TEST.LOCAL’.

At K:ScriptstestScript_Test_Hardening.ps1:45 char:60

+ … .$domain” | Add-VMHostNtpServer -NtpServer $ntp1,$ntp2 -Confirm:$fals …

+                 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

    + CategoryInfo          : InvalidArgument: (:) [Add-VMHostNtpServer], VimException

    + FullyQualifiedErrorId : Client20_SystemManagementServiceImpl_AddVmHostNtpServer_NameAlredyExists,VMware.VimAutomation.ViCore.Cmdlets.Commands.Host.AddVmHostNtpServer

 

Add-VMHostNtpServer : 26/09/2020 16:28:44       Add-VMHostNtpServer             The NtpServer ‘YYY.YYY.YYY.YYY’ already exist on VMHost ‘ESX01.TEST.LOCAL’.

At K:ScriptstestScript_Test_Hardening.ps1:45 char:60

+ … .$domain” | Add-VMHostNtpServer -NtpServer $ntp1,$ntp2 -Confirm:$fals …

+                 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

    + CategoryInfo          : InvalidArgument: (:) [Add-VMHostNtpServer], VimException

    + FullyQualifiedErrorId : Client20_SystemManagementServiceImpl_AddVmHostNtpServer_NameAlredyExists,VMware.VimAutomation.ViCore.Cmdlets.Commands.Host.AddVmHostNtpServer

 

Server XXX.XXX.XXX.XXX was added successfully

###############################################

#Verifying NTP services…                    #

###############################################

All NTP Services are started.

 

||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||| * Script * |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||

 

#Connect to vcenter

$vcenter = Read-Host “vCenter name:”

$user = Read-Host “User:”

$password = Read-Host “Password:”

 

Write-Host -f green “Connecting to vCenter Server…”

Connect-VIServer -Server $vcenter -User $user -Password $password

 

#Create folder for logs output

$checkdir = Test-Path “$env:USERPROFILEDocumentsHardeningESXi-Logs” -PathType Container

if ($checkdir -eq “*True*”){}

else {New-Item $env:USERPROFILEDocumentsHardeningESXi-Logs -ItemType directory}

 

#Information to be used in the script

$ntp1 = Read-Host “Put primary NTP Server”

$ntp2 = Read-Host “Put Secondary NTP Server” 

$domain = Read-Host “Put Domain, if your domain is hostname.test.local, you only need to put test.local”

 

###############################################

#Verify NTP Servers and status                #

###############################################

 

Write-Host -f White “###############################################”

Write-Host -f White “#Checking NTP Servers…                      #”

Write-Host -f White “###############################################”

 

Get-VMHost |Sort Name|Select Name, @{N=“NTPServer“;E={$_ |Get-VMHostNtpServer}}, @{N=“ServiceRunning“;E={(Get-VmHostService -VMHost $_ |Where-Object {$_.key-eq “ntpd“}).Running}} | Out-String | ForEach-Object { $_.Trim() } > “$env:USERPROFILEDocumentsHardeningESXi-LogsNTP_Info.txt”

 

#Variables to verify if the first or Second NTP don’t exist.

$CheckNTP1 = gc “$env:USERPROFILEDocumentsHardeningESXi-LogsNTP_Info.txt” | ft NTPServer | findstr /v ” _$Null NTPServer —- _$Null” | where-object {$_ -notlike “*ntp1*”} | foreach{$_.split(“.”)[0]}

$CheckNTP2 = gc “$env:USERPROFILEDocumentsHardeningESXi-LogsNTP_Info.txt” | ft NTPServer | findstr /v ” _$Null NTPServer —- _$Null” | where-object {$_ -notlike “*ntp2*”} | foreach{$_.split(“.”)[0]}

 

#Function to fix and leave the NTP Servers well loaded.

function LoadNTP {

#If the output of $var1 is empty then everything is fine.

$var1 = foreach($line in Get-Content “$env:USERPROFILEDocumentsHardeningESXi-LogsNTP_Info.txt” | ft NTPServer | findstr /v ” _$Null NTPServer —- _$Null”) { if($line -like ‘*ntp1*’ -and $line -like ‘*ntp2*’) { } else { $line } }

If ($var1 -eq $Null) {

Write-Host -f green “All NTP Servers are configured correctly”

}

else {

    #Check if the firs NTP Server is missing, if so, add the server.

    if ($CheckNTP1 -ne $Null) {

    Write-Host -f red “Server $ntp1 is missing”

    $CheckNTP1 | ForEach-Object {Get-VMHost “$_.$domain” | Remove-VMHostNtpServer -NtpServer $ntp2 -Confirm:$false}

    $CheckNTP1 | ForEach-Object {Get-VMHost “$_.$domain” | Add-VMHostNtpServer -NtpServer $ntp1,$ntp2 -Confirm:$false}

    Write-Host -f green “Server $ntp1 was added successfully”

    }

    #Check if the Second NTP Server is missing, if so, add the server.

    elseif ($CheckNTP2 -ne $Null) {

    Write-Host -f red “Server $ntp2 is missing”

    $CheckNTP2 | ForEach-Object {Get-VMHost “$_.$domain” | Add-VMHostNtpServer -NtpServer $ntp2}

    Write-Host -f green “Server $ntp2 was added successfully”

    }

    else {

        Write-Host -f green “There was a problem adding NTP Servers, please verify.”

        }

}

}

#Execute the function

LoadNTP

 

 

###############################################

#Verify NTP Service Status                    #

###############################################

Write-Host -f White “###############################################”

Write-Host -f White “#Verifying NTP services…                    #”

Write-Host -f White “###############################################”

 

#Generate the file to store the result of the status of NTP services “$env:USERPROFILEDocumentsntp-service.txt”.

Get-VMHost |Sort Name|Select Name, @{N=“NTPServer“;E={$_ |Get-VMHostNtpServer}}, @{N=“ServiceRunning“;E={(Get-VmHostService -VMHost $_ |Where-Object {$_.key-eq “ntpd“}).Running}} | Out-String | ForEach-Object { $_.Trim() } > “$env:USERPROFILEDocumentsHardeningESXi-Logsntp-service.txt”

 

function ServiceNTP {

#Look in the File “$env:USERPROFILEDocumentsHardeningESXi-Logsntp-service.txt”, the computers with the service stopped and send the information to “$env:USERPROFILEDocumentsntp-service-error.txt”.

$ntpservice = gc “$env:USERPROFILEDocumentsHardeningESXi-Logsntp-service.txt” | ft ServiceRunning | findstr /v ” _$Null ServiceRunning ————– _$Null” | where-object {$_ -notlike “*True*”} | foreach{$_.split(“.”)[0]}

    #If the status of the services is True, mark everything correct, if it detects any like False, start the service.

    if($ntpservice -eq $Null) {

    Write-Host -f green “All NTP Services are started.”

    }

    else {

    Write-Host -f red “Some NTP Services are Stopped.”

    Write-Host -f red “Starting Service…”

    $ntpservice | ForEach-Object {Get-VMHost “$_.$domain” | Get-VMHostService |?{$_.key -eq ‘ntpd’} | Start-VMHostService -Confirm:$false}

    }

 

}

#Execute the function that validates the NTP services.

ServiceNTP

 

 

 

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.