I'm hardening some VMs, and I have a script that I found online (can't remember who it was from, but probably LucD). The script is not the issue, but the csv file that the script references has some of these lines:
floppy0.present,FALSE
ide0:0.present,FALSE
logging,TRUE
Well, the script seems to work fine, but then when I check the .vmx file with (Get-VM "Name").extensiondata.config.extraconfig, the $_.key for any line that has to do with virtual hardware does not appear. I don't think this is really a scripting issue, but this section is so active, that maybe someone can lead me in the right direction, and I'm using PowerCLI to edit the settings, so I guess it's relevant. There are multiple lines, and everything appears fine except for hardware related lines:
floppy0.present,FALSE
floppy1.present,FALSE
ide0:0.present,FALSE
ide0:1.present,FALSE
ide1:0.present,FALSE
ide1:1.present,FALSE
parallel0.present,FALSE
serial0.present,FALSE
Other lines appear when I retrieve them:
isolation.monitor.control.disable,TRUE
isolation.tools.ghi.autologon.disable,TRUE
isolation.bios.bbs.disable,TRUE
isolation.tools.getCreds.disable,TRUE
Even if I "edit settings" > Options > Advanced | General > Configuration Parameters, and add a line there, I can't retrieve it with powershell (only hardware lines) if I directly edit the .vmx file and copy it back, those lines don't show up with powershell, but they will show up if I look at the .vmx file on Windows with Write, or some other text editor.
Has anyone experienced this? More importantly, does anyone know what I'm doing wrong?
The script is here, and there is a CSV file that I use, with the examples that I listed, it has the Key,Value columns correctly
#This line imports the key and value pair for the .vmx setting
$import = Import-Csv "C:\STIGapply\STIG_current.csv"
$VMs = Get-folder STIG | Get-VM "*clone"
$vmConfigSpec = New-Object VMware.Vim.VirtualMachineConfigSpec
Foreach ($item in $import) {
$extra = New-Object VMware.Vim.OptionValue
$extra.Key = $item.Key
$extra.Value = $item.Value
$vmConfigSpec.extraconfig += $extra
}
Foreach ($vm in $vms) {
$vm.ExtensionData.ReconfigVM($vmConfigSpec)
}