Versions Compared

Old Version 8

changes.mady.by.user Chris Boldiston

Saved on

compared with

New Version Current

changes.mady.by.user Chris Boldiston

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

Product Name

CIS-CAT Pro Assessor v4

Product Version

v4.0.20+

Date

Problem

Info

How do I install the required modules to assess an ESXi target with CIS-CAT Assessor v4?

Check to see if the required modules are already installed on the CIS-CAT Assessor Host system. In this example they are not installed;

Code Block
breakoutModefull-width
PS C:\Windows\system32> Get-Module -ListAvailable -Name VMware.PowerCLI | Select Version, Name | ConvertTo-Csv -NoTypeInformation 
PS C:\Windows\system32> 

PS C:\Windows\system32> Get-Module -ListAvailable -Name VMware.* | Select Version, Name | ConvertTo-Csv -NoTypeInformation 
PS C:\Windows\system32>

 

Install the PowerCLI module. Note in this example installation fails. If there is not a failure proceed to the last step in this document.

Code Block
breakoutModefull-width
PS C:\Windows\system32> Install-Module -Name VMware.PowerCLI
NuGet provider is required to continue
PowerShellGet requires NuGet provider version '2.8.5.201' or newer to interact with NuGet-based repositories. The NuGet provider must be available in 'C:\Program Files\PackageManagement\ProviderAssemblies' or
'C:\Users\bob\AppData\Local\PackageManagement\ProviderAssemblies'. You can also install the NuGet provider by running 'Install-PackageProvider -Name NuGet -MinimumVersion 2.8.5.201 -Force'. Do you want

PowerShellGet to install and import the NuGet provider now?
[Y] Yes  [N] No  [S] Suspend  [?] Help (default is "Y"): Y

WARNING: Unable to download from URI 'https://go.microsoft.com/fwlink/?LinkID=627338&clcid=0x409' to ''.
WARNING: Unable to download the list of available providers. Check your internet connection.
PackageManagement\Install-PackageProvider : No match was found for the specified search criteria for the provider 'NuGet'. The package provider requires 'PackageManagement' and 'Provider' tags. Please check if the specified package has the tags.

At C:\Program Files\WindowsPowerShell\Modules\PowerShellGet\1.0.0.1\PSModule.psm1:7405 char:21
+ ...     $null = PackageManagement\Install-PackageProvider -Name $script:N ...
+                 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    + CategoryInfo          : InvalidArgument: (Microsoft.Power...PackageProvider:InstallPackageProvider) [Install-PackageProvider], Exception
    + FullyQualifiedErrorId : NoMatchFoundForProvider,Microsoft.PowerShell.PackageManagement.Cmdlets.InstallPackageProvider
-------SNIP

 

Please check this page for information on updating the Security Protocol which is the cause of the above failure to install PowerCLI. Some sample commands and output are provided below from a CIS test system.

Check of current security protocols;
Code Block
PS C:\Windows\system32> [Net.ServicePointManager]::SecurityProtocol
Ssl3, Tls
PS C:\Windows\system32>

 

As per the link above, for this test system we ran this command to update the security protocols;
Code Block
breakoutModefull-width
PS C:\Windows\system32> Set-ItemProperty -Path 'HKLM:\SOFTWARE\Microsoft\.NetFramework\v4.0.30319' -Name 'SchUseStrongCrypto' -Value '1' -Type DWord

 

Restart PowerShell

List the updated security protocols;
Code Block
PS C:\Windows\system32> [Net.ServicePointManager]::SecurityProtocol
Tls, Tls11, Tls12
PS C:\Windows\system32>

 

Install the PowerCLI module
Code Block
breakoutModefull-width
PS C:\Windows\system32> Install-Module -Name VMware.PowerCLI

NuGet provider is required to continue
PowerShellGet requires NuGet provider version '2.8.5.201' or newer to interact with NuGet-based repositories. 
The NuGet provider must be available in 'C:\Program Files\PackageManagement\ProviderAssemblies' or 'C:\Users\bob\AppData\Local\PackageManagement\ProviderAssemblies'. 
You can also install the NuGet provider by running 'Install-PackageProvider -Name NuGet -MinimumVersion 2.8.5.201 -Force'. 
Do you want PowerShellGet to install and import the NuGet provider now?

[Y] Yes  [N] No  [S] Suspend  [?] Help (default is "Y"): Y

Untrusted repository
You are installing the modules from an untrusted repository. If you trust this repository, change its
InstallationPolicy value by running the Set-PSRepository cmdlet. 
Are you sure you want to install the modules from 'PSGallery'?

[Y] Yes  [A] Yes to All  [N] No  [L] No to All  [S] Suspend  [?] Help (default is "N"): Y

PS C:\Windows\system32>

 

Check to make sure we have PowerCLI and VMware.VimAutomation.Core installed;

Code Block
breakoutModefull-width
PS C:\Windows\system32> Get-Module -ListAvailable -Name VMware*

    Directory: C:\Program Files\WindowsPowerShell\Modules

ModuleType Version    Name                                ExportedCommands

--------- -------    ----                                ----------------
Script     12.0.0.... VMware.CloudServices                {Connect-Vcs, Get-VcsOrganizationRole, Get-VcsService, Get-VcsServiceRole...}
Script     7.0.0.1... VMware.DeployAutomation             {Add-DeployRule, Add-ProxyServer, Add-ScriptBundle, Copy-DeployRule...}
Script     7.0.0.1... VMware.ImageBuilder                 {Add-EsxSoftwareDepot, Add-EsxSoftwarePackage, Compare-EsxImageProfile, Export-EsxImageProfile...}
Manifest   12.0.0.... VMware.PowerCLI
Script     7.0.0.1... VMware.Vim
Script     12.0.0.... VMware.VimAutomation.Cis.Core       {Connect-CisServer, Disconnect-CisServer, Get-CisService}
Script     12.0.0.... VMware.VimAutomation.Cloud          {Add-CIDatastore, Connect-CIServer, Disconnect-CIServer, Get-Catalog...}
Script     12.0.0.... VMware.VimAutomation.Common         {Get-Task, New-OAuthSecurityContext, Stop-Task, Wait-Task}
Script     12.0.0.... VMware.VimAutomation.Core           {Add-PassthroughDevice, Add-VirtualSwitchPhysicalNetworkAdapter, Add-VMHost, Add-VMHostNtpServer...}
Script     12.0.0.... VMware.VimAutomation.Hcx            {Connect-HCXServer, Disconnect-HCXServer, Get-HCXAppliance, Get-HCXComputeProfile...}
Script     7.12.0.... VMware.VimAutomation.HorizonView    {Connect-HVServer, Disconnect-HVServer}
Script     12.0.0.... VMware.VimAutomation.License        Get-LicenseDataManager
Script     12.0.0.... VMware.VimAutomation.Nsxt           {Connect-NsxtServer, Disconnect-NsxtServer, Get-NsxtPolicyService, Get-NsxtService}
Script     12.0.0.... VMware.VimAutomation.Sdk            Get-ErrorReport
Script     12.0.0.... VMware.VimAutomation.Security       {Add-AttestationServiceInfo, Add-KeyProviderServiceInfo, Add-TrustAuthorityKeyProviderServer, Add-TrustAuthor...
Script     11.5.0.... VMware.VimAutomation.Srm            {Connect-SrmServer, Disconnect-SrmServer}
Script     12.0.0.... VMware.VimAutomation.Storage        {Add-EntityDefaultKeyProvider, Add-KeyManagementServer, Add-VsanFileServiceOvf, Add-VsanObjectToRepairQueue...}
Script     1.3.0.0    VMware.VimAutomation.StorageUtility Update-VmfsDatastore
Script     12.0.0.... VMware.VimAutomation.Vds            {Add-VDSwitchPhysicalNetworkAdapter, Add-VDSwitchVMHost, Export-VDPortGroup, Export-VDSwitch...}
Script     12.0.0.... VMware.VimAutomation.Vmc            {Add-VmcSddcHost, Connect-Vmc, Disconnect-Vmc, Get-AwsAccount...}
Script     12.0.0.... VMware.VimAutomation.vROps          {Connect-OMServer, Disconnect-OMServer, Get-OMAlert, Get-OMAlertDefinition...}
Script     12.0.0.... VMware.VimAutomation.WorkloadMan... {Get-WMNamespace, Get-WMNamespacePermission, Get-WMNamespaceStoragePolicy, New-WMNamespace...}
Script     6.5.1.7... VMware.VumAutomation                {Add-EntityBaseline, Copy-Patch, Get-Baseline, Get-Compliance...}

Copyright © 2020

Center for Internet Security®

Privacy Policy

Page Properties
hiddentrue

Action

Name(s)

Date

Created by

Chris Boldiston

Reviewed by

Amanda McGown Andrew Preston Jenna Urbanski Elizabeth Chaharyn

Approved by

Amanda McGown Andrew Preston Jenna Urbanski Elizabeth Chaharyn

Remove by