Installation of Power-CLI for CIS-CAT Pro Assessment of VMWareESXI target.
Product Name
CIS-CAT Pro Assessor v4
Product Version
v4.0.20+
Date
Aug 13, 2020
Problem
How do I install the required modules to assess an ESXi target with CIS-CAT Assessor v4?
Check to see if the required modules are already installed on the CIS-CAT Assessor Host system. In this example they are not installed;
PS C:\Windows\system32> Get-Module -ListAvailable -Name VMware.PowerCLI | Select Version, Name | ConvertTo-Csv -NoTypeInformation
PS C:\Windows\system32>
PS C:\Windows\system32> Get-Module -ListAvailable -Name VMware.* | Select Version, Name | ConvertTo-Csv -NoTypeInformation
PS C:\Windows\system32>
Install the PowerCLI module. Note in this example installation fails. If there is not a failure proceed to the last step in this document.
PS C:\Windows\system32> Install-Module -Name VMware.PowerCLI
NuGet provider is required to continue
PowerShellGet requires NuGet provider version '2.8.5.201' or newer to interact with NuGet-based repositories. The NuGet provider must be available in 'C:\Program Files\PackageManagement\ProviderAssemblies' or
'C:\Users\bob\AppData\Local\PackageManagement\ProviderAssemblies'. You can also install the NuGet provider by running 'Install-PackageProvider -Name NuGet -MinimumVersion 2.8.5.201 -Force'. Do you want
PowerShellGet to install and import the NuGet provider now?
[Y] Yes [N] No [S] Suspend [?] Help (default is "Y"): Y
WARNING: Unable to download from URI 'https://go.microsoft.com/fwlink/?LinkID=627338&clcid=0x409' to ''.
WARNING: Unable to download the list of available providers. Check your internet connection.
PackageManagement\Install-PackageProvider : No match was found for the specified search criteria for the provider 'NuGet'. The package provider requires 'PackageManagement' and 'Provider' tags. Please check if the specified package has the tags.
At C:\Program Files\WindowsPowerShell\Modules\PowerShellGet\1.0.0.1\PSModule.psm1:7405 char:21
+ ... $null = PackageManagement\Install-PackageProvider -Name $script:N ...
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+ CategoryInfo : InvalidArgument: (Microsoft.Power...PackageProvider:InstallPackageProvider) [Install-PackageProvider], Exception
+ FullyQualifiedErrorId : NoMatchFoundForProvider,Microsoft.PowerShell.PackageManagement.Cmdlets.InstallPackageProvider
-------SNIP
Please check this page for information on updating the Security Protocol which is the cause of the above failure to install PowerCLI. Some sample commands and output are provided below from a CIS test system.
Check of current security protocols;
PS C:\Windows\system32> [Net.ServicePointManager]::SecurityProtocol
Ssl3, Tls
PS C:\Windows\system32>
As per the link above, for this test system we ran this command to update the security protocols;
Restart PowerShell
List the updated security protocols;
Install the PowerCLI module
Check to make sure we have PowerCLI and VMware.VimAutomation.Core installed;