Add Vmtools vShield Drivers for Endpoint Protection on ESX VM

From Bonus Bits Wiki
Jump to: navigation, search

Contents

Purpose

This article gives the steps to add the VMware Tools vShield VMCI Drivers. This feature is neccessary for vShield Endpoint solutions to work such as McAfee MOVE-AV agent-less solution.

vShield Drivers is a Thin Agent that is installed on the virtual machine to enable vShield Endpoint protection.

Example Environment

  • ESXi 5.1.0-838463
  • vShield Manager 5.1.2-943471
  • Windows 2008R2/2012
  • Default Vmtools already installed


Method 1

Interactive Tools Upgrade

  1. From vCenter or ESX host; Select the VM
  2. Right-Click | Guest | Install/Upgrade VMware Tools
  3. Select Interactive Tools Upgrade
  4. RDP or console to the VM
  5. Run setup.exe or setup64.exe from the mounted media
  6. Select Modify | Next
  7. Expand VMware Device Drivers | VMCI Driver
  8. Select vShield Drivers
  9. Select This feature will be installed on local hard drive. | Next | Modify
  10. Done


Method 2

Modify within Programs and Features
You may have noticed that since we've moved to the vCenter Web console it's faster and smarter the thick client... um no. Once vmtools is installed and updated it greys out the option to install vmtools. So here's a way you can do it on say Windows Server 2012 that has the tools installed but needs the additions added.

  1. On the VM, Open Programs and Features
  2. Highlight Vmware Tools
  3. Select Change button at top
  4. Next | Modify | Next
  5. Browse to Vmware Device Drivers | VMCI Driver
  6. Select vShield Driver Will be installed on local hard drive
  7. Next | Change


Method 3

Automatic Tools Upgrade

  1. From vCenter or ESX host; Select the VM
  2. Right-Click | Guest | Install/Upgrade VMware Tools
  3. Select Automatic Tools Upgrade
  4. Enter the following parameters in the Advanced Options
    /S /v "/qn REBOOT=R ADDLOCAL=ALL REMOVE=Hgfs,WYSE"
  5. Wait for task to complete
  6. Done


Method 4

PowerCLI

  1. $ComputerName = <vm-name>
    $vCenter = <vcenter-hostname>
    Connect-ViServer $vCenter
    Mount-Tools -VM $ComputerName
    $DriveLetter = Get-WmiObject Win32_CDROMDrive -ComputerName $ComputerName | Where-Object {$_.VolumeName -match "VMware Tools"} | Select-Object -ExpandProperty Drive
    $ScriptText = "$DriveLetter\setup64.exe /S /v `"/qn REBOOT=R ADDLOCAL=ALL REMOVE=Hgfs,WYSE`""
    Invoke-VMScript -VM $ComputerName -ScriptText $ScriptText -ScriptType bat


IconNote.png Only Windows VMs are supported. Linux is not supported by version 5.1.2


Manually Mount Vmtools ISO

So again in the awesomely improved... not vCenter Web console over the old fat client... you can't tell it to install vmtools if it detects it's installed and up-to-date (Not that I found anyways). Never fear I figured out how to mount the vmtools ISO. It's simple really.

  1. Edit Settings on the VM from vCenter Web Console
  2. Select the drop down menu by the CD/DVD and choose Datastore ISO File
  3. Select vmimages | tools-isoimages | windows.iso'
  4. Then run through the install/modify steps to add the vShield Drivers.


Check vShield Manager for Clients

One way to verify that the client is reporting to the endpoint solution in vShield is to login and see if it's listed. For me it was almost immediate after adding the vShield Driver.

  1. Logon to vShield Manager Web Console
  2. Browse to Datacenters | <yourdatacenter> | <esx host of vm> | Endpoint tab
    Virtual machines should be listed with a description of Thin Agent Enabled


Related Articles


Sources

http://pubs.vmware.com/vsphere-50/index.jsp?topic=/com.vmware.vmtools.install.doc/GUID-CD6ED7DD-E2E2-48BC-A6B0-E0BB81E05FA3.html
http://kb.vmware.com/selfservice/microsites/search.do?language=en_US&cmd=displayKC&externalId=2000399
http://www.vmware.com/support/developer/PowerCLI/PowerCLI50/html/Invoke-VMScript.html