Skip to main content

 Troubleshooting Invoke-VMScript Failures During Guest OS Onboarding in Aria Automation

https://knowledge.broadcom.com/external/article?articleNumber=389569

Products

VMware Aria Suite

Issue/Introduction

When onboarding new operating system versions into VMware Aria Automation to deploy through a blueprint, workflows that rely on Invoke-VMScript may fail. This is commonly observed in Salt integration ABX actions or other automation scripts executed against the guest OS.

Environment

VMware Aria Automation 8.x

Windows Server 20xx

Linux distributions

PowerShell-based Invoke-VMScript functions

Salt Integration and ABX actions

Cause

  • The guest OS lacks the required credentials for the automation user attempting to execute Invoke-VMScript.
  • Newly added OS templates may not have the same pre-configured user settings as previously deployed OS versions.
  • The automation user does not have sufficient permissions to execute remote scripts via PowerShell inside the guest OS.

Note: The examples used below reference PowerShell for Windows versions but applies similarly to Linux/Unix with bash or python.

Resolution

Ensure Guest Credentials Are Configured in the VM Template:

    • Before deploying a new OS version, add the automation user to the OS image with the correct permissions.
    • Verify that the user has the ability to run remote PowerShell scripts inside the guest OS.

Validate Permissions for Invoke-VMScript Execution:

    • Run a manual test using PowerShell inside the guest VM to confirm that Invoke-VMScript can execute successfully.
    • Ensure that UAC policies or security restrictions are not blocking execution.

Check Automation Logs for Errors:

    • Review logs in Aria Automation (cgs-service-app.log) for any errors related to missing parameters for Invoke-VMScript.
      Action run failed with the following error: "02/27/2025 01:28:17\tInvoke-VMScript\t\tValue cannot be found for the mandatory parameter VM\t"]
    • If necessary, update the automation workflow to include the correct credentials or retry deployment with the updated OS template.

Additional Considerations:

  • This issue is more likely to occur when introducing new OS images into Aria Automation.
  • Configurations that worked with previous OS versions may not apply to newly created templates, requiring credential verification.
  • If errors persist, verify that Salt minion installation and remote execution permissions are properly configured.


Comments

Post a Comment

Popular posts from this blog

  Issue with Aria Automation Custom form Multi Value Picker and Data Grid https://knowledge.broadcom.com/external/article?articleNumber=345960 Products VMware Aria Suite Issue/Introduction Symptoms: Getting  error " Expected Type String but was Object ", w hen trying to use Complex Types in MultiValue Picker on the Aria for Automation Custom Form. Environment VMware vRealize Automation 8.x Cause This issue has been identified where the problem appears when a single column Multi Value Picker or Data Grid is used. Resolution This is a known issue. There is a workaround.  Workaround: As a workaround, try adding one empty column in the Multivalue picker without filling the options. So we can add one more column without filling the value which will be hidden(there is a button in the designer page that will hide the column). This way the end user will receive the same view.  
Post a Comment
Read more

57 Tips Every Admin Should Know

Active Directory 1. To quickly list all the groups in your domain, with members, run this command: dsquery group -limit 0 | dsget group -members –expand 2. To find all users whose accounts are set to have a non-expiring password, run this command: dsquery * domainroot -filter “(&(objectcategory=person)(objectclass=user)(lockoutTime=*))” -limit 0 3. To list all the FSMO role holders in your forest, run this command: netdom query fsmo 4. To refresh group policy settings, run this command: gpupdate 5. To check Active Directory replication on a domain controller, run this command: repadmin /replsummary 6. To force replication from a domain controller without having to go through to Active Directory Sites and Services, run this command: repadmin /syncall 7. To see what server authenticated you (or if you logged on with cached credentials) you can run either of these commands: set l echo %logonserver% 8. To see what account you are logged on as, run this command: ...
Post a Comment
Read more
  The Guardrails of Automation VMware Cloud Foundation (VCF) 9.0 has redefined private cloud automation. With full-stack automation powered by Ansible and orchestrated through vRealize Orchestrator (vRO), and version-controlled deployments driven by GitOps and CI/CD pipelines, teams can build infrastructure faster than ever. But automation without guardrails is a recipe for risk Enter RBAC and policy enforcement. This third and final installment in our automation series focuses on how to secure and govern multi-tenant environments in VCF 9.0 with role-based access control (RBAC) and layered identity management. VCF’s IAM Foundation VCF 9.x integrates tightly with enterprise identity providers, enabling organizations to define and assign roles using existing Active Directory (AD) groups. With its persona-based access model, administrators can enforce strict boundaries across compute, storage, and networking resources: Personas : Global Admin, Tenant Admin, Contributor, Viewer Projec...
Post a Comment
Read more