iLO inventory in Multi-Domain ESXi environment

On enterprise companies, you might find a vCenter managing few DNS zones (a.serv.corp, b.serv.corp etc.). There might be a situation where there are few vCenters, each manages a different domain. Keeping track on HP iLO* IPs is easier when you register the iLO IP in the DNS, and use “ilo” as a prefix to each server – for example, esx01 iLO address will be ilo-esx01 and so on. It all works until it doesn’t, since host name changes, and maintaining it for more than just a few ESXi hosts can be demanding. Enters PowerShell.

I’ll assume you have some PowerShell / PowerCLI experience, and you know how to add the right snapin, and connect to the relevant vCenter(s).

First, add the Get-VMHostWSManInstance function, with prerequisites described here:

 function Get-VMHostWSManInstance {
            param (
            [Parameter(Mandatory=$TRUE,HelpMessage="VMHosts to probe")]
            [Parameter(Mandatory=$TRUE,HelpMessage="Class Name")]
            $omcBase = ""
            $dmtfBase = ""
            $vmwareBase = ""
            if ($ignoreCertFailures) {
                    $option = New-WSManSessionOption -SkipCACheck -SkipCNCheck -SkipRevocationCheck
            } else {
                    $option = New-WSManSessionOption
            foreach ($H in $VMHost) {
                    if ($credential -eq $null) {
                            $hView = $H | Get-View -property Value
                            $ticket = $hView.AcquireCimServicesTicket()
                            $password = convertto-securestring $ticket.SessionId -asplaintext -force
                            $credential = new-object -typename System.Management.Automation.PSCredential -argumentlist $ticket.SessionId, $password
                    $uri = "https`://" + $h.Name + "/wsman"
                    if ($class -cmatch "^CIM") {
                            $baseUrl = $dmtfBase
                    } elseif ($class -cmatch "^OMC") {
                            $baseUrl = $omcBase
                    } elseif ($class -cmatch "^VMware") {
                            $baseUrl = $vmwareBase
                    } else {
                            throw "Unrecognized class"
                    Get-WSManInstance -Authentication basic -ConnectionURI $uri -Credential $credential -Enumerate -Port 443 -UseSSL -SessionOption $option -ResourceURI "$baseUrl/$class"


Using System.Net.DNS .Net class isn’t enough for us, since we want to query few domain DNS servers.

You’ll need the DNSShell module installed in order to reverse lookup in each of the domains:

Import-Module DnsShell

Please note that this module might not work well on 32Bit PowerShell version, so use 64Bit PowerShell console.

From this point, the script itself is straight forward, gathers all the data required including: vCenter Name, VMHost Name, Domain, iLO-IP, iLO-DNS.

Get-VMHost | Select `
@{n="vCenter"; e={($_.uid.split("@")[1]).split(":")[0] }},
@{n="VMHostName"; e={$_.Name}},
@{n="Domain"; e={$script:domain = ($_ | Get-VMHostNetwork).DomainName; $domain}},
@{n="iLOIP"; e={$script:ip = (Get-VMHostWSManInstance -VMHost ($_) -ignoreCertFailures -class OMC_IPMIIPProtocolEndpoint).IPv4Address; $ip}},
@{n="iLODNS"; e={((Get-Dns -Server $domain -Tcp $ip).Answer | Select -ExpandProperty RecordData) -join ","}} | Export-Csv -Path F:\Scripts\Output\iLO-inventory.csv F -NoTypeInformation


Output will look like:



* HP iLO is referenced here, script will work for any other IPMI technology such as Cisco CIMC, Dell DRAC, etc.

1 reply
  1. Joschua
    Joschua says:

    We have vCenter 6.5U1 with ESXi 6.5U1 Hosts which always throw “Permission Denied” from New-CimSession. Some older Hosts running and ESXi 6.0P5 are working fine.
    Any update for this Script would be great!


Leave a Reply

Want to join the discussion?
Feel free to contribute!

Leave a Reply

Your email address will not be published.