Update the Unified Access Gateway Appliance Using PowerShell

Hi, Today I decided to Update the Unified Access Gateway Appliance (UAG) with PowerShell.

What is UAG?

Unified Access Gateway equips remote workers anywhere, anytime with secure access to Horizon virtual desktops and applications.

How can I update it?

UAG doesn’t have an update engine solution on itself. You must install it again from scratch, and replace the configuration on it. You must spend more time installing it again. But you can use the PowerShell script for quick deployment.

What is the requirement?

1- You need to download Unified Access Gateway (UAG) PowerShell Scripts.

2- You need to download the INI file of the UAG configuration.

3- You need to download the OVF Tool. (The PowerShell deploy script requires these tools)


Step 1- Download the OVF Tool from Here.

I downloaded the OVF Tool for Windows 64-bit.

1-1 -Install the OVF Tool on the VM where you are going to run the UAG Deploy script.

1-2 – Click Next

1-3 – I accept the terms in the License Agreement.

1-4 – Choose the destination Folder

1-5 -Install it.

1-6- Click on the Finish button

Step 2– Download the Unified Access Gateway OVA from the Customer Connect portal to your machine.

You download the latest version.

Step 3– Create an INI configuration file for the Unified Access Gateway virtual appliance.

3-1 – Login to UAG server: https://UAG_Address_Server:9443/admin

3-2 – Click on the Configure Manually button

3-3 – In the Support Settings Section, Click on the INI and download it.

Step 4– Download the Unified Access Gateway (UAG) XXX PowerShell Scripts files into a folder on the machine. The ZIP files are available on the Customer Connect page for the Unified Access Gateway.

4-1 – Extract the Zip file and copy and paste the UAG ova file and INI file here.

Step 5– open UAG_Settings.ini, you need to configure these parameters:

5-1 – You can choose diskMode deployment is thin or thick:

5-2 – You must write the vsphere datastore name for deploying UAG OVA.

5-3 – Give a name for your UAG VM.

name= khoshraftar-UAG01

5-4 – Enter the Backend Network port group

netBackendNetwork= Edge-PG-MGMT-V3001

5-5 – Enter the Internet Network port group

netInternet= khoshraftar-DMZ

5-6 -Enter the management Network port group


5-4 – You must write the path of UAG OVA

source= C:\uagdeploy-\uagdeploy\euc-unified-access-gateway-

5-5 – You must write vCenter_name/ Datacenter_name/ host/ Cluster_name

(you must use host in your address)

target= vi://vc01.khoshraftar.com/DatacenterA/host/ClusterMGMT/

5-6 – If you have an error, you can change secureRandomSource from default to /dev/random

secureRandomSource= /dev/random

5-7 – save the INI file.

Step 6– Open PowerShell as administrator and use this command

& "C:\uagdeploy-\uagdeploy\uagdeploy.ps1" -iniFile "C:\uagdeploy-\uagdeploy\UAG_Settings.ini"

I use &, Because I have quotes in INI and PS1 path, PowerShell executes the path instead of just echoing the string.

6-1 – Enter admin user password for UAG

6-2 – Re-enter the admin user password for UAG

6-3 -Enter the admin user password for UAG Admin UI and Rest API

6-4 -Re-enter the admin user password for UAG Admin UI and Rest API

6-5 – For CEIP, enter no.

6-6 – Accept SSL fingerprint

6-6 – Enter the Username and Password of the vCenter server

6-7 -Deploying Start

The transfer is completed.

For more information, use this link.

Finish 🙂

How to join ESXi to the domain and set Active Directory groups to log in to ESXi via PowerShell.

Hi, Today I want to set the ESXi host to join to the domain and I adjust Active Directory groups to log in to ESXi with domain’s account, through PowerShell.

1- Run PowerShell as Administrator

2- Install VMware powercli

Install-Module VMware.PowerCLI

3- Connect to vCenter

Connect-VIServer -Server "your Server FQDN or IP address" -user "your username"

4- Enter your vCenter username and password

5- Create a variable

$ESXiHost = Get-VMHost

6- Join to Domain

$ESXiHost | Get-VMHostAuthentication | Set-VMHostAuthentication -JoinDomain 
"DomainName" -user "Username" -password "password" -Confirm:$false

7- Add your Active Directory Group that member’s of that group want login to ESXi Host.

$ESXiHost | Get-AdvancedSetting -Name Config.HostAgent.plugins.hostsvc.esxAdminsGroup | Set-AdvancedSetting -Value "Group Name"

For Example:

Connect-VIServer -Server vcenter.khoshraftar.com -User administrator@vsphere.local

$ESXiHost = Get-VMHost

$ESXiHost | Get-VMHostAuthentication | Set-VMHostAuthentication -JoinDomain -Domain khoshraftar.com -user khoshraftar -password *******  -Confirm:$false

$ESXiHost | Get-AdvancedSetting -Name Config.HostAgent.plugins.hostsvc.esxAdminsGroup | Set-AdvancedSetting -Value  VirtualizationTeam  

Now, I have a username that is a member of VirtualizationTeam, I can login with it to ESXi UI.

Finish 🙂