I’ve recently been trying to secure our ESX hosts to a higher level, and have been trying this with a host on site with the above advanced setting set to true.
Zerto won’t install the VRA with that active, unless the host root password is fed at install. However after this is done it continually disconnects from the ZVM, and won’t replicate protected servers.
I note the release notes for 9.0 state “Zerto does not support enabling VMkernel.Boot.execInstalledOnly on ESXi advanced system settings” – are there any plan to address this?
As a certified VMware partner I would have thought signing the vib packages would have been a fairly easy step?
Has anyone else seen this issue?
We are experiencing this as well today on a Zerto 8.5 U3 Patch 1.
We have just started deploying this setting today on a single host and run into this exact issue.
Thanks for the heads up but we will need to get this fixed as well.
I’m in the process of prioritizing this into our roadmap. If you are experiencing this issue and need to change the policy to only allow signed vibs, please vote on the feature here:
We would like to enable the “VMkernel.Boot.execInstalledOnly” setting as well. I am unable to vote on the feature since I do not have an Aha account.
Customer facing link for voting on the feature request — please add your votes/comments