Discovering VMware guest hosts by using the vCenter API

BMC Helix Discovery enables you to discover the guest hosts that are managed by vCenter, even if those hosts are not accessible from the BMC Discovery Outpost you are using. However, the ESXi hosts on which the VMs are running must be accessible from the  BMC Discovery Outpost.The way in which BMC Helix Discovery discovers VMware ESX and ESXi hosts as described in the Discovering ESX and ESXi hosts topic.

This topic describes how BMC Helix Discovery discovers other guest hosts managed by VCenter.

When a VMware vCenter server or appliance is found and a valid vCenter credential is available, BMC Helix Discovery retrieves a list of managed ESX and ESXi hosts, and other guest hosts managed by vCenter. This requires a valid vCenter credential if the VMware vCenter server or appliance was discovered with an SNMP or a Windows credential. The IP addresses of these hosts are added, as part of the same scan range, to the list of IP addresses that are going to be scanned. 

The following credential types are used to discover guest hosts:

  • vCenter credentials—used to access a vCenter server using the vSphere API. The vCenter server then communicates with the guests. 

  • VMware guest credentials—credentials of the guest hosts' OS level users (having SSH, Windows or Powershell access) that are used to log in to individual guest hosts, and run commands on those hosts. VMware guest credentials are used for guest operation authentication. To create guest credentials, see Adding credentials.

VMware guest scanning uses the GuestOperationsManager API which interacts with the VMware tools service on the guest VM. VMware tools must be installed and running. VMware guest scanning has been tested with vSphere 5.0 and later. 


Unpatched versions of VMware vSphere have known issues when scanned by various tools. We recommend that you apply the appropriate patches to the affected systems. For more information about this issue, see the related information on BMC Discovery content reference Open link .

There are two ways of scanning a VMware guest host:

  • Indirect scanning
  • Direct scanning

Indirect scanning

BMC Helix Discovery scans an IP address as part of discovery run where VMware Guest Scanning is enabled:

  1. The scan detects a Windows host running a vCenter server, or a vCenter appliance, using one of the credential types mentioned above.

  2. If vCenter credentials are defined, they are used to connect to the vCenter server on port 443. 

  3. On a successful connection, BMC Helix Discovery retrieves a list of ESX and ESXi hosts and guest hosts managed by the VMware vCenter server.
  4. If you have supplied an additional vSphere Web API with token authentication credential, the tags for each virtual machine are also returned. 
  5. The IP addresses are added to the list of IP addresses that were specified in the original scan. As they are not requested by a user, they are referred to as implicitly scanned IP addresses.
  6. The guest hosts are scanned using VMware Guest credentials. 

The interaction between vCenter and the guest hosts is non-interactive. Any privilege elevation mechanism on the guests, (for example, sudo) should be configured to be non-interactive, otherwise the discovery will fail.

If there are user-requested IP addresses being scanned or waiting to be scanned, discovery waits until the implicit scan of IP addresses is complete, or there are no more IP addresses to scan. The IP address is removed, and the DroppedEndpoints node associated with the DiscoveryRun records OptAlreadyProcessing as the reason for removal.

Guest events in vCenter

VMware vCenter creates an event for many operations on guests, such creating temporary directories, transferring files, starting programs, checking that programs are still running, and so on. The number of events builds quickly, and may create up to a few hundred while scanning a host. If you do not have a policy for managing events, you may see excessive disk space consumed in the database. 

Required vCenter privileges

The following Virtual Machine Guest Operations Privileges are required:

Privilege Name in the API



To create temporary files in the guests and to upload the discovery script.


To run the discovery script. 


To check that the script has completed and to download the results.

Implicitly scanned IP addresses

When IP addresses are implicitly scanned, the DiscoveryRun records the total number of IP addresses as usual, but it also records counts of IP addresses whose scan was requested by a user (explicit_ip_count) and implicitly scanned (implicit_ip_count) IP addresses.

The following screenshot shows an indirectly scanned discovered guest host running Windows Server 2016:

Direct scanning

If the IP address is reachable, BMC Helix Discovery scans the guest host as a normal IP endpoint.

Intermittent retrieval of vCenter serial number (ServiceTag) 

vCenter caches the serial number (ServiceTag) value in memory rather than in its database. That cache expires after some time. Therefore, if you look at the ESX host using the vSphere client or the managed object browser, or perform a scan while the cached value is held in memory, you see the ServiceTag value, and BMC Helix Discovery retrieves it. After the value has expired, the only way to get it back is to restart the ESX host services. This behavior will only be fixed in an upcoming major vSphere release. You can view related discussions on the BMC Helix Discovery community forum.

vCenter server incorrectly reports completion of VM migration 

Occasionally, a vCenter server may incorrectly report that a VM migration has been completed, even though the migration failed. In the BMC Helix Discovery model, the SI representing the VM is moved to a different ESXi host, when in fact the migration failed. However, at the next scan, the SI will be correctly relocated.

Was this page helpful? Yes No Submitting... Thank you