VMware: Disable Managed Object Browser (MOB)

The managed object browser provides a way to explore the object model used by vCenter to manage the vSphere environment; it enables configurations to be changed as well.

This interface is used primarily for debugging the vSphere SDK. This interface might potentially be used to perform malicious configuration changes or actions.

In order to disable the datastore browser you will need to edit the ‘vpxd.cfg’ file, to ensure the‘ enableDebugBrowse’ is set to false, as below:

<vpxd>
     <enableDebugBrowse>false</enableDebugBrowse> 
</vpxd>

Once the above configuration change has been made, restart the ‘VMware VirtualCenter Server’ service to apply the change. Once disabled the managed object browser will no longer be available for diagnostics.

For disabling the managed object browser at a host level, see http://pubs.vmware.com/vsphere-55/index.jsp?topic=%2Fcom.vmware.vsphere.security.doc%2FGUID-0EF83EA7-277C-400B-B697-04BDC9173EA3.html.

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s