Client applications that launch automatically for unattended operations, such as cron jobs and software agents, must be able to log in to the ESX/ESXi hosts without user assistance.

The vSphere Web Services SDK provides client-side credential store libraries and tools for automating the login process in a more secure manner. After the credential store has been set up, system administrators are no longer required to keep passwords in local scripts. The credential store can be set up for an ESX/ESXi system, or for a vCenter Server system. If an application authenticates itself to a vCenter Server system, it requires no additional authentication to access any of the ESX/ESXi systems managed by that vCenter Server system.

The credential store consists of the following.

  • A persistence file used to store authentication credentials. Currently, only passwords are supported. The persistence file maps a remote user account from an ESX/ESXi host to that user's password on the host.
    Important: The passwords in the file are obfuscated but not encrypted. You must protect the file by other means and carefully control who can access it.
  • vSphere Web Services SDK (C# and Java) and vSphere SDK for Perl libraries for programmatically managing the file. vSphere Web Services SDK and vSphere SDK for Perl access the same credential store.