You can obtain information from a Virtual Machine via its VMTools service via the VMware PowerCLI, here is a simple working example you can build from to determine ID 1808 which shows that the machine has successfully completed its Secure Boot remediation (i.e. installing the new 2023 certificates to NVRAM and swapping to the new Boot Manager signed by the 2023 certificates).
Obviously don’t have the credentials written directly into the file, add something to collect them from a Secrets Manager or arguments, environment variables instead!
$VMHost = "host.domain.com"
$hostUsername = "root"
$hostPassword = "password"
$guestUsername = "DOMAIN\Administrator"
$guestPassword = "password"
$vm = "myVirtualMachine"
$hostConnect = Connect-VIServer $VMHost -User $hostUsername -Password $hostPassword
$scriptOutput = Invoke-VMScript -VM $vm -ScriptType Powershell -ScriptText {Get-EventLog -LogName System -InstanceId 1808 -ErrorAction SilentlyContinue} -GuestUser $guestUsername -GuestPassword $guestPassword -ErrorAction SilentlyContinue -WarningAction SilentlyContinue
Write-Host
Write-Host "Example Invoke-VMScript" -ForegroundColor Cyan
Write-Host
if ($scriptOutput) {
Write-Host "$vm = " -NoNewline
Write-Host "Secure Boot Remediation Complete" -ForegroundColor Green
} else {
Write-Host "$vm = " -NoNewline
Write-Host "Secure Boot Incomplete!" -ForegroundColor Red
}
Disconnect-VIServer -Server $hostConnect -Confirm:$false