• In vSphere Configuration Profiles(VCP) clusters, upgrading the ESXi hosts to vSphere 8.0U3 could cause a drift in SNMP, Lockdown Mode and PCI device settings.
• Following settings will show as out of compliance

Host is out of compliance with desired configuration.

  /host-specific/uid/esx/system/snmp/engine_id
/profile/esx/authorization/lockdown_settings/exception_users
/profile/esx/authorization/lockdown_settings/mode
/profile/esx/authorization/permissions/0
/profile/esx/system/snmp/enabled

  Error Message:
  
  

Follow the steps mentioned below to absorb all of the reported drifts into the desired configuration:

• Select the VCP cluster from the inventory then "Configure tab → Configuration → Draft → Import From Host" option on the UI. This will pull configurations from all the hosts and create a new draft that is compliant with all the hosts.
  
  
  
  
• Select any host in the cluster as a reference host. A new draft will be created using settings from all hosts in the cluster. The draft can be modified if required.
  
  
  
  
• Select the VCP cluster from the inventory then "Configure tab → Configuration → Draft → Show Changes" option on the UI to see the settings to compare the draft with the desired configuration of the cluster.
  
  
  
  
• Select the VCP cluster from the inventory then "Configure tab → Configuration → Draft → Apply Changes" to save the draft as new desired configuration of the cluster. This also triggers a remediate operation on the cluster.
  
  
  
  
• Once the "Apply changes" completes, check-compliance is triggered automatically and the hosts should become compliant.