Broadcom Locking VMware Updates to Require Download Token for Site ID
Well, more tightening with VMware by Broadcom. Broadcom has announced major changes to the way VIAdmins are getting updates in their environments. Let’s take a look at how Broadcom locking VMware updates and what those changes are and what you need to do moving forward.
Table of contents
What is changing?
Up until today, as we all know, we have been able to simply point to the depot.vmware.com site and get our updates in products like vCenter Server and VMware ESXi hypervisor. However, Broadcom is now deprecating this functionality as a “free” way to get updates.
- These URLs will continue to work until 4/23/2025. After this, they will no longer work without the unique tokens as part of the download request.
Now, Broadcom is taking this a step further by now requiring a token be generated based on the SiteID of the customer. The SiteID is a new construct for Broadcom licensing that ties a user/organization with their licensing and support. So, downloads are now hinged on this SiteID before they will be able to pull updates from the download site.
Below is the message users are now seeing when logging into their Broadcom support portal:
You can read the official KB article here: VCF Authenticated downloads Configuration Update Instructions.
What products are affected currently with this change?
Note the following products that are currently affected with this change to VMware downloads:
- VMware vCenter Server 7.x
- VMware vCenter Server 8.x
- VMware vSphere ESXi 7.x
- VMware vSphere ESXi 8.x
- SDDC Manager 4.5.x
- SDDC Manager 5.x
- Offline Bundle Transfer Utility (OBTU)
- Async Patch Tool (AP Tool)
- Update Manager Download Service (UMDS)
- vSAN File Services
Relevant KB articles
The VMware KB has documented the following relevant KB articles on how to update your download repository URLs for each of the products in the portfolio. Take a look at the relevant table below with links to the KBs you need for either manually updated the repo URLs or using the VMware-provided script.
| Depot | Component | Scripted Method | Manual Method |
| VCF Depot | SDDC Manager | KB389276 | KB389871 |
| Offline Bundle Transfer Utility (OBTU) | Not Available | KB390119 | |
| Async Patch Tool (AP Tool) | Not Available | KB390122 | |
| vApp Update (vCenter) | vCenter Server | KB389276 | KB390120 |
| Host Update (ESXi) | vSphere Lifecycle Manager (vLCM) and VMware Update Manager (VUM) | KB389276 | KB390121 |
| Update Manager Download Service (UMDS) | Not Available | KB390123 | |
| Auto Deploy / Image Builder | Not Available | KB391021 | |
| vSAN File Services | vSAN | Not Available | KB390237 |
Running the update script
The preferred method to remediate and change your update repos to include the token is by using the PowerCLI script that VMware by Broadcom has provided.
With the script, you can add automation to your workflow to get this remediated across your environments and it takes the human error out of the equation.
Below, the vCenter Server is still set to the default depot location:
Walkthrough of the process to use the script to update
I have created a separate VHT forum post located below that walks you through the process to update your default depot location to the new URL and using the download token:
I have created a detailed forum post of me walking through the process to use the VMware-provided script to add the download token to the new Broadcom URL:
All in all, the process to add the download token to the new URL is fairly painless along with the script. This is the workflow that I think most will opt for opposed to manually updating the URL and adding the download token to that URL.
Impact on the community
I think the news of Broadcom locking VMware updates is going to impact the community again in a negative way. It further reinforces the fact that there are no more “freebie” VMware solutions, even from an update standpoint. So, if home labbers were not planning on getting certified to get VMUG licensing, and just running with old distros, this will mean no new updates. Let me know in the comments what you think about the new changes for updates. How does this affect you in the home lab? Are you sticking with VMware for the home lab? If not, what virtualization stack are you migrating to?
Hi Brandon, good post. I have the feeling that each time VMware/Broadcom makes a move, the community suffers more. Now even the updates are locked. How do we say: Will this be the last nail in the coffin? Considering that homelabbers have now mandatory VCF certification before getting Free 1 year license, I think the community size will start to shrink rapidly as not everyone will get back and sit the certification. Open source alternatives will starts shining as the backup vendors steps in and support those solutions. The richest enterprises will keep VMware, smaller will use something else.
Vladan,
Thank you for your kinds workds. I have admired your work in the VMware community over the years! I totally agree. It is sad to see a product that we have all known and been excited about for years be paywalled at every turn and bled for all the revenue that can be gained from it. Time will tell, but from what I am seeing, I think you are spot on. Most will not sit the exam to attain license keys that we were easily able to get before with VMUG membership only and so many are jumping ship for Proxmox and other alternatives out there that basically allow them to do what they are doing in their labs with VMware. As you mention large organizations may afford to keep VMware for the short term, but I suspect they will be looking at some type of strategy over time to at least lessen their dependency there. Thanks again Vladan, I hope you are good my friend. Take care!
Brandon
Hello Brandon: Yes, my current home lab was/is built on VMware, and I use VMware Workstation a lot.
The hospital that I work for is leaning heavily toward Nutanix, I’ve not actually looked at it closely yet, but will be soon.
At home I’m going to migrate to Proxmox VE, Simple – gets the job done. I like VMware, been using it since its creation, sad to see it go – but not paying the Broadcom prices for a lab environment.
Stephen,
Thanks for sharing. I totally agree. I have been around since its inception too and sad to see how an acquisition can do this to a great product. Community will definitely shrink drastically because of this I suspect. Time will tell, but overall not good. I am also likely going the Proxmox route for my lab at home.
Brandon
I have to agree, as someone who has used free ESXi since v4/5 (I think) I am pretty much done as I replace systems. I am not a huge fan of Proxmox from what I have played with it, but it will likely be where many of us go. It’s a shame that Broadcom will likely gut its future user base in just about every way. I tried to use Vmware products where I could because they were what I was usually moving what I worked on to for my employer and while VMUG was great I am not a Vmware admin anymore it was just convenient to stay with something I knew and my employers used so I really see no reason to continue VMUG if they are going to force me to get yet another cert in addition to the others I already have to perform many CEUs/Fees for to maintain. Oh well, life moves on.
Dave,
I appreciate you sharing your experiences as well. It is definintely a shame that a great product can literally be killed by an acquisition like this. Broadcom is known for this overall and likely will squeeze everything they can from VMware before moving on to their next acquisition. The piece they are missing I feel is that the community is what made VMware great and while it was still just standalone VMware, they embraced the community very well. With all the red tape added by Broadcom, it is evident this is no longer the case. As a result, the newer generation of admins and virtualization enthusiasts will no longer have their hands on it, and will recommend something else as time goes on.
Brandon
I’m so close to retirement that I don’t care any longer! Been working for OEM’s for 35+ years and I was at EMC when VMWare was originally acquired…. I watched Dianne Green walk on-stage in front of a stadium full of sales and engineers in Boston. Started working with the product from there, and usually had a ‘vendor’ track to get keys for various products. I’ve watched this mature from a relatively simple solution to what its become today – a huge “tax” on the cloud operating model!
Open Source alternatives are beginning to move into high gear here, watching Nutanix (and even Microsoft to a more limited degree) take advantage of Broadcom’s greed, it doesn’t take a degree to see where this is ultimately heading. Large enterprises, while they can afford to pay up, aren’t happy and are looking at alternatives now. Canonical, Red Hat and others are quite well positioned to capitalize. I’ve dealt with some very large F-50 companies that have been building their own development teams in the last decade, just to avoid situations like this. Community supported Ill argue is almost BETTER than OEM, mainly as there isn’t a credit-card machine waiting for every question!
Time will tell what the final outcome of this one is, but I suspect its similar to the old saying (in the industry anyway)… “all good products go to HP to die”, just a different company in this case.