Today I was testing Host Profiles (again) and I must say it works a lot better than during my previous tests. There was only one thing very annoying during my tests. When the host was in maintenance mode, I applied the Host Profile and performed a check. Everything was OK and the host was compliant. But when the host was out Maintenance mode and I checked if the host was still compliant, I received the following message:
Unfortunately there’s no knowledgebase article which describes those messages so I started to Google and found a post on the VMware Communites by khushal: http://communities.vmware.com/message/1357268
1. Open vCenter go to Home — > Management –> Host Profiles
2. Right Click on the Host Profile you are using for your Cluster and Select Edit
3. Expand the profile Profile
– Profile-name
– Firewall configuration
* – Ruleset Configuration*
* – faultTolerance*
Select Ruleset and check the checkbox in right hand “*Flag Indicating whether ruleset should be enabled”
Click OK.
and check Compliance again in Cluster.
To fix the annoying messages I did change the aam and faultTolerance settings via:
Edit Profile –> Firewall configuration –> aam –> ruleset:
Enable the checkbox:
Repeat the steps for the faulttolerance setting.
Now you can check the compliance via:
Or you can run the following PowerCLI one-liner to check the compliance of al your hosts in a cluster:
Get-Cluster <clusterName> | Get-VMHost | Sort Name | % {Test-VMHostProfileCompliance -VMHost $_}
ICT-Freak.nl 
Dit was weer een nuttig resultaat van mijn zoekopdracht. Dank!