This website use cookies to help you have a superior and more admissible browsing experience on the website.
Share This Article:
What is Managed Object Browser?
The Managed Object Browser (MOB) is a built-in web-based interface in VMware vSphere that exposes the underlying API structure of your virtual infrastructure. It is available on both VMware vCenter Server and VMware ESXi hosts, and can typically be accessed via a simple URL endpoint (/mob).
In simple terms, while the vSphere Client provides a user-friendly abstraction, the Managed Object Browser exposes the real backend data model that powers VMware environments. This makes it an essential tool for deep inspection, debugging, and API-level operations.
Key Features of Managed Object Browser:
- Browse Object Properties: The MOB allows you to inspect detailed properties of any managed object, including virtual machines, hosts, and datastores. This includes configuration settings, runtime states, and metadata that may not be visible in the standard UI.
- View Object Relationships: You can navigate the full object hierarchy, such as datacenter → cluster → host → VM. This helps you understand how resources are structured and interconnected across your environment.
- Invoke Methods: One of the most powerful features of the MOB is the ability to execute methods directly on objects. For example, you can trigger actions like powering off a VM or creating a snapshot without using scripts or the UI.
- Deep Linking with MOID: The MOB supports direct navigation using Managed Object IDs (MOIDs). By appending a MOID to the URL, you can quickly jump to a specific object, which is useful for automation and integrations.
How VMware vSphere Managed Object Browser work?
The Managed Object Browser works by exposing the vSphere Web Services API in a readable, web-based format. Every component in a VMware environment, such as virtual machines, hosts, and datastores, is represented as a managed object.
When you access the MOB, you start at a root object and can navigate through the entire infrastructure hierarchy. Each page represents a specific object and includes three key elements:
- Properties – Detailed configuration and runtime state of the object
- Methods – Actions that can be executed on the object
- References – Links to related objects within the environment
This structure reflects how VMware internally models its infrastructure. Instead of interacting through a graphical layer, you are directly navigating the same objects and methods used by APIs, SDKs, and automation tools.
Because of this design, the MOB essentially acts as a live API explorer. It allows you to:
- Traverse object relationships step by step
- Inspect real-time data at a granular level
- Trigger operations directly through method calls
While powerful, this direct access also means there are no abstraction layers or safety controls, so any action taken through the MOB is executed immediately on the system.
How to access and navigate the Managed Object Browser object model
Accessing the Managed Object Browser is straightforward, as it is built directly into both VMware vCenter Server and VMware ESXi.
Access via vCenter
To access the MOB on vCenter, open a browser and enter:
https://<vcenter-server>/mob
You will be prompted to log in with your vCenter credentials. Once authenticated, you’ll land on the root object (ServiceInstance), from which you can navigate the entire inventory.
Access via ESXi Host
You can also access the MOB directly on an ESXi host using:
https://<esxi-host>/mob
This provides a host-level view, which is useful for troubleshooting specific hosts or standalone environments.
Login Requirements
Access to the MOB requires valid credentials with sufficient permissions. Typically, administrative or read-only roles can view object data, but executing methods may require higher privileges. If access fails, verify user roles and API access permissions.
Navigate the MOB object model
1. From ServiceInstance, click “content” to access core vSphere service managers.
2. Select “rootFolder” to view your datacenter (typically labeled with a group-d prefix).
3. Click “vmFolder” to browse virtual machines, identified by vm- prefixed moRef IDs.
4. Explore key object sections such as guest for guest OS details, summary for hardware and configuration, and runtime for power and health status.
Key terms to recognize:
- moRef ID: Unique identifier for every vSphere object (VMs, hosts, datastores).
- Property Path: Hierarchical string used in automation to reference attributes.
- Methods: API actions you can invoke directly, such as snapshot or power operations
How to enable or disable MOB step by step
In many environments, the Managed Object Browser is disabled by default—especially on ESXi hosts—for security reasons. Since it allows direct API interaction, enabling it should be done carefully.
Why MOB Is Disabled by Default?
The MOB exposes internal object structures and allows direct method execution without safeguards. This can introduce security risks, such as unauthorized changes or information exposure. As a result, security benchmarks often recommend keeping it disabled unless needed.
How to Enable MOB?
On an ESXi host, you can enable the MOB through advanced settings:
Step 1. Log in to the ESXi Host Client
Step 2. Go to “Configure” > “System” > “Advanced System Settings”.
Step 3. Search for the parameter: Config.HostAgent.plugins.solo.enableMob
Step 4. Set its value to “true“
Step 5. Apply the changes
Once enabled, the MOB will be accessible via the /mob URL.
How to Disable MOB
After completing your troubleshooting or inspection tasks, it’s recommended to disable the MOB:
Step 1. Return to “Advanced Settings“
Step 2. Set “Config.HostAgent.plugins.solo.enableMob” to “false“
Step 3. Save the configuration
Disabling the MOB reduces the attack surface and aligns with VMware security best practices, especially in production environments.
Practical MOB Use Cases: Step-by-Step Examples
Create a VM Snapshot for Troubleshooting
Step 1. Locate the VM’s moRef ID from logs or the MOB hierarchy.
Step 2. Navigate to https://<IP>/mob/?moid=<VM-moRef-ID>.
Step 3. Click “CreateSnapshot_Task“.
Step 4. Enter a name, set memory and quiesce options, then click Invoke Method.
Step 5. Confirm the snapshot appears in the vSphere Client and remove it after testing.
Verify VMotion Compatibility
Step 1. From the main ServiceInstance page, invoke QueryVMotionCompatibility.
Step 2. Input the moRef IDs of the VM and target host.
Step 3. Review the output to identify compatibility barriers such as CPU or network mismatches.
MOB for VMware automation
MOB is extremely useful for building reliable automation scripts by confirming exact property paths used in APIs.
PowerCLI Example:
Connect-VIServer -Server <vCenter-IP>
$vm = Get-VM -Name "ExampleVM"
# Match MOB property paths
$vm.ExtensionData.Guest.HostName
$vm.ExtensionData.Summary.Config.GuestFullName
These paths directly reflect what you see in MOB, ensuring script accuracy.
vRealize Orchestrator (vRO) Example
Within a vRO workflow using a VC:VirtualMachine input:
System.log("VM Hostname: " + vm.guest.hostName);
System.log("Guest OS: " + vm.summary.config.guestFullName);
MOB validates which properties are available and how to access them, reducing script errors.
Support Third-Party Monitoring
Tools like Site24x7 use MOB to collect raw object data for deep VMware monitoring. Enabling MOB allows the poller to access moRef IDs and real-time properties for accurate performance and health tracking.
Troubleshooting Common VMware MOB Issues
1. HTTP 503 Service Unavailable
MOB is disabled. Re-enable it using the Config.HostAgent.plugins.solo.enableMob advanced setting.
2. HTTP 401 Unauthorized
Credentials are incorrect. Verify your vSphere SSO or ESXi username and password.
3. Blank or Unresponsive Page
Clear browser cache or use incognito mode. High object counts may also slow loading — use direct moRef URLs for faster access.
4. SSL Certificate Warnings
Normal for self-signed VMware certificates. Proceed for internal use or install trusted certificates.
5. Method Invocation Failures
Check if the VM or host is in a valid state (e.g., powered on for snapshot operations). Confirm permissions and retry.
Improve VMware Data Protection Beyond MOB
While the Managed Object Browser helps you understand and troubleshoot your environment, it does not provide any protection against data loss, system failure, or ransomware.
To ensure business continuity, organizations should implement dedicated backup and disaster recovery solutions such as real-time replication, automated failover, and policy-based backup management.
For example, enterprise solutions like Info2soft’s i2Backup and i2Availability are designed to:
- Protect VMware workloads with continuous data replication
- Enable fast recovery with low RPO and RTO
- Simplify backup management across complex environments
By combining deep visibility tools like MOB with robust data protection strategies, you can build a more resilient and secure VMware infrastructure.
Conclusion
The Managed Object Browser is a powerful yet often misunderstood tool within VMware vSphere. It provides unmatched visibility into the underlying object model and enables direct interaction with the vSphere API.
However, with this power comes risk. The MOB is best used as a specialized tool for troubleshooting, debugging, and API exploration, rather than for everyday management. For production environments, it’s important to rely on safer, more controlled tools.
{{ author_info.name }}
{{author_info.introduction || "No brief introduction for now"}}
More Related Articles
Table of Contents:
Stay Updated on Latest Tips
Subscribe to our newsletter for the latest insights, news, exclusive content. You can unsubscribe at any time.
Ready to Enhance Business Data Security?
Start a 60-day free trial or view demo to see how Info2Soft protects enterprise data.
Please fill out the form and submit it, our customer service representative will contact you soon.
By submitting this form, I confirm that I have read and agree to the Privacy Notice.
