Go Premium for a chance to win a PS4. Enter to Win

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 84
  • Last Modified:

Adding full "Virtual machine" privilege to a role over PowerCLI

I've set up some very simple scripts to set up some roles on hosts and add permissions to those roles. I've been able to get other privileges in there ("resource","datastore",etc), but for some reason I can't add the "Virtual machine" permission or group. If I run get-viprivilege -name "virtual machine" it gives me the result of Virtual machine meaning it's there, right? I've even tried using the get-viprivilege results as my target and no luck. Is there some other name I need to provide for it to know I'm looking for everything under the Virtual machine category?

$hosts=(get-vmhost|select Name)
$hosts|%{set-virole -server $_.Name -role <ROLENAME> -addprivilege "Virtual machine","resource","Datastore","vApp","Performance"}
0
Dustin Wade
Asked:
Dustin Wade
2 Solutions
 
Dustin SaundersDirector of OperationsCommented:
There's a problem with setting Virtual Machine that way because it's nested under another layer of options.  You need to get all those options first, then set them.

$p = Get-VIPrivilege | ?{$_.ParentGroupID -like "VirtualMachine*"}
Set-VIRole "rolename" -AddPrivilege $p

Open in new window


This would apply all the resulting Virtual Machine privileges.
*note the edit, forgot a part of the code.
0
 
Dustin WadeSystems AnalystAuthor Commented:
Ok, awesome. I was able to modify this into what I was using so now I have the following which will find this permission and add it to all of our esxi hosts:


$hosts=(get-vmhost|select Name)
$hosts|%{
$priv = Get-VIPrivilege -server $_.Name| ? {$_.ParentGroupID -like "VirtualMachine*"}
set-virole -server $_.Name -role <ROLE> -addprivilege $priv
}

Thanks, Bahman
0

Featured Post

Free Tool: Site Down Detector

Helpful to verify reports of your own downtime, or to double check a downed website you are trying to access.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

Tackle projects and never again get stuck behind a technical roadblock.
Join Now