Solved: Re: Help - Automating the AD-Groups to Roles Assig...

shaggy_041086 · ‎01-18-2013

Hi all, I have this doubt -

We are migrating from vSphere 4.1 to 5.1

Not through update manager, but by manually adding hosts to a 5.1 build !!

Here is the thing, every VM that will be imported/created/deployed to this new vCenter 5.1 will have a matching AD-Group pre-setup by our admin guy!!

For-eg, if the VM name is vm_0123, a Group called "SVR_VM_0123" would be ready and waiting to be assigned to this specific VM and then to a Role. And this permission will be defined on the VM level.

And now, all the VMs that will be added from 4.1 to 5.1 have their groups setup!

So can we automate the "assigning process" of permissions on each imported/created VM (A common role to the respective groups) through PowerCLI??

Any suggestions or questions are welcome!!!

Thanks

LucD · ‎01-18-2013

I assume you have the VM name in variable $vmName, then you could do

$vm = Get-VM -Name $vmName
New-VIPermission -Entity $vm -Principal ("SVR_" + $vmName) -Role $role

You can place those lines in a loop.

That could for example be a loop controlled by the content from a CSV file.

Something like this

Import-Csv C:\vmnames.csv | %{
$vm = Get-VM -Name $_.vmName
New-VIPermission -Entity $vm -Principal ("SVR_" + $_.vmName) -Role $_.role
}

This assumes the CSV file would look something like this

"vmName";"role"
"vm1","administrator"
"vm2","read-only"

Blog: lucd.info Twitter: @LucD22 Co-author PowerCLI Reference

View solution in original post

LucD · ‎01-18-2013