Re: Script to remove users from folder is trying t... - Page 2

emcclure · ‎08-27-2019

Hello,

I have this script that can remove a user from a folder I specify on multiple vCenters. It works, but when I went to remove the permission of a test account it also wanted to remove my domain account (which I used to login to the vCenters and which is an admin in the vCenters).

param(

[array]$viservers = ("vcenter.domain", "vcenter2.domain")

)

Set-PowerCLIConfiguration -InvalidCertificateAction Ignore -Confirm:$false

$creds = Get-Credential -Message "Enter your vCenter credentials" -UserName "$($env:USERDNSDOMAIN)\$($env:USERNAME)"

$vSphereConns+= Connect-VIServer -Server $viservers -Credential $creds

while($true){
    $endAnswer = '1'
    while($endAnswer -ne 'Q'){
        if($endAnswer -eq '1'){
            $podnumber = Read-Host = "Enter the pod number"
            if($podnumber.count -eq 1){
                $folder = Get-Folder -Name myfolder-$podnumber
            }
            $endAnswer = '2'
        }
        if($endAnswer -eq '2'){
            $usertoremove = Read-Host = "Enter the username in domain\user format to remove from the folder"


        }

Get-VIPermission -Entity $folder -Principal $usertoremove | Remove-VIPermission

        write-host "Please select an option"
        Write-Host "1 - Go back to the pod number selection"
Write-Host "2 - Go back to the user selection"
        Write-Host "Q - Exit the script"
        $endAnswer = ''
        while('1','2','Q' -notcontains $endAnswer){
            $endAnswer = (Read-Host -Prompt 'Your answer').ToUpper()
        }
    }
    Disconnect-VIServer -Server $viserver -Confirm:$false
Write-Host "Disconnecting from vCenter and exiting script"
Write-Host "Insert catchy quote here."
    break
}

emcclure · ‎09-11-2019

It works now. Here's the final code for the script to work:

param(

[array]$viservers = ("vcenter1.domain", "vcenter2.domain")

)

if (!(Get-Module -ListAvailable -Name VMware.PowerCLI)) {
Install-Module -Name VMware.PowerCLI -Force -Scope CurrentUser -Confirm:$false
Import-Module VMware.PowerCLI -Force
}

Set-PowerCLIConfiguration -InvalidCertificateAction Ignore -Confirm:$false

$creds = Get-Credential -Message "Enter your vCenter credentials" -UserName "$($env:USERDNSDOMAIN)\$($env:USERNAME)"

$vSphereConns+= Connect-VIServer -Server $viservers -Credential $creds

while($true){
    $endAnswer = '1'
    while($endAnswer -ne 'Q'){
        if($endAnswer -eq '1'){
            $podnumber = Read-Host "Enter the pod number"
            if($podnumber.count -eq 1){
                $folder = Get-Folder -Name myfolder-$podnumber
            }
            $endAnswer = '2'
        }
        if($endAnswer -eq '2'){
            $usertoremove = Read-Host -Prompt "Enter the username in domain\user format to remove from the folder"


        }

Get-VIPermission -Entity $folder | where {$_.principal -eq "$usertoremove"} | Remove-VIPermission

        Write-host "Please select an option"
        Write-Host "1 - Go back to the pod number selection"
        Write-Host "2 - Go back to the user selection"
        Write-Host "Q - Exit the script"
        $endAnswer = ''
        while('1','2','Q' -notcontains $endAnswer){
            $endAnswer = (Read-Host -Prompt 'Your answer').ToUpper()
        }
    }
    Disconnect-VIServer -Server $viservers -Confirm:$false
Write-Host "Disconnecting from vCenter and exiting script"
break
}

All

Script to remove users from folder is trying to remove more than one account