Sorry for misunderstanding,

We are running several ESX 4.? Server and a vCenter onto which I loggon, I allready have read that the CloneVM function only works when connected to VC.

Sorry I didn't read your post closer.

1. So would it be fine to create a Backup folder in the VM folder? how would I get the Folder MoRef, the get-folder only lists the usual Folders (Datacenter,Datastore,VM,..)

2. No I don't use this param since I don't want to delete the files I just copied

Thank you for fast replies and ideas!

The MoRef is a property of a SDK object and Get-Folder returns PowerCLI objects.

So you would have to use Get-View to switch between the 2 objects.

Suppose you have the "blue" folder called Backup, then you could do

$fldMoRef = (Get-Folder -Name "Backup" | Get-View).MoRef

____________

Blog: LucD notes

Twitter: lucd22

That's what I've tried with the Datastore Folder but it threw an exception, I think I need to read a little more about these Folders.

The Datastores folder is a hidden pre-configured folder that is only used to store the datastore entries.

You can't create a VM in that folder.

Neither can you in the Networking folder.

____________

Blog: LucD notes

Twitter: lucd22

Thank you, it seems that I've understood the different Location / Folder organization,

the permission error is still a bit unsadisfying but I could live with it or try to catch it. If you still got an idea, here is the Error:

Remove-VM : 16.07.2010 09:31:50 Remove-VM Unsufficient permissions. You need 'Syste

m.Read' privileges to complete the requested operation.

At C:\temp\tmp.ps1:23 char:10

+ remove-vm <<<< -VM $clonedVM -confirm:$FALSE

+ CategoryInfo : InvalidArgument: (Task-task-1712:ManagedObjectReference) [Remo

ve-VM], NoPermission

+ FullyQualifiedErrorId : Client20_QueryServiceImpl_RetrieveProperties_NotPermission,VMw

are.VimAutomation.ViCore.Cmdlets.Commands.RemoveVM

It looks as if the account you used to connect doesn't have the required privileges.

Can you try with another account ?

Can you do the removal of the guest from the vSphere client with that account ?

____________

Blog: LucD notes

Twitter: lucd22

Yes I can remove it from vSphere without any Problems.

( It's getting removed by the script too, but not without error - even through the machine isn't in the inventory afterwards)

I just checked Privileges and my Role is "Admin" which includes the System.Read permission...

Could you perhaps attach the script you are using ?

____________

Blog: LucD notes

Twitter: lucd22

function BackupVM

{

$vm = get-vm $args

$vmview = get-view $vm

$newName = "Backup2."+$vm.Name

$destStore = get-datastore $BackupDataStoreName

$destStoreView = get-view $destStore

$vmCloneFolder = (get-view (get-folder -Name Backup)).MoRef

$vmCloneSpec = new-object Vmware.Vim.VirtualMachineCloneSpec

$vmCloneSpec.Location = new-object Vmware.Vim.VirtualMachineRelocateSpec

$vmCloneSpec.Location.Datastore = $destStoreView.MoRef

$vmCloneSpec.Location.DiskMoveType = http://Vmware.Vim.VirtualMachineRelocateDiskMoveOptions::moveAllDiskBackingsAndDisAllowSharing

$vmCloneSpec.Location.Transform = http://Vmware.Vim.VirtualMachineRelocateTransformation::sparse

$vmview.CloneVM($vmCloneFolder, $newName, $vmCloneSpec)

$clonedVM = get-vm -Name $newName

remove-vm -VM $clonedVM -confirm:$FALSE

}

function BackupVMS

{

$starttime = get-date -f "HH:MM:S"

connect-viserver 172.16.0.3

foreach ($arg in $args)

{

Get-VM -Name $arg | foreach {

write-host "$_ is to be cloned next."

BackupVM $_

}

}

disconnect-viserver -confirm:$false

}

It's not complete yet but works for now

Made a few minor changes and it works without a problem for me.

What role does this account you use have ?

____________

Blog: LucD notes

Twitter: lucd22

Datacenter-datace... Lesen und Stores sehen ILITHYA False True

Datastore-datasto... Admin ILITHYA False True

Datastore-datasto... Admin ILITHYA False True

Datastore-datasto... Admin ILITHYA False True

HostSystem-host-1858 Admin ILITHYA False True

It looks pretty much like this, I ran the script with ours SUPERADMIN's ( my Chef ) account and it's not giving me any errors.

Thanks for all the help !

That first role "Lesen und Stores sehen" is obviously a custom role.

Can you check if that role contains the system.read privilege

Get-VIRole -Name "Lesen und Stores sehen"  | Get-VIPrivilege

____________

Blog: LucD notes

Twitter: lucd22

I'm not at work anymore so I can't say it for sure, but I'm very sure that it contains System.Read since we have been trying to adjust my permissions today in effort to get it "work".

Since I'm only an apprentice which would like to become a trainee I'm pretty sure I can consider myself lucky with the permissions I allready got and since the script is should be run by an yet non existing service account, I'd rather know which permissions we need for this account

Mfg

Ilithya

I have this permissions issue on removing a VM as well. I have role Administrator (which does contain System.Read) on the Datacentre that contains the VM I am removing. When I elevate my rights to Administrator on the whole VC (the parent of the Datacentre), the problem goes away. Seems like a bug to me.