HI,

i try to create a local readonly esxi user. In the past i had  script like this..

New-VMHostAccount -Id $user -Password $pwd -Description $desc -UserAccount

New-VIPermission -Entity $ent -Principal $user -Role $role

where -Entiity of the New-VIPermission cmdlet was "ha-folder-root". if found this solution here in the community but i was not sure why it is this entity.

Now with my 6.5 host it comes to an error that the entity could not be found and a litle bit research brought me to this..

New-VIPermission -Entity (get-datacenter) -Principal $user -Role $role

Since Entity is descript as viobjekt this works well in the first step... but it the end its looks not that good..

New-VIPermission -Entity (get-datacenter) -Principal username -Role ReadOnly

Role                      Principal       Propagate IsGroup

----                      ---------       --------- -------

ReadOnly                  username         True      False

Get-VIPermission|select Role, Principal, Entity

Role     Principal Entity    

----     --------- ------    

ReadOnly username   ha-datacenter

ReadOnly username  host      

Admin    vpxuser   root      

Admin    dcui      root      

Admin    root      root      

ReadOnly username   vm       

It looks like that this is not the best option. So maybe somebody can point me to some information regarding this entity thing or can exlpain it to me?

And at the end ... is there an easy way to mark code as code so that it will be colored in this forum?

Greetings...