VMware Cloud Community
StuDuncanHPE
Enthusiast
Enthusiast
‎11-09-2023 08:14 AM
Jump to solution

Dealing w linked vcenters

I think I've asked this question before, but can't seem to find if there was ever a good solution.

Environment has ~40 vcenters. Some are linked, some are not.

I'm running a modified version of Alan and Luc's role/permission script from 2010.  (yes, its still useful today!)

The problem is that when I log into a linked vcenter, it creates a role from each vcenter login. So I end up getting duplicate roles. When you later go to set permissions using 'the role', it fails because there's two.

So, the larger question is wondering if there is any way to tell that you're logged into a linked vcenter so that automation like this doesn't happen twice? Or is the only real solution to do a duplication check before role creation/whatever else you're trying to do?

Reply
0 Kudos
1 Solution

Accepted Solutions
LucD
Leadership
Leadership
‎11-09-2023 09:55 AM
Jump to solution

Afaik there is no property indicating if an object was created due to linked vCenters.
That only plays when the object is created I suspect.

So yes, testing, like your snippet, might be the best solution.


Blog: lucd.info  Twitter: @LucD22  Co-author PowerCLI Reference

View solution in original post

Reply
5 Replies
StuDuncanHPE
Enthusiast
Enthusiast
‎11-09-2023 08:45 AM
Jump to solution

Or is there nothing more to do than:

$TestForRole = get-virole | where {$_.Name -eq $vInventory.SelectNodes($XpathRoles).Name}
if ($TestForRole){
     #create role
     }
else {
     echo "Skipping $($vInventory.SelectNodes($XpathRoles).Name) because there was a duplicate in $vc}
     }
 
Reply
0 Kudos
LucD
Leadership
Leadership
‎11-09-2023 09:45 AM
Jump to solution

Did you already try the Server parameter, pointing to one specific vCenter, on the New-VIRole cmdlet?


Blog: lucd.info  Twitter: @LucD22  Co-author PowerCLI Reference

Reply
0 Kudos
StuDuncanHPE
Enthusiast
Enthusiast
‎11-09-2023 09:49 AM
Jump to solution

Yes, the server parameter was unhelpful to separate roles in linked vcenters. Because the one role is shared across the linkage. So creating a second one from the second server creates a second role, same name but unique ID, shared across the linkage.

Since I can't see any attribute that defines if linked or not, I think the only way is to check every time.

Reply
0 Kudos
LucD
Leadership
Leadership
‎11-09-2023 09:55 AM
Jump to solution

Afaik there is no property indicating if an object was created due to linked vCenters.
That only plays when the object is created I suspect.

So yes, testing, like your snippet, might be the best solution.


Blog: lucd.info  Twitter: @LucD22  Co-author PowerCLI Reference

Reply
StuDuncanHPE
Enthusiast
Enthusiast
‎11-09-2023 09:59 AM
Jump to solution

Appreciate it.  And just realized my snippet was missing a "!" in the if test...

Reply
0 Kudos