Trying to export vcenter roles permissions and privileges from multiple vcenters. however, the output xlsx file is only dumping 1 or 2 vCenters data.
$reportName = "E:\Scripts\ExportRolesPermissions\Report-$Date.xlsx"
foreach($vc in $vcenters){
$global:DefaultVIServers = $null
Connect-VIServer -Server $vc -User $username -Password $password
Get-VIPermission | Select @{N='vCenter';E={$_.Uid.Split('@:')[1]}},Principal,Role,@{n='Entity';E={$_.Entity.Name}},@{N='Entity Type';E={$_.EntityId.Split('-')[0]}} |
Export-excel -Path $reportName -WorksheetName Permissions
Get-VIRole | Select @{N='vCenter';E={$_.Uid.Split('@:')[1]}},Name,@{N='PrivilegeList';E={[string]::Join([char]10,$_.PrivilegeList)}} |
Export-Excel -Path $reportName -WorksheetName Roles
}
Also please advise if there is any better tool for audting/reporting/exporting on vCenter Roles/Permissions/Privileges.
If you mean the SSO accounts, have a look at the VMware.vSphere.SsoAdmin module
Blog: lucd.info Twitter: @LucD22 Co-author PowerCLI Reference
LucD,
Thanks again for all of your insight. Can we place the two scripts together in order to repopulate the roles and permissions?
Import-excel -Path Report-20220301-1614.xlsx -WorksheetName Roles -PipelineVariable row |
ForEach-Object -Process {
$Role = @{
Name = $row.Name
Privilege = $row.PrivilegeList.Split("`n") | ForEach-Object { Get-VIPrivilege -Id $_ }
Server = $row.vCenter
Confirm = $false
}
New-VIRole @role
}
Import-excel -Path Report-20220301-1614.xlsx -WorksheetName Permissions -PipelineVariable row |
Foreach-Object -process {
$sPerm = @{
Entity = Get-Inventory -Name $row.Entity
Role = Get-VIRole -name $row.Role
Principal = $row.Principal
Propagate = $row.Propagate
Confirm = $false
}
New-Vipermission @sPerm
}
Not sure what you mean, but you can place those 2 snippets together in 1 script.
Blog: lucd.info Twitter: @LucD22 Co-author PowerCLI Reference