I have a use case for a script to update Segment Profiles on a Segment - the use case is basically the Segments are spun out as Cloud Director networks, one of the vms in the vapp is a DHCP server and i need to change the Segment Security Profile to one which allows DHCP traffic
Thanks to Rudi there is a powercli script to do this (Change NSX-T Switch Profiles with PowerCLI | rudimartinsen.com)
The problem I have is when Cloud Director has the Segments created they are created with the Protection set to Require_Override in order for the script to work they need to be set to Not_Protected - see note at the bottom of Rudi's post
Is there a way through powercli to change this from Require_Override to Not_Protected
I did this originally on 2.5.2, should still be the same w/ 3.1.2, but let me verify. I could also have some logic problems as I really didn't run this code a whole lot.
I see the problem now. Security Binding Map is not created by default, so we'll need to create one first which appears to happen in UI when you switch from one or the other. The default is effectively 'blank' and inherits the system defaults.
I'll look into this later, but feel free to share if you figure out a way.
Fixed. It'll create a binding map if none is found and apply the profiles you defined in your variables.
Powershell: Changing NSX-T Segment Profiles enmasse. (zsoldier.com)
Thanks so much for the help, I was really going down the wrong route before you directed me to the api method. I guess I need to start playing around with this and start getting use to it quickly seeing as we are migrating. Either-way I really appreciate the help and will definitely be keeping an eye on your blog.