Hello. I am writing simple script to assign permissions and I cannot figure out how to reference the actual vCenter object, which we have a custom role on. I can reference all our other entities we have custom roles. For instance here is me assigning NoAccess to a special datastore folder.
New-VIPermission -Role NoAccess -Entity (Get-Folder -Type Datastore -Name "NO-ACCESS") -Principal “xxx”
We have custom roles on Datacenter, Storage folder, VM folder, and vCenter object. I cannot figure out to how to pass the vCenter object in the Entity variable. Thank you.
Try with
$root = Get-Folder -Name 'Datacenters'
Blog: lucd.info Twitter: @LucD22 Co-author PowerCLI Reference
Try with
$root = Get-Folder -Name 'Datacenters'
Blog: lucd.info Twitter: @LucD22 Co-author PowerCLI Reference
EDIT: This is working. I got it with your example. Thank you very much!
I saw that on get-vipermission when trying to see how I reference it. But this still makes no sense to me. If we look at the permissions like this:
vcenter.xxx. (vCenter-Role)
Datacenter-1. (Datacenter Role)
Cluster-1
Folder (Folder Role)
DataCenter-1 (Datacenter Role)
etc
The Datacenter entity has a different Role than the role that is attached directly on the vCenter at the top. I hope I make myself clear, Thank you.
That could mean there is an explicit permission for that role on the Datacenter.
That overrides the Propagate on the vCenter, provided we are looking at the same Principal.
Blog: lucd.info Twitter: @LucD22 Co-author PowerCLI Reference