VMware Cloud Community
vmatzeetcATdts
Contributor
Contributor
Jump to solution

VMSA-2017-0012 / CVE-2017-4919 Export VIPermission Items Script (free 2 optimization)

Hi,

maybe someone has suggestions to optimize my code for summarizing information relating a special VIPrivilege regarding VMSA-2017-0012 / CVE-2017-4919.

#

#Title: VMSA-2017-0012-export.ps1

#

#Description: This scripts exports VIPermission items related to its role and entity. It #shows all VIPermissions including the "VirtualMachine.Interact.GuestControl“-VIPrivilege #which needs to be managed in accordance to the VMSA-2017-0012 / CVE-2012-4919 issue.

#

#Date: 07/27/2017

#

#Creator: Mathias Raab

#

#Instructions: This script needs to be run AFTER establishing a connection to the vCenter #server. The file path for the export document needs to be specified while running the #script.

#

#Caution: This script has been tested. But I give no guarantee it is working for your #environment. Have a test first and if needed edit it for your own best.

#

#Removing variables first

Remove-Variable a,ergebnis

$ergebnis = @()

foreach ($role in (Get-VIRole))

{

    foreach ($priv in ($role | Get-VIPrivilege | where {$_.ExtensionData.PrivId -eq "VirtualMachine.Interact.GuestControl"}))

    {

        foreach ($viuser in (Get-VIPermission | where {$_.Role -eq $role.Name}))

        {

            $a = New-Object -TypeName PSObject

            $a | Add-Member -MemberType NoteProperty -Name Role -Value $role.Name.tostring()

            $a | Add-Member -MemberType NoteProperty -Name Privilege -Value $priv.Name.tostring()

            $a | Add-Member -MemberType NoteProperty -Name Principal -Value $viuser.Principal.tostring()

            $a | Add-Member -MemberType NoteProperty -Name Entity -Value $viuser.Entity

            $ergebnis += $a

        }

    }

}

$ergebnis | Export-CSV -Path (Read-Host -Prompt „Enter full file path for the export:“) -NoTypeInformation -Delimiter ";"

Reply
0 Kudos
1 Solution

Accepted Solutions
LucD
Leadership
Leadership
Jump to solution

Not sure what you mean by "optimization"?

The script is doing what it is supposed to do as far as I can see.

Execution speed shouldn't be an issue, unless you have thousands and thousands of roles and permissions in your environment.


Blog: lucd.info  Twitter: @LucD22  Co-author PowerCLI Reference

View solution in original post

Reply
0 Kudos
2 Replies
LucD
Leadership
Leadership
Jump to solution

Not sure what you mean by "optimization"?

The script is doing what it is supposed to do as far as I can see.

Execution speed shouldn't be an issue, unless you have thousands and thousands of roles and permissions in your environment.


Blog: lucd.info  Twitter: @LucD22  Co-author PowerCLI Reference

Reply
0 Kudos
vmatzeetcATdts
Contributor
Contributor
Jump to solution

Always looking for optimizations.

Thanks for the comment.

Reply
0 Kudos