VMware Cloud Community

View PowerCLI Mass Entitlement Script

I posted a GUI build script for VM's that automatically entitles users to their new machines about an hour ago.  I mentioned that I might post this script and decided that I might as well do it now, since I didn't bother to clean up the last one.  Why start now?  I again took out server names and replaced them with <MACHINEROLE> or OU's with <USEROU/COMPUTEROU>.  Also, in our environment, our VM's, Computer names, and Pool Names are all prefixed by V1, V2, etc.  V2 might be a user's second machine if something happened to the first, so that we could build in parallel.  After the first machine is deleted, we recycle that name so the next machine will be V1 again.

We were almost done with our our 1000 VM rollout for all employees, and those that started the process had yet to be set up in VMware View!  All new machines had been going out with View for a while.  So I needed to back entitle all the previous machines.  After ensuring that VMware View agent was installed on all VM's, including older ones, I ran this script.  Basically, it identified all the VM's we had that were named after a user.  Then, from that list, it checks if those machines have a pool in their name.  Keep in mind that in our environment, we had 1:1 pools for VM's.  I imagine that a little bit of tweaking could have this adding a machine to a pool and entitling a user to the pool if necessary.  Either way, the end result of all the checking was a list of machines that did not have pools.

With that list, I create a pool in the name of the machine and entitle the user that is identified in the VM's name to the machine.  Quick and dirty.

I did have two machines fail when I ran this.  It turned out that the two machines failed because they had been manually added to View, but there was a typo in the pool name causing the machine to incorrectly be identified as not having a pool.  I just deleted those two mistyped pools and recreated them.

Again, I may check up on the comments in here from time to time.  Really, I just wanted to get some code samples out for some practical use of View PowerCLI.  It took me months to figure this stuff out, so hopefully someone else can use the time I saved and take the community to a new level.

Unlike my automatic VM build script, this does not have a pretty (if you could call the other one that) GUI.  Sorry.  It will just start and finish when the job is done.


VMware View (We use 4.6, but I think View PowerCLI works with 4.5 as well.)

Admin rights to the View Server (I haven't found a workaround to this yet)

Enable-PSSession on the View Server so remote scripting can be done on it!

View PowerCLI installed on the View Server

vSphere PowerCLI (We use vSphere 4.1)

ActiveDirectory module for PowerShell (Part of RSAT for Windows 7.  Could be quickly modified to use Quest's AD plugin if you don't want to mess with it)

PowerShell 2.0

Maybe more, but I can't think of any right now.  I'm sure red text will tell you if you are missing something.

Link to my VM Build Script with Entitlement:  http://communities.vmware.com/thread/318319?tstart=0


#VClist determines what virtualcenters to use.  Removing test VC's may
#     cause duplicate VM names being created for some users.
Add-PSSnapin "Vmware.VimAutomation.Core" -EA "SilentlyContinue" | Out-Null
foreach ($VCNAME in $VCList)
Connect-VIServer -Server $VCNAME -EA "SilentlyContinue" -WA "SilentlyContinue" | Out-Null
#This Block of code establishes connectivity to the View server and imports the commands.
Write-Host "View Plugin"
Remove-PSSession * -EA "SilentlyContinue"
$ViewSession = New-PSSession <VIEWSERVER>
Invoke-Command -Session $ViewSession {Add-PSSnapin VMware.View.Broker}
#Invoke-Command -Session $ViewSession {Add-PSSnapin VMware.View.Broker -EA "SilentlyContinue" -WA "SilentlyContinue" | Out-Null}
$null = Import-PSSession -Session $ViewSession -EA "SilentlyContinue" -WA "SilentlyContinue"
Import-Module activedirectory
#Data Collection from Servers
Write-Host "Getting ADUsers"
$ADUsers = Get-ADUser -filter * -SearchBase "<USEROU>" -Server <DOMAINCONTROLLER> -ResultSetSize $null
Write-Host "Getting ADComputers"
$ADComputers = Get-ADComputer -Filter * -SearchBase "<COMPUTEROU>" -Server <DOMAINCONTROLLER> -ResultSetSize $null
Write-Host "Getting vSphere machines"
$VCComputers = Get-VM
Write-Host "Getting View Pools"
$ViewPools = Get-Pool
Write-Host "Getting VMs Managed By View"
$ViewDesktopVMs = Get-DesktopVM
$Usernames = @()
$ADUsers | ForEach-Object {$Usernames += $_.SamAccountName}
$VCUserComputer = $VCComputers | Where-Object {$Usernames -contains (($_.Name).substring(2))}
$UserComputerNames = @()
$VCUserComputer | ForEach-Object {$UserComputerNames += $_.Name}
$PoolNames = @()
$ViewPools | ForEach-Object {$PoolNames += $_.pool_id}
$PoolNames = $PoolNames
$MachinesNotInPools = @()
$UserComputerNames | ForEach-Object {If ($PoolNames -notcontains $_) {$MachinesNotInPools += $_}}
$MachinesNotInPools = $MachinesNotInPools | Sort-Object
$MachinesNotInPools > c:\MachinesWithoutPools.txt
$MachinesNotInPools | ForEach-Object {
$MachineTest = $_
Write-Host "Getting the machines"
$GETVMS = ($ViewDesktopVMs | Where-Object {$_.name -like $MachineTest})
Write-Host "Adding the pool"
$GetVMS | Add-ManualPool -pool_id $_ -isUserResetAllowed $true
$SIDTestName = $_.substring(2)
Write-Host "Adding the entitlement"
Add-PoolEntitlement -pool_id $_ -sid (($ADUsers | Where-Object {$_.samaccountname -like $SIDTestName}).sid)
Write-Host "Waiting 60 seconds."
#Start-Sleep 60

0 Kudos
0 Replies