Hi VMgurus,
I am planning to move one cluster to another vCenter but i want to preserve the roles and notes on all VM's.
Could anyone help in wiriting a script on importing and exporting roles on a particular Cluster.
Jadapa RHCE, MCSA
For the roles export part, did you already try out the scripts from
For the roles import part, you have to use the script I provided in my vSphere permissions: export & import – Part 2 post on Alan's blog.
Do you also need an export/import script for the guest's Notes ?
And if yes, do you only need the Notes or also the Custom Attributes ?
____________
Blog: LucD notes
Twitter: lucd22
Blog: lucd.info Twitter: @LucD22 Co-author PowerCLI Reference
Yes, I need.
Only the Notes ?
____________
Blog: LucD notes
Twitter: lucd22
Blog: lucd.info Twitter: @LucD22 Co-author PowerCLI Reference
I need all the attributes as it is now.
I am moving all the hosts and vm's to a new vCenter 4.0 U2.
For an export/import of the custom attributes use the scripts in
____________
Blog: LucD notes
Twitter: lucd22
Blog: lucd.info Twitter: @LucD22 Co-author PowerCLI Reference
Luc,
I have scaled down your script for Import / export of only roles in Virtual center and left out the permission part. I can export the roles without any problem. But while importing i face a error. can you please help me in troubleshooting. Both the script i use and error are given below,
function New-Role
{
param($name, $privIds)
Begin{}
Process{$roleId = $authMgr.AddAuthorizationRole($name,$privIds)
}
End{
return $roleId
}
}
# Create hash table with the current roles
$authMgr = Get-View AuthorizationManager
$roleHash = @{}
$authMgr.RoleList | % {
$roleHash[$_.Name] = $_.RoleId
}
# Read XML file
$XMLfile = “C:\role.xml”
$vInventory =[xml]“<dummy/>”
$vInventory.Load($XMLfile)
# Define Xpaths for the roles and the permissions
$XpathRoles = “Inventory/Roles/Role”
# Create custom roles
$vInventory.SelectNodes($XpathRoles) | % {
if(-not $roleHash.ContainsKey($_.Name)){
$privArray = @()
$_.Privilege | % {
$privArray += $_.Name
}
$roleHash[$_.Name] = (New-Role $_.Name $privArray)
}
}
Error,
Exception calling "AddAuthorizationRole" with "2" argument(s): "vim.fault.NotFound"
At :line:8 char:47
+ $roleId = $authMgr.AddAuthorizationRole <<<< ($name,$privIds)
Additionally i have tried to alter the lines as given below, but does not work and throws the error,
[xml]$vInventory = “<dummy/>”
[xml]$vInventory.Load($XMLfile)
It looks as if you did the export with an older version of my export script.
Did you use the script from the Script to export vCenter Roles / Permissions thread ?
I just tried your script and it works without a problem.
You can do a test with a minimal XML file that only contains 1 dummy role (don't forget to delete it afterwards).
<Inventory> <Roles> <Role Name="TestRole" Label="TestRole" Summary="TestRole"> <Privilege Name="System.Anonymous"/> <Privilege Name="System.Read"/> <Privilege Name="System.View"/> </Role> </Roles> </Inventory>
Blog: lucd.info Twitter: @LucD22 Co-author PowerCLI Reference
Luc,
1. I tried the simple testrole with the script and worked fine.
2. i tried to export the roles with your latest script and tried to import it . Some roles got imported others were not.
3. So came to a conclusion there should be something wrong with handling some permissions.
Can you please try to create a role with below given permissions and test whether are you able to create? for me it fails.
<Privilege Name="Global.com.vmware.Global.CapacityIQ" />
<Privilege Name="VcIntegrity.Baseline.com.vmware.vcIntegrity.AssignBaselines" />
<Privilege Name="VcIntegrity.Baseline.com.vmware.vcIntegrity.ManageBaselines" />
<Privilege Name="VcIntegrity.General.com.vmware.vcIntegrity.Configure" />
<Privilege Name="VcIntegrity.Updates.com.vmware.vcIntegrity.Remediate" />
<Privilege Name="VcIntegrity.Updates.com.vmware.vcIntegrity.Scan" />
<Privilege Name="VcIntegrity.Updates.com.vmware.vcIntegrity.ViewStatus" />
That works for me.
But then I tested on an environment that has CapacityIQ installed.
Do you have CapacityIQ installed ?
Otherwise try leaving out the privileges one by one and see which one causes the failure.
Blog: lucd.info Twitter: @LucD22 Co-author PowerCLI Reference
You are absolutely right .
I was importing roles in a new environment where i had only Virtual center app installed and others were missing. So privileges related to missing components produces the error when tried to import them in a role.