Is anyone using this call from within PowerCLI?
I can use is just fine, as long as the security principal I specify is a user and not a group. Whenever I specify a group name, it errors out with a "user or group does not exist". Also, setting the perm.group=$true or $false seems to make no difference.
Any help will be much appreciated.
--Moby
Not sure why you would use the SDK method while there is a cmdlet to do this.
$vm = Get-VM MyVM
New-VIPermission -Principal "domain\MyGroup" -Entity $vm -Role "Virtual machine user" -Confirm:$false
If, for whatever reason, you need to use the SDK method, this works for me
$vm = Get-VM MyVM
$roleName = "Virtual machine user"
$authMgr = Get-View AuthorizationManager
$roleId = ($authMgr.RoleList | where {$_.Name -eq $roleName}).RoleId $spec = New-Object VMware.Vim.Permission
$spec.Group = $true
$spec.principal = "domain\MyGroup"
$spec.propagate = $false
$spec.roleid = $roleId
$authMgr.SetEntityPermissions($vm.Extensiondata.MoRef,@($spec))
Blog: lucd.info Twitter: @LucD22 Co-author PowerCLI Reference
Thanks LucD.
Yes, that option is available but there are other reasons, mainly the scale of the environment, that caused me to use setentitypermissions.
The issue is resolved now - sorry for the delayed posting. The problem was my using .isgroup instead of .group (I blame it on lack of caffeine!)
Regards,
--Moby