VMware Cloud Community
mhood59
Contributor
Contributor
‎09-01-2022 06:33 AM

VCSA Permissions and Roles Export

Hi All

I am tasked with figuring out how to export the entire permissions and roles structure for a multi VCSA estate into one or more spreadsheets, most likely a single sheet with multiple tabs for each VCSA.

The layout is organised with meaningful VM folders for example, but its the roles and perms that have gone a bit out of control over the years. It is these that I am looking to visualise in a spreadsheet so a review can be carried out and changes made ahead of the implementation of a new set of VCSA's, where perms, roles etc will be built from scratch, using the existing estate as a reference point. I am not looking to export and import what exists at present, knowing that this is not acceptable given the permissions sprawl over the years.

 

Is there a recognised tool from VMware or others, or a script that can pull this information from an entire VCSA and present it in CSV or Excel format?

Thanks in advance.

0 Kudos
3 Replies
scott28tt
VMware Employee
VMware Employee
‎09-01-2022 06:48 AM

This post should help: https://communities.vmware.com/t5/VMware-PowerCLI-Discussions/Export-Roles-Permissions-Privileges-Ex...

 


-------------------------------------------------------------------------------------------------------------------------------------------------------------

Although I am a VMware employee I contribute to VMware Communities voluntarily (ie. not in any official capacity)
VMware Training & Certification blog
0 Kudos
mhood59
Contributor
Contributor
‎09-02-2022 08:29 AM

Thanks @scott28tt - I have had a look and will try to test this out in the coming days, feeding back on what will hopefully be a success!

0 Kudos
mhood59
Contributor
Contributor
‎10-14-2022 08:11 AM

Hi 

I have been fudging my way through this and various similar links and have managed to get both an XML export of folder permissions and roles as well as a CSV export of the same. 

I have now also had success importing XML files back into VCSA to recreate the folder structure and the all-important permissions.

I am now planning on working out how to incorporate this with multiple VCSA sources, then send that data into the new VCSA's - there will be some consolidation taking us down from around 10 to hopefully around 4. I am thinking it should be easy enough just feeding the various XMLs into the new VCSA (the caveat of the script is that the source and destination DC's must match but this can be temporarily changed).

If there is a better way, please let me know!

Fore info, the script I have used is here: Powershell-Export-Import-Folders-and-Permissions-to-another-vCenter

Thanks again

0 Kudos