IDATAAB
Contributor
Contributor

I know this is an old post but we ran into the same problem in finding out what permissions to give an account to just be able to copy our Host configs.

We scripted this in powershell to do a nightly backup of each host to its own folder, with each backup file getting the date appended to the front of the filename. We retain 14 copies and each night the job then deletes the oldest copy of the backup.

We created an AD User for this so we could use Windows task scheduler on our vCenter server to run the job.

On your vCenter clone the Read Only role and name it something like Host Config Backup

Then edit the role permissions and under Host, Configuration: check the Firmware box.

At the vCenter level, go to the Permissions tab and add your AD user and grant it the Host Config Backup role

Now your script should be able to run against your hosts.

Again the minimum required permission on your new Role will be Host, Configuration, Firmware

If you don't have vCenter and AD integration, you can add the role individually to each host and add that user to your script and run it against them.

2017-09-08_14-38-25.pngpart..

Reply
0 Kudos