Use owner variable to customize VM/resourcepool/folder names

I'm trying to customize the "VMware.VirtualCenter.Folder" property, "Infrastructure.ResourcePool.Name" property, and the actual VM name with the AD username of the person requesting items from the catalog.  Does anyone know what the username variable is for the person submitting the catalog request?  I found an older document referencing {USR} but that doesn't seem to work.  The "VirtualMachine.Admin.Owner" property should contain what I need but it doesn't appear to be populated during the build workflow early enough to be used in other properties or I haven't figured out how to use it as a variable within the other property fields.  I don't want to create custom business groups or build profiles for a thousand users.

I would also like to leverage the AD username of the person requesting a catalog item to set ACLs on the VM's in vCenter so that they can gain access to their VM's console.  We upgraded to vRA 6.2 to fix an issue where we couldn't leverage AD groups for entitlements.  This unfortunately removed the VMRC link for our users to access console on their VMs.  Ideally I should be able to get the blueprint provisioning workflow (CloneWorkflow) to call another workflow that sets vCenter permissions on the objects being deployed.  That will require some form of AD user variable and access to edit the CloneWorkflow process.  Does anyone know where the CloneWorkflow script resides?  I don't see it in orchestrator.

THANKS!  -Chris

1 Reply
Hot Shot
Hot Shot

To get the owner of a VM in vRO, I create a scripting object with

var ownerEntity = virtualMachineEntity.getLink(vCACHost, "Owner")[0]

ownerName = ownerEntity.getProperty("UserName")

If you use the "Workflow template" that is part of the vCAC Plugin the virtualMachineEntity and vCACHost variables will map correctly. ownerName will be a string with the UPN of the requestor of the machine. Check out my workflow to add a local admin to windows here to see that code snippet in action. This will give you the AD user for the other permission entitlements you want to do too. You could use rszymczak's vmrc link creation workflow here as an action to generate console access links as an alternative to setting vCenter permissions until the vmdc bug is fixed. You could set vCenter permissions in a WFStubMachineProvisioned workflow for a blueprint.