Automation

 View Only
  • 1.  Clone object user rights, which way is true?

    Posted Jan 08, 2014 08:55 AM

    Hi guys,

    I have a some interesting task, i need a clone vCenter permissions for a newely created user. first thing I thought, it's a simply "Get-VIPermission" + "Set-VIPermission". With first i haven't any questions, i get custom array with "entityId", "role", "Principal" and my new principal and some flags. But next step is hardly to understand for me, Set-VIPermission work with VI object. I know i can little parse "EntityID" and get object type like (datacenter, vm, folder etc..). But in result ill have a lot of code. Maybe it's wrong way, and somebody know simple solution ?

    This is what i have now, not ended story ....

    $Users = @()

    $Users += , @('some.user1','Ashton.Cooper')

    $Users += , @('some.user2','Bob.Marley')

    $Users += , @('some.user3','Carte.Noire')

    $Users += , @('some.user4','Den.Drv')

    $Users += , @('some.user5','Paul.Assange')

    $Users += , @('some.user6','Sponge.Bob')

    $i = 0$NewPermsCollection = @()

    $CurrPermsList = Get-VIPermission

    #Current permissions list

    for ($i=0; $i -lt $CurrPermsList.count; $i++) {    

         #Custom user list cycle @Users array    

         for ($c=0; $c -lt $Users.count; $c++){        

              #Searching attendes for cloning rights        

              if ($CurrPermsList[$i].Principal -eq $Users[$c][0]){            

                   #create object for renaming with new names            

                   $PermWithNames = New-Object PSObject           

                   Add-Member -InputObject $PermWithNames -MemberType NoteProperty -Name EntityId -Value $CurrPermsList[$i].EntityId           

                   Add-Member -InputObject $PermWithNames -MemberType NoteProperty -Name Role -Value $CurrPermsList[$i].Role           

                   Add-Member -InputObject $PermWithNames -MemberType NoteProperty -Name Principal -Value $CurrPermsList[$i].Principal           

                   Add-Member -InputObject $PermWithNames -MemberType NoteProperty -Name NewPrincipal -Value $Users[$c][1]            

                   Add-Member -InputObject $PermWithNames -MemberType NoteProperty -Name IsGroup -Value $CurrPermsList[$i].IsGroup           

                   Add-Member -InputObject $PermWithNames -MemberType NoteProperty -Name Propagate -Value $CurrPermsList[$i].Propagate           

                   #add row to array            

                   $NewPermsCollection += $PermWithNames

              }

         }

    }

    #$NewPermsCollection | ft #Checking array for correctnes

    #Setting new permisions


    Set-VIPermission ......



  • 2.  RE: Clone object user rights, which way is true?
    Best Answer

    Posted Jan 08, 2014 09:18 AM

    If you only need to change the principal, you could do something like this

    Get-VIPermission -Principal "some.user1" | %{
     
    New-VIPermission -Entity $_.Entity -Role $_.Role -Principal $_.Principal.Replace("some.user1","Ashton.Cooper")
    }

    You would then need an outside loop, that runs through all the principals that need to be changed.



  • 3.  RE: Clone object user rights, which way is true?

    Posted Jan 08, 2014 09:44 AM

    Luc, my english not so good, but you makes a "BullsEye" with your answer.

    I am just a lazy lame. Thanks for mention !