Automation

 View Only
  • 1.  Reporting Privileges delegated to Roles

    Posted Nov 17, 2008 09:03 PM

    I have been digging through the forum to try and come up with a solution to report on what privileges are defined in each role. I have taken a look at: http://communities.vmware.com/message/1066898#1066898

    and identifed the script that would list all privileges and the script that would identify all the roles. Is there a way to combine the two so that I can have a CSV file that would list something like below?

    Role: ######

    Privileges:

    #####



  • 2.  RE: Reporting Privileges delegated to Roles

    Posted Nov 18, 2008 07:42 AM

    That is rather straightforward.

    Each role in the roleList property contains an array, under property privilege, that contains all the privileges for that role.

    The only problem if you want to export that information to a CSV file, is that you can not export a row containing an array to the CSV file.

    A solution is to have a row per privilege in the CSV file.

    Something like this:

    role1, privilege1
    role1, privilege2
    role2, privilege1
    

    This script does just that

    $report =@()
    
    $authMgr = Get-View AuthorizationManager
    foreach($role in $authMgr.RoleList){
      if($role.Privilege -ne $null){
        foreach($priv in $role.Privilege){
          $row = "" | Select RoleName, Label, RoleId, System, Privilege 
          $row.RoleName = $role.Name
          $row.Label = $role.Info.Label
          $row.RoleId = $role.RoleId
          $row.System = $role.System
          $row.Privilege = $priv
    	  $report += $row
        }
      }
      else{
        $row = "" | Select RoleName, Label, RoleId, System, Privilege 
        $row.RoleName = $role.Name
        $row.Label = $role.Info.Label
        $row.RoleId = $role.RoleId
        $row.System = $role.System
        $row.Privilege = $null
        $report += $row
      }
    }
    
    $report | Export-Csv -path "c:/Roles.csv" -noTypeInformation
    



  • 3.  RE: Reporting Privileges delegated to Roles

    Posted Nov 18, 2008 08:08 PM

    This is great. Thank you very much for your time and efforts.