Using PowerCLI to Set vCenter Permissions on Datacenter
I have been working on doing a vCenter Consolidation Project. This has meant recreating multiple permissions groups. I couldnt find an easy way to apply permissions at a datacenter so I updated this script to be used.
Pre-Requsites
Link to Script
Preparing to Execute the Script
The script is pretty straight forward, just need to update columns in the CSV such as Datacenter, Group and Role.
This script assumes you have already launched PowerCLI and modified the csv
1# PowerCLI Script for setting vCenter Permissions base don AD Group and Datacenter
2# @davidstamen
3# http://davidstamen.com
4
5param
6(
7 [Parameter(Mandatory=$False,
8 HelpMessage='Path to CSV to Import')]
9 [string[]]$permissionlist
10)
11
12#Import PowerCLI Module
13Get-Module -ListAvailable VMware* | Import-Module
14
15#Prompt for vCenter to Set Permissions
16$vCenter = Read-Host -Prompt "Name or IP address of vcenter"
17
18#Makes sure CSV was passed as parameter, if not it prompts and checks path.
19If($permissionlist -eq $NULL){
20 $permissionlist = Read-host -Prompt "Csv to import"
21}
22If((Test-Path $permissionlist) -eq $False){Write-host "Could not find CSV.";break}
23
24#tries to connect to vcenter and breaks script if it fails.
25Try{Connect-viserver $vCenter -ErrorAction "Stop"|Out-Null}
26Catch {Write-Warning "Unable to Logon to $vCenter. Exiting...";break}
27
28#define variables and loop through each entry setting permissions
29$permission = Import-csv "$permissionlist"
30foreach ($item in $permission) {
31 $datacenter=$item.datacenter
32 $role=$item.role
33 $group=$item.group
34 $domain=$item.domain
35
36 Write-host "Setting $group permissions to $role on $vCenter" -ForegroundColor Green
37 $Permission=New-VIPermission -Entity (Get-Datacenter $datacenter) -Principal (Get-VIAccount -Domain $domain -Group|Where-Object {$_.Name -like "*$group*"}) -Role (Get-VIRole $role) -Propagate:$true|Out-Null
38}
Execute the Script
- Run .\Set-vCenterPermissions.ps1 .\permissions.csv