From my first article Export vcenter roles (privileges) I exported all the roles and privileges successfully now it was task to migrate Roles on another vCenter. I already had grabbed roles in files so they where completely portable, I extracted zip file of my roles in the same c:\temp folder as I was going to use it.
Other very useful script for vCenter migration.
this is screenshot from my previous post it contains all the roles.
I will be sharing next script for Exporting and Importing roles permissions stay tuned. If you like this article please share knowledge.
Other very useful script for vCenter migration.
Exporting virtual machine annotation (Attributes) and notes to CSV file - Powercli
Move/Migrate VMs to folder Path on another vCenter - Powercli
Get vCenter VM folder Path from VMs and Templates- Powercli
Importing VM annotation (Attributes) and notes from CSV file into vCenter - Powercli
Import vCenter roles (privileges) - Powercli
Export vcenter roles (privileges)
this is screenshot from my previous post it contains all the roles.
Here is the script. I hope I am keeping all simple.
<#
.Synopsis
Imports roles into vsphere roles..
.Description
This script imports roles into vspheres from .role file/
.Example
Import-vSphereRoles -Path c:\temp
Import Roles to the folder.
.Notes
NAME: Import-vSphereRoles
AUTHOR: Kunal Udapi
LASTEDIT: 15th February 2016
KEYWORDS: Import Roles
.Link
#Check Online version: http://kunaludapi.blogspot.com
#Requires -Version 3.0
#>
#requires -Version 3
[CmdletBinding(SupportsShouldProcess)]
Param(
[Parameter(Mandatory=$true, Position=1,
ValueFromPipeline=$true)]
[AllowNull()]
[alias("LiteralPath")]
[string]$Path = "c:\temp"
) #Param
Begin {
$roleFiles = Get-ChildItem -Path $Path -Filter *.role
}
Process {
foreach ($role in $roleFiles) {
$VIRoleName = $role.BaseName
$RolesContent = Get-Content -Path $role.FullName
New-Virole -Name $VIRoleName | Out-Null
Write-Host "Created Role `"$VIRoleName`"" -BackgroundColor DarkGreen
foreach ($Privilege in $RolesContent) {
if (-not($privilege -eq $null -or $privilage -eq "")) {
Write-Host "Setting Permissions `"$Privilege`" on Role `"$VIRoleName`"" -ForegroundColor Yellow
Set-VIRole -Role $VIRoleName -AddPrivilege (Get-VIPrivilege -ID $privilege) | Out-Null
} #if (-not($privilege -eq $null -or $privilage -eq ""))
} #foreach ($Privilege in $RolesContent)
} #foreach ($role in $roleFiles)
}
1 comment:
Awesome script, thank you so much for sharing it out.
One issue I found, and this is most probably due to me exporting from vCenter V6.0 and importing to vCenter V6.7, is that it seems in V6.7 the role permissions may be named differently, so when you import, you get an error as such:
Setting Permissions "Host.Local.DeleteVM" on Role "MyCompany"
Setting Permissions "Host.Local.RelayoutSnapshots" on Role "MyCompany"
Get-VIPrivilege : 10/03/2021 2:48:36 PM Get-VIPrivilege VIPrivilege with id 'Host.Local.RelayoutSnapshots' was not found using the specified filter(s).
At C:\Users\myname\Documents\Import_VIRoles.ps1:39 char:54
+ Set-VIRole -Role $VIRoleName -AddPrivilege (Get-VIPrivilege -ID $privil ...
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~
+ CategoryInfo : ObjectNotFound: (:) [Get-VIPrivilege], VimException
+ FullyQualifiedErrorId : Core_OutputHelper_WriteNotFoundError,VMware.VimAutomation.ViCore.Cmdlets.Commands.PermissionManagement.GetVIPrivilege
Set-VIRole : Cannot validate argument on parameter 'AddPrivilege'. The argument is null or empty. Provide an argument that is not null or empty, and then try the command again.
At C:\Users\myname\Documents\Import_VIRoles.ps1:39 char:53
+ Set-VIRole -Role $VIRoleName -AddPrivilege (Get-VIPrivilege -ID $privil ...
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+ CategoryInfo : InvalidData: (:) [Set-VIRole], ParameterBindingValidationException
+ FullyQualifiedErrorId : ParameterArgumentValidationError,VMware.VimAutomation.ViCore.Cmdlets.Commands.PermissionManagement.SetVIRole
Post a Comment