I need to Audit the vCenter to see what user accounts have access to VMs/Folders/Datastores/etc etc etc
Im not a script guy, and my searchs seem to be coming up short..
Im hoping someone that knows more about Power CLI can point me in the right direction.
All i need to see is the user account and the type permissions/access that user account has.
any help would be great.
thanks in advance..
(If this has been answered somewhere already I apologize for reposting the question.
This will give you all permissions on all folders (including the hidden ones).
Get-Folder | Get-VIPermission |
Where {$_.EntityId -match "Folder"} |
Select Entity,Principal,Role
Blog: lucd.info Twitter: @LucD22 Co-author PowerCLI Reference
Hello Luc,
Is there a way to check Who gave Permission for the VC or assign roles/permissions ?
Looking for Auditing purpose.
I have VC for 4.1/5.1/6.0
Any hint ?
Regards,
Amol
Try like this
Get-VIEvent -Start (Get-Date).AddDays(-1) -MaxSamples ([int]::MaxValue) |
where{$_ -is [VMware.Vim.PermissionAddedEvent]} |
Select CreatedTime,UserName,Principal,@{N='Entity';E={$_.Entity.Name}},@{N='Role';E={$_.Role.Name}}
Blog: lucd.info Twitter: @LucD22 Co-author PowerCLI Reference
Hello Luc,
Thanks for quick reply and yes its working.
Thanks for the always quick help and guidance
But, If event is not there then can not get, I was looking for old auditing records.
I got the recent once.
You can adapt the value on the Start parameter, in my sample code it only looks back 1 day.
Or you can leave out the Start parameter all together, then it will look at all the events in the DB
Blog: lucd.info Twitter: @LucD22 Co-author PowerCLI Reference