Hi all,
I am trying to add vCenter privileges to a role via PowerCLI as the following but not sure why it keeps throwing errors.
System.View
System.Read
Global.LogEvent
Global.Licenses
Global.DisableMethods
Global.EnableMethods
Folder.Create
Folder.Delete
Datastore.Rename
Datastore.Move
Datastore.Delete
Datastore.Browse
Datastore.DeleteFile
Datastore.FileManagement
Datastore.AllocateSpace
Datastore.Config
Datastore.UpdateVirtualMachineFiles
Datastore.UpdateVirtualMachineMetadata
Network.Assign
DVSwitch.Create
DVSwitch.Delete
DVPortgroup.Create
DVPortgroup.Modify
Host.Config.Storage
Host.Local.DeleteVM
VirtualMachine.Inventory.Create
VirtualMachine.Inventory.Register
VirtualMachine.Inventory.Delete
VirtualMachine.Inventory.Unregister
VirtualMachine.Interact.PowerOn
VirtualMachine.Interact.PowerOff
VirtualMachine.Interact.GuestOperatingSystemManagementByVIXAPI
VirtualMachine.GuestOperations.Query
VirtualMachine.GuestOperations.Modify
VirtualMachine.GuestOperations.Execute
VirtualMachine.Config.AddExistingDisk
VirtualMachine.Config.AddNewDisk
VirtualMachine.Config.RemoveDisk
VirtualMachine.Config.RawDevice
VirtualMachine.Config.HostUSBDevice
VirtualMachine.Config.AdvancedConfig
VirtualMachine.Config.SwapPlacement
VirtualMachine.Config.ChangeTracking
VirtualMachine.State.CreateSnapshot
VirtualMachine.State.RevertToSnapshot
VirtualMachine.State.RemoveSnapshot
VirtualMachine.Provisioning.DiskRandomRead
VirtualMachine.Provisioning.GetVmFiles
Resource.AssignVMToPool
Resource.HotMigrate
Resource.ColdMigrate
VApp.AssignVM
VApp.AssignResourcePool
VApp.Unregister
errors
Get-VIPrivilege : 7/27/2022 3:10:32 PM Get-VIPrivilege VIPrivilege with id 'VApp.AssignResourcePool ' was not found using the specified filter(s).
At line:1 char:38
+ ... -Privilege (Get-VIPrivilege -Server $viserver -id $cvRoleIds) -Serve ...
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+ CategoryInfo : ObjectNotFound: (:) [Get-VIPrivilege], VimException
+ FullyQualifiedErrorId : Core_OutputHelper_WriteNotFoundError,VMware.VimAutomation.ViCore.Cmdlets.Commands.PermissionManagement.GetVIPrivilege
Get-VIPrivilege : 7/27/2022 3:10:32 PM Get-VIPrivilege VIPrivilege with id 'VApp.Unregister ' was not found using the specified filter(s).
At line:1 char:38
+ ... -Privilege (Get-VIPrivilege -Server $viserver -id $cvRoleIds) -Serve ...
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+ CategoryInfo : ObjectNotFound: (:) [Get-VIPrivilege], VimException
+ FullyQualifiedErrorId : Core_OutputHelper_WriteNotFoundError,VMware.VimAutomation.ViCore.Cmdlets.Commands.PermissionManagement.GetVIPrivilege
Looks like you have a space (blank) after VApp.AssignResourcePool and VApp.Unregister.
Blog: lucd.info Twitter: @LucD22 Co-author PowerCLI Reference
Looks like you have a space (blank) after VApp.AssignResourcePool and VApp.Unregister.
Blog: lucd.info Twitter: @LucD22 Co-author PowerCLI Reference
Thanks @LucD , you're the best 🙂
can you please tell me the correct filter for =>VirtualMachine.Interact.GuestOperatingSystemManagementByVIXAPI, as I can't find it with get filter
Get-VIPrivilege : 7/28/2022 11:48:34 AM Get-VIPrivilege VIPrivilege with id 'VirtualMachine.Interact.GuestOperatingSystemManagementByVIXAPI' was not found using the specified filter(s).
To be honest I have never heard of that privilege.
Where did you see it?
Blog: lucd.info Twitter: @LucD22 Co-author PowerCLI Reference
I can see it listed here but I think the filter is written in a wrong way
Not sure which filter you mean?
If I list the privileges via the API (not via Get-VIPrivilege) that one doesn't seem to appear.
$si = Get-View ServiceInstance
$authMgr = Get-View -Id $si.Content.AuthorizationManager
$authMgr.PrivilegeList | where{$_.PrivId -match 'VirtualMachine.Interact'}
Afaik, the VIX API was terminated in favor of the GuestOperations.
I'm not sure why it would still be listed in documentation for vSphere 7
Blog: lucd.info Twitter: @LucD22 Co-author PowerCLI Reference
Thanks 🙂
may be it's removed as you mentioned.