Get-VIPrivilege | Select Name, Description Get-VIPrivilege | Measure-Object Get-VIPrivilege -Name *Host* Get-VIPrivilege -Name *vm* Get-VIPrivilege -PrivilegeGroup | select name, description
Creating New Roles
Get-VIRole | Select Name, Description PowerCLI C:\> New-VIRole -Name "New Custom Role" -Privilege (Get-VIPrivilege -PrivilegeGroup Datacenter) 创建一个新的角色:New Custom Role并具有对Datacenter操作组的所有的特权: PowerCLI C:\> New-VIRole -Name "New Custom Role1" -Privilege (Get-VIPrivilege -PrivilegeItem "create datacenter") 创建一个新的角色:New Custom Role1并具有 对Datacenter有新建的子权限: Note:可以在vCenter上看到相关的结果: 可以从更小的粒度来定义角色并给角色赋予相应的权限 $MyPriv = "Host Profile"(定义你需要的权限) New-VIRole "New Custom Role3" -Privilege $MyPriv (定义新的角色并赋予相应的权限) 语法 New-VIPermission [-Entity] <VIObject[]> [-Principal] <VIAccount[]> [-Role] <Role> [-Propagate [<Boolean>]] [-Server <VIServer[]>] [-WhatIf] [-Confirm] [<CommonParameters>] 三个最基本的参数: Role The role which you will assign to the user Principal The user or group to which you wish to assign permissions Entity The object, folder, cluster, datacenter, or resource pool for which you would like to grant permissions to the user
前提:首先你要授权的用户是已经存在你的vCenter上的,可以是本地的,也是可以域的成员 New-VIPermission -Entity (Get-Datacenter) -Principal Virtual\test2 -Role "New Custom Role" -Propagate 1 结果:在Datacenter上Virtual\test2用户拥有New Custom Role角色的权限,即对Datacenter有操作的权限
2. Configure Datacenters and Clusters
http://www.vmware.com/support/developer/PowerCLI/PowerCLI51R2/html/New-Datacenter.html 必要的参数:location ,name 先创建一个folder, 然后把新建的数据中心放进去 $folder = Get-Folder -NoRecursion | New-Folder -Name DC_Folder New-Datacenter -Location $folder -Name ITC_Test_DC 脚本执行后的结果如下: New-Cluster -Name ITC_Test -Location ITC_Test_DC 默认情况下:HA和DRS都是没有开启的,如果你没有选择开启这连个选项的话 脚本执行后的结果: $ProductionCluster = New-Cluster -Location $BostonDC -Name Production -HAEnabled -HAAdmissionControlEnabled -HAFailoverLevel 1 -HARestartPriority Medium Set-Cluster 脚本实现后的结果: Set-Cluster 脚本操作的结果: 要使用脚本来定制
|