vSphere PowerCLI Cmdlets Reference

New-VIPermission

Synopsis

Creates new permissions on the specified inventory objects for the provided users and groups in the role.

Syntax

New-VIPermission [-Entity] <VIObject[]> [-Principal] <VIAccount[]> [-Role] <Role> [-Propagate [<Boolean>]] [-Server <VIServer>] [-WhatIf] [-Confirm] [<CommonParameters>]

Related Commands

Online version
Get-VIPermission
Remove-VIPermission
Set-VIPermission
Get-VIPrivilege
Get-VIRole
New-VIRole
Remove-VIRole
Set-VIRole

Detailed Description

Creates new permissions on the specified inventory objects for the provided users and groups in the role. By default, new permissions are propagated down the hierarchy to sub-entities. You cannot create new permissions for the following objects:
- direct child folders of a datacenter
- root resource pools of clusters and standalone hosts.
These objects always inherit the permissions of their parent.

Parameters

NameDescriptionRequired?Pipeline InputDefault Value
EntitySpecify the inventory objects for which you want to create new permissions.truetrue (ByValue)
PrincipalSpecify users and groups to which you want to apply the new permissions. If you specify principal names by using the "domain\name" syntax, wildcards are not supported.truefalse
RoleSpecify the roles for which you want to create new permissions.truefalse
PropagateIndicate that you want to propagate the new permissions to the child inventory objects.falsefalse
ServerSpecify the vSphere server on which you want to run the cmdlet. If no value is given to this parameter, the command runs on the default servers. For more information about default servers, see the description of Connect-VIServer.falsefalse
WhatIfIndicate that the cmdlet is run only to display the changes that would be made and actually no objects are modified.falsefalse
ConfirmIf the value is $true, indicates that the cmdlet asks for confirmation before running. If the value is $false, the cmdlet runs without asking for user confirmation.falsefalse$true

Return Type

Permission

Notes

You can specify permissions to a datastore only on vSphere 4.0 and later.

Examples

-------------- Example 1 --------------

New-VIRole -Name Role -Server $server -Privilege (Get-VIPrivilege -PrivilegeGroup)

$permission = New-VIPermission -Role Role -Principal Administrator -Entity (Get-Datacenter)

Creates a permission on the provided server for a role with the specified privileges.


Copyright © 1998 - 2010 VMware, Inc. All rights reserved.