vSphere PowerCLI Reference

New-VIPermission

Synopsis

Creates new permissions on the specified inventory objects for the provided users and groups in the role.

Syntax

New-VIPermission [-Entity] <VIObject[]> [-Principal] <VIAccount[]> [-Role] <Role> [-Propagate [<Boolean>]] [-Server <VIServer[]>] [-WhatIf] [-Confirm] [<CommonParameters>]

Related Commands

Online version
Get-VIPermission
Remove-VIPermission
Set-VIPermission
Get-VIPrivilege
Get-VIRole
New-VIRole
Remove-VIRole
Set-VIRole

Detailed Description

Creates new permissions on the specified inventory objects for the provided users and groups in the role. By default, new permissions are propagated down the hierarchy to sub-entities. You cannot create new permissions for the following objects:
- direct child folders of a datacenter
- root resource pools of clusters and standalone hosts.
These objects always inherit the permissions of their parent.

Parameters

NameTypeDescriptionRequired?Pipeline InputDefault Value
PrincipalVIAccount[]Specify users and groups to which you want to apply the new permissions. If you specify principal names by using the "domain\name" syntax, wildcards are not supported.truefalse
RoleRoleSpecify the roles for which you want to create new permissions.truefalse
EntityVIObject[]Specify the inventory objects for which you want to create new permissions.truetrue (ByValue)
ConfirmSwitchParameterIf the value is $true, indicates that the cmdlet asks for confirmation before running. If the value is $false, the cmdlet runs without asking for user confirmation.falsefalse$true
PropagateBooleanIndicate that you want to propagate the new permissions to the child inventory objects.falsefalse
ServerVIServer[]Specify the vSphere server on which you want to run the cmdlet. If no value is given to this parameter, the command runs on the default servers. For more information about default servers, see the description of Connect-VIServer.falsefalse
WhatIfSwitchParameterIndicate that the cmdlet is run only to display the changes that would be made and actually no objects are modified.falsefalse

Return Type

Permission

Notes

You can specify permissions to a datastore only on vSphere 4.0 and later.

Examples

-------------- Example 1 --------------

New-VIRole -Name Role -Server $server -Privilege (Get-VIPrivilege -PrivilegeGroup)  $permission = New-VIPermission -Role Role -Principal Administrator -Entity (Get-Datacenter)

Creates a permission on the provided server for a role with the specified privileges.


Copyright © 1998 - 2011 VMware, Inc. All rights reserved.