vCenter powershell permissions check

PowerShell script exchange

vCenter powershell permissions check

Veeam Logoby jcwuerfl » Fri Feb 10, 2012 1:54 am

Veeam vCenter Server Granular Permissions v6 check Script


I'm sure the below could be improved but this seems to work and give the basic information needed to verify your vCenter permissions. I used this today to resolve an issue I was having with my new veeam backup setup.

This was based on the following for v6 : vCenter Server Granular Permissions (v6)

Code: Select all

#You will need the VMware vSphere PowerCLI Installed
# http://communities.vmware.com/community/vmtn/server/vsphere/automationtools/powercli

# You will Need to change the following Lines, the quotes are needed :
$myvCenter = "default"
$myvCenterUserID = "default"
$myvCenterPW = "default"

#This command will show you a listing of your roles in vCenter
#get-virole

#This is the Role you created in vCenter:
$myVeeamRole = "default"

## You shouldn't have to modify anything below this unless you want to clean up the formating.
#----------------------------------------------------------------------------------------------------------------------------------------
# Quick Variable Checks

if ($myvCenter -eq "default") {
  write "Edit the $myvCenter variable in the script to run.   This would be set to your vCenter server DNS Name or IP"
  break
}
 
if ($myvCenterUserID -eq "default") {
  write "Edit the $myvCenterUserID variable in the script to run.   This would be set to your vCenter userid"
  break
}
 
if ($myvCenterPW -eq "default") {
  write "Edit the $myvCenterPW variable in the script to run.   This would be set to your vCenter password"
  break
}

if ($myVeeamRole  -eq "default") {
  write "Edit the $myVeeamRole  variable in the script to run.   This would be set to your Veeeam Role you created in vCenter"
  break
}

#---------------------------------------------------------------------------------------------------------------------------------------

# Adding PowerCLI core snapin
if (!(get-pssnapin -name VMware.VimAutomation.Core -erroraction silentlycontinue)) {
   add-pssnapin VMware.VimAutomation.Core
}

if (-not $vCenterconnection.IsConnected) {
  write "Connecting to VI Server"
  $vCenterConnection = Connect-VIServer -server $myvCenter -user $myvCenterUserID -password $myvCenterPW
}

# You will need to Add the Role you added for Veeam
$role = Get-VIRole $myVeeamRole

$resultGlobalLogEvent           = $role.PrivilegeList -contains "Global.LogEvent"
$resultGlobalCheckLic           = $role.PrivilegeList -contains "Global.Licenses"

$resultDatastoreLowLevelFileOp  = $role.PrivilegeList -contains "Datastore.FileManagement"
$resultDatastoreBrowseDS        = $role.PrivilegeList -contains "Datastore.Browse"
$resultDatastoreRMFile          = $role.PrivilegeList -contains "Datastore.DeleteFile"
$resultDatsstoreAllocateSpace   = $role.PrivilegeList -contains "Datastore.AllocateSpace"

$resultStateCreateSnapshot      = $role.PrivilegeList -contains "VirtualMachine.State.CreateSnapshot"
$resultStateRemoveSnapshot      = $role.PrivilegeList -contains "VirtualMachine.State.RemoveSnapshot"
$resultStateRevertSnapshot      = $role.PrivilegeList -contains "VirtualMachine.State.RevertToSnapshot"

$resultConfigDiskChangeTracking = $role.PrivilegeList -contains "VirtualMachine.Config.ChangeTracking"
$resultConfDiskLease            = $role.PrivilegeList -contains "VirtualMachine.Config.DiskLease"
$resultConfChangeResource       = $role.PrivilegeList -contains "VirtualMachine.Config.Resource"
$resultConfAddExistingDisk      = $role.PrivilegeList -contains "VirtualMachine.Config.AddExistingDisk"
$resultConfRemoveDisk           = $role.PrivilegeList -contains "VirtualMachine.Config.RemoveDisk"
$resultConfAdvancedConf         = $role.PrivilegeList -contains "VirtualMachine.Config.AdvancedConfig"
$resultConfAddNewDisk           = $role.PrivilegeList -contains "VirtualMachine.Config.AddNewDisk"
$resultConfAddRemoveDev         = $role.PrivilegeList -contains "VirtualMachine.Config.AddRemoveDevice"
$resultConfRename               = $role.PrivilegeList -contains "VirtualMachine.Config.Rename"
$resultConfModifyDeviceSet      = $role.PrivilegeList -contains "VirtualMachine.Config.EditDevice"

$resultProvisReadOnlyDiskAccess = $role.PrivilegeList -contains "VirtualMachine.Provisioning.DiskRandomRead"
$resultProfisAllowVMDL          = $role.PrivilegeList -contains "VirtualMachine.Provisioning.GetVmFiles"
$resultProvAllowDiskAccess      = $role.PrivilegeList -contains "VirtualMachine.Provisioning.DiskRandomAccess"
$resultProvVMFilesUL          = $role.PrivilegeList -contains "VirtualMachine.Provisioning.PutVmFiles"

$resultInvRegister              = $role.PrivilegeList -contains "VirtualMachine.Inventory.Register"
$resultInvRemove                = $role.PrivilegeList -contains "VirtualMachine.Inventory.Delete"
$resultInvUnregister            = $role.PrivilegeList -contains "VirtualMachine.Inventory.Unregister"

$resultResAsVMtoRP              = $role.PrivilegeList -contains "Resource.AssignVMToPool"
$resultResCreateRP              = $role.PrivilegeList -contains "Resource.CreatePool"
$resultResDeleteRP              = $role.PrivilegeList -contains "Resource.DeletePool"

$resultHostStoragePartConfig    = $role.PrivilegeList -contains "Host.Config.Storage"
$resultHostNetworkConfig        = $role.PrivilegeList -contains "Host.Config.Network"

$resultVMIntPowerOn             = $role.PrivilegeList -contains "VirtualMachine.Interact.PowerOn"
$resultVMIntPowerOff            = $role.PrivilegeList -contains "VirtualMachine.Interact.PowerOff"

$resultNetworkAssignNet         = $role.PrivilegeList -contains "Network.Assign"
$resultNetworkConfig            = $role.PrivilegeList -contains "Network.Config"

$resultFolderCreate             = $role.PrivilegeList -contains "Folder.Create"


$resultdvPortGrpCreate          = $role.PrivilegeList -contains "DVPortgroup.Create"
$resultdvPortGrpDelete          = $role.PrivilegeList -contains "DVPortgroup.Delete"

# ------------------------------------------------------------------------------------------------------------------

write ""
write " Veeam vCenter Server Granular Permissions v6 check Script"
write "ref: http://forums.veeam.com/viewtopic.php?f=24&t=10478"
write ""
write ""
write "vStorage API - SAN mode (Backup) --------------------------------------   "
write ""
write ""
write "---- Global ----"
write ""
write "Log Event                                : $resultGlobalLogEvent      "
write ""
write "---- Datastore ----"
write ""
write "Low Level File Operations                : $resultDatastoreLowLevelFileOp "
write ""
write "---- Virtual Machine - State ----"
write ""
write "Create Snapshot                          : $resultStateCreateSnapshot "
write "Remove Snapshot                          : $resultStateRemoveSnapshot "
write ""
write "---- Virtual Machine – Configuration ----"
write ""
write "Disk change tracking                     : $resultConfigDiskChangeTracking "
write "Disk lease                               : $resultConfDiskLease "
write ""
write "---- Virtual Machine – Provisioning  ----"
write ""
write "Allow read-only disk access              : $resultProvisReadOnlyDiskAccess"
write "Allow virtual machine download           : $resultProfisAllowVMDL"
write ""
write ""
write "vStorage API - Virtual Appliance mode (Backup) -------------------------   "
write ""
write ""
write "---- Global ----"
write ""
write "Log Event                                : $resultGlobalLogEvent      "
write ""
write "---- Datastore ----"
write ""
write "Low Level File Operations                : $resultDatastoreLowLevelFileOp "
write ""
write "---- Virtual Machine - State ----"
write ""
write "Create Snapshot                          : $resultStateCreateSnapshot "
write "Remove Snapshot                          : $resultStateRemoveSnapshot "
write ""
write "---- Virtual Machine – Configuration ----"
write ""
write "Disk change tracking                     : $resultConfigDiskChangeTracking "
write "Disk Change resource                     : $resultConfChangeResource "
write "Add existing disk                        : $resultConfAddExistingDisk "
write "Remove disk                              : $resultConfRemoveDisk "
write ""
write "---- Virtual Machine – Provisioning  ----"
write ""
write "Allow read-only disk access              : $resultProvisReadOnlyDiskAccess"
write "Allow virtual machine download           : $resultProfisAllowVMDL"
write ""
write ""
write "vStorage API - Network mode (Backup) -----------------------------------   "
write ""
write ""
write "---- Global ----"
write ""
write "Log Event                                : $resultGlobalLogEvent      "
write ""
write "---- Datastore ----"
write ""
write "Low Level File Operations                : $resultDatastoreLowLevelFileOp "
write ""
write "---- Virtual Machine - State ----"
write ""
write "Create Snapshot                          : $resultStateCreateSnapshot "
write "Remove Snapshot                          : $resultStateRemoveSnapshot "
write ""
write "---- Virtual Machine – Configuration ----"
write ""
write "Disk change tracking                     : $resultConfigDiskChangeTracking "
write ""
write "---- Virtual Machine – Provisioning  ----"
write ""
write "Allow read-only disk access              : $resultProvisReadOnlyDiskAccess"
write "Allow virtual machine download           : $resultProfisAllowVMDL"
write ""
write ""
write "vStorage API - SAN mode (Replication) -----------------------------------   "
write ""
write "---- Global ----"
write ""
write "Log Event                                : $resultGlobalLogEvent      "
write ""
write "---- Datastore ----"
write ""
write "Low Level File Operations                : $resultDatastoreLowLevelFileOp "
write "Browse datastore                         : $resultDatastoreBrowseDS "
write "Remove file                              : $resultDatastoreRMFile "
write "Allocate space                           : $resultDatsstoreAllocateSpace "
write ""
write "---- Virtual Machine - State ----"
write ""
write "Create Snapshot                          : $resultStateCreateSnapshot "
write "Remove Snapshot                          : $resultStateRemoveSnapshot "
write "Revert to snapshot                       : $resultStateRevertSnapshot "
write ""
write "---- Virtual Machine – Configuration ----"
write ""
write "Disk change tracking                     : $resultConfigDiskChangeTracking "
write "Disk lease                               : $resultConfDiskLease "
write "Advanced                                 : $resultConfAdvancedConf "
write "Add new disk                             : $resultConfAddNewDisk "
write ""
write "---- Virtual Machine – Provisioning  ----"
write ""
write "Allow disk access                        : $resultProvAllowDiskAccess"
write "Allow read-only disk access              : $resultProvisReadOnlyDiskAccess"
write "Allow virtual machine download           : $resultProfisAllowVMDL"
write ""
write "---- Virtual Machine - Inventory  ---- "
write ""
write "Register                                 : $resultInvRegister "
write "Remove                                   : $resultInvRemove   "
write ""
write "---- Virtual Machine - Resource   ---- "
write ""
write "Assign virtual machine to resource pool  : $resultResAsVMtoRP "
write ""
write ""
write "vStorage API - Virtual Appliance mode (Replication) ----------------------- "
write ""
write ""
write "---- Global ----"
write ""
write "Log Event                                : $resultGlobalLogEvent      "
write ""
write "---- Datastore ----"
write ""
write "Low Level File Operations                : $resultDatastoreLowLevelFileOp "
write "Browse datastore                         : $resultDatastoreBrowseDS "
write "Remove file                              : $resultDatastoreRMFile "
write "Allocate space                           : $resultDatsstoreAllocateSpace "
write ""
write "---- Virtual Machine - State ----"
write ""
write "Create Snapshot                          : $resultStateCreateSnapshot "
write "Remove Snapshot                          : $resultStateRemoveSnapshot "
write "Revert to snapshot                       : $resultStateRevertSnapshot "
write ""
write "---- Virtual Machine – Configuration ----"
write ""
write "Disk change tracking                     : $resultConfigDiskChangeTracking "
write "Change resource                          : $resultConfChangeResource "
write "Advanced                                 : $resultConfAdvancedConf "
write "Add new disk                             : $resultConfAddNewDisk "
write "Add existing disk                        : $resultConfAddExistingDisk "
write "Remove disk                              : $resultConfRemoveDisk "
write ""
write "---- Virtual Machine – Provisioning  ----"
write ""
write "Allow disk access                        : $resultProvAllowDiskAccess"
write "Allow read-only disk access              : $resultProvisReadOnlyDiskAccess"
write "Allow virtual machine download           : $resultProfisAllowVMDL"
write ""
write "---- Virtual Machine - Inventory  ---- "
write ""
write "Register                                 : $resultInvRegister "
write "Remove                                   : $resultInvRemove   "
write ""
write "---- Virtual Machine - Resource   ---- "
write ""
write "Assign virtual machine to resource pool  : $resultResAsVMtoRP "
write ""
write ""
write "vStorage API - Network mode (Replication) ------------------------------------- "
write ""
write ""
write "---- Global ----"
write ""
write "Log Event                                : $resultGlobalLogEvent      "
write ""
write "---- Datastore ----"
write ""
write "Low Level File Operations                : $resultDatastoreLowLevelFileOp "
write "Browse datastore                         : $resultDatastoreBrowseDS "
write "Remove file                              : $resultDatastoreRMFile "
write "Allocate space                           : $resultDatsstoreAllocateSpace "
write ""
write "---- Virtual Machine - State ----"
write ""
write "Create Snapshot                          : $resultStateCreateSnapshot "
write "Remove Snapshot                          : $resultStateRemoveSnapshot "
write "Revert to snapshot                       : $resultStateRevertSnapshot "
write ""
write "---- Virtual Machine – Configuration ----"
write ""
write "Disk change tracking                     : $resultConfigDiskChangeTracking "
write "Add new disk                             : $resultConfAddNewDisk "
write "Advanced                                 : $resultConfAdvancedConf "
write ""
write "---- Virtual Machine – Provisioning  ----"
write ""
write "Allow disk access                        : $resultProvAllowDiskAccess"
write "Allow read-only disk access              : $resultProvisReadOnlyDiskAccess"
write "Allow virtual machine download           : $resultProfisAllowVMDL"
write ""
write "---- Virtual Machine - Inventory  ---- "
write ""
write "Register                                 : $resultInvRegister "
write "Remove                                   : $resultInvRemove   "
write ""
write "---- Virtual Machine - Resource   ---- "
write ""
write "Assign virtual machine to resource pool  : $resultResAsVMtoRP "
write ""
write ""
write "Instant VM Recovery --------------------------------------------------------- "
write ""
write ""
write "---- Global ----"
write ""
write "Log Event                                : $resultGlobalLogEvent      "
write ""
write "---- Host Configuration --- "
write ""
write "Storage partition configuration          : $resultHostStoragePartConfig   "
write ""
write "---- Virtual machine - Interaction --- "
write ""
write "Power On                                  : $resultVMIntPowerOn       "
write "Power Off                                 : $resultVMIntPowerOff       "
write ""
write "---- Virtual Machine - Inventory  ---- "
write ""
write "Register                                   : $resultInvRegister "
write "Unregister                                 : $resultInvUnregister "
write ""
write "Assign virtual machine to resource pool  : $resultResAsVMtoRP "
write ""
write ""
write "SureBackup ------------------------------------------------------------------ "
write ""
write ""
write "---- Global ----"
write ""
write "Log Event                                : $resultGlobalLogEvent      "
write "Check Licenses                           : $resultGlobalCheckLic       "
write ""
write "---- Datastore ----"
write ""
write "Low Level File Operations                : $resultDatastoreLowLevelFileOp "
write "Remove file                              : $resultDatastoreRMFile "
write "Browse datastore                         : $resultDatastoreBrowseDS "
write ""
write "---- Host Configuration --- "
write ""
write "Network Configuration                    : $resultHostNetworkConfig   "
write "Storage partition configuration          : $resultHostStoragePartConfig   "
write ""
write "---- Network --- "
write ""
write "Assign Network                           : $resultNetworkAssignNet   "
write ""
write "---- Virtual machine - Interaction --- "
write ""
write "Power On                                  : $resultVMIntPowerOn       "
write "Power Off                                 : $resultVMIntPowerOff       "
write ""
write "---- Virtual Machine – Provisioning  ----"
write ""
write "Check Allow disk access                   : $resultProvAllowDiskAccess "
write ""
write "---- Virtual Machine – Configuration ----"
write ""
write "Add or remove device                     : $resultConfAddRemoveDevs "
write "Advanced                                 : $resultConfAdvancedConf "
write ""
write ""
write "---- Virtual Machine - Inventory  ---- "
write ""
write "Remove                                     : $resultInvRemove   "
write "Register                                   : $resultInvRegister "
write "Unregister                                 : $resultInvUnregister "
write ""
write "---- Virtual Machine - Resource   ---- "
write ""
write "Assign virtual machine to resource pool  : $resultResAsVMtoRP "
write "Create Resource Pool                     : $resultResCreateRP "
write "Remove Resource Pool                     : $resultResDeleteRP "
write ""
write "----- Folder ----                      "
write ""
write ""
write "Create Folder                             : $resultFolderCreate "
write "Delete Folder                             : $resultFolderCreate "
write ""
write "----- dvPort Group ----                      "
write ""
write "Create                                    :  $resultdvPortGrpCreate "
write "Delete                                    :  $resultdvPortGrpDelete "
write ""
write ""
write "Full VM Restore -------------------------------------------------------- "
write ""
write ""
write "---- Global ----"
write ""
write "Log Event                                : $resultGlobalLogEvent      "
write ""
write "---- Datastore ----"
write ""
write "Browse datastore                         : $resultDatastoreBrowseDS "
write "Remove file                              : $resultDatastoreRMFile "
write "Allocate space                           : $resultDatsstoreAllocateSpace "
write ""
write "---- Virtual Machine - State ----"
write ""
write "Create Snapshot                          : $resultStateCreateSnapshot "
write "Revert to snapshot                       : $resultStateRevertSnapshot "
write "Remove Snapshot                          : $resultStateRemoveSnapshot "
write ""
write "---- Virtual machine - Interaction --- "
write ""
write "Power On                                  : $resultVMIntPowerOn       "
write ""
write "---- Virtual Machine – Provisioning  ----"
write ""
write "Allow disk access                        : $resultProvAllowDiskAccess"
write "Allow read-only disk access              : $resultProvisReadOnlyDiskAccess"
write "Allow virtual machine download           : $resultProfisAllowVMDL"
write "Allow virtual machine files upload       : $resultProvVMFilesUL  "
write ""
write "---- Virtual Machine - Resource   ---- "
write ""
write "Assign virtual machine to resource pool  : $resultResAsVMtoRP "
write ""
write "---- Virtual Machine – Configuration ----"
write ""
write "Advanced                                 : $resultConfAdvancedConf "
write "Add new disk                             : $resultConfAddNewDisk "
write "Remove disk                              : $resultConfRemoveDisk "
write ""
write "---- Virtual Machine - Inventory  ---- "
write ""
write "Remove                                     : $resultInvRemove   "
write ""
write ""
write "Replica Failover -------------------------------------------------------- "
write ""
write ""
write "---- Global ----"
write ""
write "Log Event                                : $resultGlobalLogEvent      "
write ""
write "---- Datastore ----"
write ""
write "Low Level File Operations                : $resultDatastoreLowLevelFileOp "
write "Browse datastore                         : $resultDatastoreBrowseDS "
write "Remove file                              : $resultDatastoreRMFile "
write ""
write ""
write "---- Virtual Machine - State ----"
write ""
write "Create Snapshot                          : $resultStateCreateSnapshot "
write "Revert to snapshot                       : $resultStateRevertSnapshot "
write "Remove Snapshot                          : $resultStateRemoveSnapshot "
write ""
write "---- Virtual machine - Interaction --- "
write ""
write "Power On                                  : $resultVMIntPowerOn       "
write "Power Off                                 : $resultVMIntPowerOff       "
write ""
write "---- Virtual Machine – Configuration ----"
write ""
write "Advanced                                 : $resultConfAdvancedConf "
write "Rename                                   : $resultConfRename "
write ""
write ""
write "Replica Failback -------------------------------------------------------- "
write ""
write ""
write "---- Global ----"
write ""
write "Log Event                                : $resultGlobalLogEvent      "
write ""
write "---- Datastore ----"
write ""
write "Low Level File Operations                : $resultDatastoreLowLevelFileOp "
write "Browse datastore                         : $resultDatastoreBrowseDS "
write "Remove file                              : $resultDatastoreRMFile "
write "Allocate space                           : $resultDatsstoreAllocateSpace "
write ""
write "---- Virtual Machine - State ----"
write ""
write "Create Snapshot                          : $resultStateCreateSnapshot "
write "Revert to snapshot                       : $resultStateRevertSnapshot "
write "Remove Snapshot                          : $resultStateRemoveSnapshot "
write ""
write "---- Virtual Machine – Provisioning  ----"
write ""
write "Allow read-only disk access              : $resultProvisReadOnlyDiskAccess"
write "Allow virtual machine download           : $resultProfisAllowVMDL"
write ""
write "---- Virtual Machine – Configuration ----"
write ""
write "Advanced                                 : $resultConfAdvancedConf "
write "Rename                                   : $resultConfRename "
write "Disk change tracking                     : $resultConfigDiskChangeTracking "
write "Disk lease                               : $resultConfDiskLease "
write "Add new disk                             : $resultConfAddNewDisk "
write "Add existing disk                        : $resultConfAddExistingDisk "
write "Remove disk                              : $resultConfRemoveDisk "
write ""
write "---- Virtual Machine - Inventory  ---- "
write ""
write "Register                                   : $resultInvRegister "
write ""
write "---- Virtual Machine - Resource   ---- "
write ""
write "Assign virtual machine to resource pool  : $resultResAsVMtoRP "
write ""
write ""
write "File-Level Restore (Other Guest) -------------------------------------------------------- "
write ""
write ""
write "---- Global ----"
write ""
write "Log Event                                : $resultGlobalLogEvent      "
write ""
write "---- Datastore ----"
write ""
write "Low Level File Operations                : $resultDatastoreLowLevelFileOp "
write "Browse datastore                         : $resultDatastoreBrowseDS "
write ""
write "---- Network --- "
write ""
write "Assign Network                           : $resultNetworkAssignNet   "
write "Configure                                : $resultNetworkConfig     "
write ""
write "---- Virtual Machine – Configuration ----"
write ""
write "Modify device settings                   : $resultConfModifyDeviceSet "
write "---- Virtual machine - Interaction --- "
write ""
write "Power On                                  : $resultVMIntPowerOn       "
write "Power Off                                 : $resultVMIntPowerOff       "
write ""
write "---- Virtual Machine - Inventory  ---- "
write ""
write "Register                                   : $resultInvRegister "
write "Unregister                                 : $resultInvUnregister "
write ""
write "---- Virtual Machine - Resource   ---- "
write ""
write "Assign virtual machine to resource pool  : $resultResAsVMtoRP "
write ""
write "---- Host Configuration --- "
write ""
write "Storage partition configuration          : $resultHostStoragePartConfig   "
write ""





jcwuerfl
Enthusiast
 
Posts: 44
Liked: 3 times
Joined: Wed Jun 29, 2011 8:26 pm
Full Name: James

Re: vCenter powershell permissions check

Veeam Logoby Ben Milligan » Fri Feb 10, 2012 3:37 am

Very cool! Thanks for sharing this!
Ben Milligan
Veeam Software
 
Posts: 170
Liked: 37 times
Joined: Sun Jan 01, 2006 1:01 am

Re: vCenter powershell permissions check

Veeam Logoby Vitaliy S. » Fri Feb 10, 2012 7:55 am

Very cool indeed! Nice job.
Vitaliy S.
Veeam Software
 
Posts: 19575
Liked: 1106 times
Joined: Mon Mar 30, 2009 9:13 am
Full Name: Vitaliy Safarov

Re: vCenter powershell permissions check

Veeam Logoby Sethbartlett » Fri Feb 10, 2012 1:20 pm

Pretty awesome, good job. Nice share.
Skype: Sethbartlett88 - Make sure to label who you are and why you want to add me ;)
Twitter: @sethbartlett
If my post was helpful, please like it. Sometimes twitter is quicker to hit me up if you need me.
Sethbartlett
Expert
 
Posts: 282
Liked: 25 times
Joined: Wed Nov 10, 2010 6:51 pm
Full Name: Seth Bartlett

Re: vCenter powershell permissions check

Veeam Logoby Gostev » Tue Feb 21, 2012 7:36 pm

Guess the script could take a small update now, because the original list was missing a couple of permissions at the time when it was posted.
Gostev
Veeam Software
 
Posts: 21396
Liked: 2350 times
Joined: Sun Jan 01, 2006 1:01 am
Location: Baar, Switzerland

Re: vCenter powershell permissions check

Veeam Logoby jcwuerfl » Wed Feb 22, 2012 7:34 pm

Dubbing this : veeamVCPCheck.ps1 - v1.02

Code: Select all
#version 1.02, updated 2/22/2012
# * Added a couple missing permission checks
# * Added Red/Green formating for the output to make the results stand out a big more

#You will need the VMware vSphere PowerCLI Installed
# http://communities.vmware.com/community/vmtn/server/vsphere/automationtools/powercli

#----------------------------------------------------------------------------------------------------------------------------------------

# You will Need to change the following Lines, the quotes are needed :
$myvCenter = "default"
$myvCenterUserID = "default"
$myvCenterPW = "default"

#This command will show you a listing of your roles in vCenter, after you connect to vcenter with connect-viserver
#get-virole

#This is the Role you created in vCenter:
$myVeeamRole = "default"

## You shouldn't have to modify anything below this unless you want to clean up the formating.
#----------------------------------------------------------------------------------------------------------------------------------------
# Quick Variable Checks

if ($myvCenter -eq "default") {
  write-host "Edit the $myvCenter variable in the script to run.   This would be set to your vCenter server DNS Name or IP"
  break
}

if ($myvCenterUserID -eq "default") {
  write-host "Edit the $myvCenterUserID variable in the script to run.   This would be set to your vCenter userid"
  break
}
 
if ($myvCenterPW -eq "default") {
  write-host "Edit the $myvCenterPW variable in the script to run.   This would be set to your vCenter password"
  break
}

if ($myVeeamRole  -eq "default") {
  write-host "Edit the $myVeeamRole  variable in the script to run.   This would be set to your Veeeam Role you created in vCenter"
  break
}

#---------------------------------------------------------------------------------------------------------------------------------------

# Adding PowerCLI core snapin
if (!(get-pssnapin -name VMware.VimAutomation.Core -erroraction silentlycontinue)) {
   add-pssnapin VMware.VimAutomation.Core
}

if (-not $vCenterconnection.IsConnected) {
  write-host "Connecting to VI Server"
  $vCenterConnection = Connect-VIServer -server $myvCenter -user $myvCenterUserID -password $myvCenterPW
}

# You will need to Add the Role you added for Veeam
$role = Get-VIRole $myVeeamRole

$resultGlobalLogEvent           = $role.PrivilegeList -contains "Global.LogEvent"
$resultGlobalCheckLic           = $role.PrivilegeList -contains "Global.Licenses"

$resultDatastoreLowLevelFileOp  = $role.PrivilegeList -contains "Datastore.FileManagement"
$resultDatastoreBrowseDS        = $role.PrivilegeList -contains "Datastore.Browse"
$resultDatastoreRMFile          = $role.PrivilegeList -contains "Datastore.DeleteFile"
$resultDatsstoreAllocateSpace   = $role.PrivilegeList -contains "Datastore.AllocateSpace"

$resultStateCreateSnapshot      = $role.PrivilegeList -contains "VirtualMachine.State.CreateSnapshot"
$resultStateRemoveSnapshot      = $role.PrivilegeList -contains "VirtualMachine.State.RemoveSnapshot"
$resultStateRevertSnapshot      = $role.PrivilegeList -contains "VirtualMachine.State.RevertToSnapshot"

$resultConfDiskChangeTracking   = $role.PrivilegeList -contains "VirtualMachine.Config.ChangeTracking"
$resultConfDiskLease            = $role.PrivilegeList -contains "VirtualMachine.Config.DiskLease"
$resultConfChangeResource       = $role.PrivilegeList -contains "VirtualMachine.Config.Resource"
$resultConfAddExistingDisk      = $role.PrivilegeList -contains "VirtualMachine.Config.AddExistingDisk"
$resultConfRemoveDisk           = $role.PrivilegeList -contains "VirtualMachine.Config.RemoveDisk"
$resultConfAdvancedConf         = $role.PrivilegeList -contains "VirtualMachine.Config.AdvancedConfig"
$resultConfAddNewDisk           = $role.PrivilegeList -contains "VirtualMachine.Config.AddNewDisk"
$resultConfAddRemoveDev         = $role.PrivilegeList -contains "VirtualMachine.Config.AddRemoveDevice"
$resultConfRename               = $role.PrivilegeList -contains "VirtualMachine.Config.Rename"
$resultConfModifyDeviceSet      = $role.PrivilegeList -contains "VirtualMachine.Config.EditDevice"

$resultProvisReadOnlyDiskAccess = $role.PrivilegeList -contains "VirtualMachine.Provisioning.DiskRandomRead"
$resultProfisAllowVMDL          = $role.PrivilegeList -contains "VirtualMachine.Provisioning.GetVmFiles"
$resultProvAllowDiskAccess      = $role.PrivilegeList -contains "VirtualMachine.Provisioning.DiskRandomAccess"
$resultProvVMFilesUL            = $role.PrivilegeList -contains "VirtualMachine.Provisioning.PutVmFiles"

$resultInvRegister              = $role.PrivilegeList -contains "VirtualMachine.Inventory.Register"
$resultInvRemove                = $role.PrivilegeList -contains "VirtualMachine.Inventory.Delete"
$resultInvUnregister            = $role.PrivilegeList -contains "VirtualMachine.Inventory.Unregister"

$resultResAsVMtoRP              = $role.PrivilegeList -contains "Resource.AssignVMToPool"
$resultResCreateRP              = $role.PrivilegeList -contains "Resource.CreatePool"
$resultResDeleteRP              = $role.PrivilegeList -contains "Resource.DeletePool"

$resultHostStoragePartConfig    = $role.PrivilegeList -contains "Host.Config.Storage"
$resultHostNetworkConfig        = $role.PrivilegeList -contains "Host.Config.Network"

$resultVMIntPowerOn             = $role.PrivilegeList -contains "VirtualMachine.Interact.PowerOn"
$resultVMIntPowerOff            = $role.PrivilegeList -contains "VirtualMachine.Interact.PowerOff"

$resultNetworkAssignNet         = $role.PrivilegeList -contains "Network.Assign"
$resultNetworkConfig            = $role.PrivilegeList -contains "Network.Config"

$resultFolderCreate             = $role.PrivilegeList -contains "Folder.Create"
$resultFolderDelete             = $role.PrivilegeList -contains "Folder.Delete"

$resultdvPortGrpCreate          = $role.PrivilegeList -contains "DVPortgroup.Create"
$resultdvPortGrpDelete          = $role.PrivilegeList -contains "DVPortgroup.Delete"


# ------------------------------------------------------------------------------------------------------------------

function GlobalLogEvent() {
   if($resultGlobalLogEvent -eq "True") {
      write-host "Log Event: $resultGlobalLogEvent" -foregroundcolor "green"
   }
   else {
      write-host "Log Event: $resultGlobalLogEvent" -foregroundcolor "red"
   }
}

function GlobalCheckLic() {
   if($resultGlobalCheckLic -eq "True") {
      write-host "Licenses* : $resultGlobalCheckLic" -foregroundcolor "green"
   }
   else {
      write-host "Licenses* : $resultGlobalCheckLic" -foregroundcolor "red"
   }
}

function DatastoreLowLevelFileOperations() {
   if($resultDatastoreLowLevelFileOp -eq "True") {
      write-host "Low Level File Operations : $resultDatastoreLowLevelFileOp" -foregroundcolor "green"
   }
   else {
      write-host "Low Level File Operations : $resultDatastoreLowLevelFileOp" -foregroundcolor "red"
   }
}

function DatastoreBrowseDS() {
   if($resultDatastoreBrowseDS -eq "True") {
      write-host "Browse datastore : $resultDatastoreBrowseDS"  -foregroundcolor "green"
   }
   else {
      write-host "Browse datastore : $resultDatastoreBrowseDS"  -foregroundcolor "red"
   }
}

function DatstoreRMFile() {
   if($resultDatastoreRMFile -eq "True") {
      write-host "Remove file : $resultDatastoreRMFile" -foregroundcolor "green"
   }
   else {
      write-host "Remove file : $resultDatastoreRMFile"  -foregroundcolor "red"
   }
}

function DatsstoreAllocateSpace() {
   if($resultDatsstoreAllocateSpace -eq "True") {
      write-host "Allocate space : $resultDatsstoreAllocateSpace" -foregroundcolor "green"
   }
   else {
      write-host "Allocate space : $resultDatsstoreAllocateSpace" -foregroundcolor "red"
   }
}

function StateCreateSnapshot() {
   if($resultStateCreateSnapshot -eq "True") {
      write-host "Create Snapshot : $resultStateCreateSnapshot" -foregroundcolor "green"
   }
   else {
      write-host "Create Snapshot : $resultStateCreateSnapshot" -foregroundcolor "red"
   }
}

function StateRemoveSnapshot() {
   if($resultStateRemoveSnapshot -eq "True") {
      write-host "Remove Snapshot : $resultStateRemoveSnapshot" -foregroundcolor "green"
   }
   else {
      write-host "Remove Snapshot : $resultStateRemoveSnapshot" -foregroundcolor "red"
   }
}

function StateRevertSnapshot() {
   if($resultStateRevertSnapshot -eq "True") {
      write-host "Revert to snapshot : $resultStateRevertSnapshot" -foregroundcolor "green"
   }
   else {
      write-host "Revert to snapshot : $resultStateRevertSnapshot" -foregroundcolor "red"
   }
}

function ConfDiskChangeTracking() {
   if($resultConfDiskChangeTracking -eq "True") {
      write-host "Disk change tracking : $resultConfDiskChangeTracking" -foregroundcolor "green"
   }
   else {
      write-host "Disk change tracking : $resultConfDiskChangeTracking" -foregroundcolor "red"
   }
}

function ConfDiskLease() {
   if($resultConfDiskLease -eq "True") {
      write-host "Disk lease : $resultConfDiskLease" -foregroundcolor "green"
   }
   else {
      write-host "Disk lease : $resultConfDiskLease" -foregroundcolor "red"
   }
}

function ConfChangeResource() {
   if($resultConfChangeResource -eq "True") {
      write-host "Disk Change resource : $resultConfChangeResource" -foregroundcolor "green"
   }
   else {
      write-host "Disk Change resource : $resultConfChangeResource" -foregroundcolor "red"
   }
}

function ConfAddExistingDisk() {
   if($resultConfAddExistingDisk -eq "True") {
      write-host "Add existing disk : $resultConfAddExistingDisk" -foregroundcolor "green"
   }
   else {
      write-host "Add existing disk : $resultConfAddExistingDisk" -foregroundcolor "red"
   }
}

function ConfAdvancedConf() {
   if($resultConfAdvancedConf -eq "True") {
      write-host "Advanced : $resultConfAdvancedConf" -foregroundcolor "green"
   }
   else {
      write-host "Advanced : $resultConfAdvancedConf" -foregroundcolor "red"
   }
}

function ConfRemoveDisk() {
   if($resultConfRemoveDisk -eq "True") {
      write-host "Remove disk : $resultConfRemoveDisk" -foregroundcolor "green"
   }
   else {
      write-host "Remove disk : $resultConfRemoveDisk" -foregroundcolor "red"
   }
}

function ConfAddNewDisk() {
   if($resultConfAddNewDisk -eq "True") {
      write-host "Add new disk : $resultConfAddNewDisk" -foregroundcolor "green"
   }
   else {
      write-host "Add new disk : $resultConfAddNewDisk" -foregroundcolor "red"
   }
}

function ConfChangeResource() {
   if($resultConfChangeResource -eq "True") {
      write-host "Change resource : $resultConfChangeResource" -foregroundcolor "green"
   }
   else {
      write-host "Change resource : $resultConfChangeResource" -foregroundcolor "red"
   }
}

function ConfAddRemoveDev() {
   if($resultConfAddRemoveDev -eq "True") {
      write-host "Add or remove device : $resultConfAddRemoveDev" -foregroundcolor "green"
   }
   else {
      write-host "Add or remove device : $resultConfAddRemoveDev" -foregroundcolor "red"
   }
}

function ConfRename() {
   if($resultConfRename -eq "True") {
      write-host "Rename : $resultConfRename" -foregroundcolor "green"
   }
   else {
      write-host "Rename : $resultConfRename" -foregroundcolor "red"
   }
}

function ConfModifyDeviceSet() {
   if($resultConfModifyDeviceSet -eq "True") {
      write-host "Modify device settings : $resultConfModifyDeviceSet" -foregroundcolor "green"
   }
   else {
      write-host "Modify device settings : $resultConfModifyDeviceSet" -foregroundcolor "red"
   }
}

function ProvisReadOnlyDiskAccess() {
   if($resultProvisReadOnlyDiskAccess -eq "True") {
      write-host "Allow read-only disk access : $resultProvisReadOnlyDiskAccess" -foregroundcolor "green"
   }
   else {
      write-host "Allow read-only disk access : $resultProvisReadOnlyDiskAccess" -foregroundcolor "red"
   }
}

function ProvisAllowVMDL() {
   if($resultProfisAllowVMDL -eq "True") {
      write-host "Allow virtual machine download : $resultProfisAllowVMDL" -foregroundcolor "green"
   }
   else {
      write-host "Allow virtual machine download : $resultProfisAllowVMDL" -foregroundcolor "red"
   }
}

function ProvAllowDiskAccess() {
   if($resultProvAllowDiskAccess -eq "True") {
      write-host "Allow disk access : $resultProvAllowDiskAccess" -foregroundcolor "green"
   }
   else {
      write-host "Allow disk access : $resultProvAllowDiskAccess" -foregroundcolor "red"
   }
}

function ProvVMFilesUL() {
   if($resultProvVMFilesUL -eq "True") {
      write-host "Allow virtual machine files upload : $resultProvVMFilesUL" -foregroundcolor "green"
   }
   else {
      write-host "Allow virtual machine files upload : $resultProvVMFilesUL" -foregroundcolor "red"
   }
}

function InvRegister() {
   if($resultInvRegister -eq "True") {
      write-host "Register : $resultInvRegister" -foregroundcolor "green"
   }
   else {
      write-host "Register : $resultInvRegister" -foregroundcolor "red"
   }
}

function InvRemove() {
   if($resultInvRemove -eq "True") {
      write-host "Remove : $resultInvRemove" -foregroundcolor "green"
   }
   else {
      write-host "Remove : $resultInvRemove" -foregroundcolor "red"
   }
}

function InvUnregister() {
   if($resultInvUnregister -eq "True") {
      write-host "Unregister : $resultInvUnregister" -foregroundcolor "green"
   }
   else {
      write-host "Unregister : $resultInvUnregister" -foregroundcolor "red"
   }
}

function ResAsVMtoRP() {
   if($resultResAsVMtoRP -eq "True") {
      write-host "Assign virtual machine to resource pool : $resultResAsVMtoRP" -foregroundcolor "green"
   }
   else {
      write-host "Assign virtual machine to resource pool : $resultResAsVMtoRP" -foregroundcolor "red"
   }
}

function ResCreateRP() {
   if($resultResCreateRP -eq "True") {
      write-host "Create Resource Pool : $resultResCreateRP" -foregroundcolor "green"
   }
   else {
      write-host "Create Resource Pool : $resultResCreateRP" -foregroundcolor "red"
   }
}

function ResDeleteRP() {
   if($resultResDeleteRP -eq "True") {
      write-host "Remove Resource Pool : $resultResDeleteRP" -foregroundcolor "green"
   }
   else {
      write-host "Remove Resource Pool : $resultResDeleteRP" -foregroundcolor "red"
   }
}

function HostStoragePartitionConfig() {
   if($resultHostStoragePartConfig -eq "True") {
      write-host "True: Storage partition configuration : $resultHostStoragePartConfig" -foregroundcolor "green"
   }
   else {
      write-host "False: Storage partition configuration : $resultHostStoragePartConfig" -foregroundcolor "red"
   }
}

function HostNetworkConfig() {
   if($resultHostNetworkConfig -eq "True") {
      write-host "Network Configuration : $resultHostNetworkConfig" -foregroundcolor "green"
   }
   else {
      write-host "Network Configuration : $resultHostNetworkConfig" -foregroundcolor "red"
   }
}

function VMIntPowerOn() {
   if($resultVMIntPowerOn -eq "True") {
      write-host "Power On : $resultVMIntPowerOn" -foregroundcolor "green"
   }
   else {
      write-host "Power On : $resultVMIntPowerOn" -foregroundcolor "red"
   }
}

function VMIntPowerOff() {
   if($resultVMIntPowerOff -eq "True") {
      write-host "Power Off : $resultVMIntPowerOff" -foregroundcolor "green"
   }
   else {
      write-host "Power Off : $resultVMIntPowerOff" -foregroundcolor "red"
   }
}

function NetworkAssignNet() {
   if($resultNetworkAssignNet -eq "True") {
      write-host "Assign Network : $resultNetworkAssignNet" -foregroundcolor "green"
   }
   else {
      write-host "Assign Network : $resultNetworkAssignNet" -foregroundcolor "red"
   }
}

function NetworkConfig() {
   if($resultNetworkConfig -eq "True") {
      write-host "Configure : $resultNetworkConfig" -foregroundcolor "green"
   }
   else {
      write-host "Configure : $resultNetworkConfig" -foregroundcolor "red"
   }
}

function FolderCreate() {
   if($resultFolderCreate -eq "True") {
      write-host "Create Folder : $resultFolderCreate" -foregroundcolor "green"
   }
   else {
      write-host "Create Folder : $resultFolderCreate" -foregroundcolor "red"
   }
}

function FolderDelete() {
   if($resultFolderDelete -eq "True") {
      write-host "Delete Folder : $resultFolderDelete" -foregroundcolor "green"
   }
   else {
      write-host "Delete Folder : $resultFolderDelete" -foregroundcolor "red"
   }
}

function dvPortGrpCreate() {
   if($resultdvPortGrpCreate -eq "True") {
      write-host "Create :  $resultdvPortGrpCreate" -foregroundcolor "green"
   }
   else {
      write-host "Create :  $resultdvPortGrpCreate" -foregroundcolor "red"
   }
}

function dvPortGrpDelete() {
   if($resultdvPortGrpDelete -eq "True") {
      write-host "Delete :  $resultdvPortGrpDelete" -foregroundcolor "green"
   }
   else {
      write-host "Delete :  $resultdvPortGrpDelete" -foregroundcolor "red"
   }
}

# ------------------------------------------------------------------------------------------------------------------
write-host ""
write-host " Veeam vCenter Server Granular Permissions v6 check Script"
write-host "ref: http://forums.veeam.com/viewtopic.php?f=24&t=10478"
write-host ""
write-host ""
write-host "vStorage API - SAN mode (Backup) --------------------------------------   "
write-host ""
write-host ""
write-host "---- Global ----"
write-host ""
GlobalLogEvent
write-host ""
write-host "---- Datastore ----"
write-host ""
DatastoreLowLevelFileOperations
write-host ""
write-host "---- Virtual Machine - State ----"
write-host ""
StateCreateSnapshot
StateRemoveSnapshot
write-host ""
write-host "---- Virtual Machine – Configuration ----"
write-host ""
ConfDiskChangeTracking
ConfDiskLease
write-host ""
write-host "---- Virtual Machine – Provisioning  ----"
write-host ""
ProvisReadOnlyDiskAccess
ProvisAllowVMDL
write-host ""
write-host ""
write-host "vStorage API - Virtual Appliance mode (Backup) -------------------------   "
write-host ""
write-host ""
write-host "---- Global ----"
write-host ""
GlobalLogEvent
write-host ""
write-host "---- Datastore ----"
write-host ""
DatastoreLowLevelFileOperations
write-host ""
write-host "---- Virtual Machine - State ----"
write-host ""
StateCreateSnapshot
StateRemoveSnapshot
write-host ""
write-host "---- Virtual Machine – Configuration ----"
write-host ""
ConfDiskChangeTracking
ConfChangeResource
ConfAddExistingDisk
ConfRemoveDisk
write-host ""
write-host "---- Virtual Machine – Provisioning  ----"
write-host ""
ProvisReadOnlyDiskAccess
ProvisAllowVMDL
write-host ""
write-host ""
write-host "vStorage API - Network mode (Backup) -----------------------------------   "
write-host ""
write-host ""
write-host "---- Global ----"
write-host ""
GlobalLogEvent
GlobalCheckLic
write-host ""
write-host "---- Datastore ----"
write-host ""
DatastoreLowLevelFileOperations
write-host ""
write-host "---- Virtual Machine - State ----"
write-host ""
StateCreateSnapshot
StateRemoveSnapshot
write-host ""
write-host "---- Virtual Machine – Configuration ----"
write-host ""
ConfDiskChangeTracking
write-host ""
write-host "---- Virtual Machine – Provisioning  ----"
write-host ""
ProvisReadOnlyDiskAccess
ProvisAllowVMDL
write-host ""
write-host ""
write-host "vStorage API - SAN mode (Replication) -----------------------------------   "
write-host ""
write-host "---- Global ----"
write-host ""
GlobalLogEvent
write-host ""
write-host "---- Datastore ----"
write-host ""
DatastoreLowLevelFileOperations
DatastoreBrowseDS
DatstoreRMFile
DatsstoreAllocateSpace
write-host ""
write-host "---- Virtual Machine - State ----"
write-host ""
StateCreateSnapshot
StateRemoveSnapshot
StateRevertSnapshot
write-host ""
write-host "---- Virtual Machine – Configuration ----"
write-host ""
ConfDiskChangeTracking
ConfDiskLease
ConfAdvancedConf
ConfAddNewDisk
write-host ""
write-host "---- Virtual Machine – Provisioning  ----"
write-host ""
ProvAllowDiskAccess
ProvisReadOnlyDiskAccess
ProvisAllowVMDL
write-host ""
write-host "---- Virtual Machine - Inventory  ---- "
write-host ""
InvRegister
InvRemove
write-host ""
write-host "---- Virtual Machine - Resource   ---- "
write-host ""
ResAsVMtoRP
write-host ""
write-host ""
write-host "vStorage API - Virtual Appliance mode (Replication) ----------------------- "
write-host ""
write-host ""
write-host "---- Global ----"
write-host ""
GlobalLogEvent
write-host ""
write-host "---- Datastore ----"
write-host ""
DatastoreLowLevelFileOperations
DatastoreBrowseDS
DatstoreRMFile
DatsstoreAllocateSpace
write-host ""
write-host "---- Virtual Machine - State ----"
write-host ""
StateCreateSnapshot
StateRemoveSnapshot
StateRevertSnapshot
write-host ""
write-host "---- Virtual Machine – Configuration ----"
write-host ""
ConfDiskChangeTracking
ConfChangeResource
ConfAdvancedConf
ConfAddNewDisk
ConfAddExistingDisk
ConfRemoveDisk
write-host ""
write-host "---- Virtual Machine – Provisioning  ----"
write-host ""
ProvAllowDiskAccess
ProvisReadOnlyDiskAccess
ProvisAllowVMDL
write-host ""
write-host "---- Virtual Machine - Inventory  ---- "
write-host ""
InvRegister
InvRemove
write-host ""
write-host "---- Virtual Machine - Resource   ---- "
write-host ""
ResAsVMtoRP
write-host ""
write-host ""
write-host "vStorage API - Network mode (Replication) ------------------------------------- "
write-host ""
write-host ""
write-host "---- Global ----"
write-host ""
GlobalLogEvent
write-host ""
write-host "---- Datastore ----"
write-host ""
DatastoreLowLevelFileOperations
DatastoreBrowseDS
DatstoreRMFile
DatsstoreAllocateSpace
write-host ""
write-host "---- Virtual Machine - State ----"
write-host ""
StateCreateSnapshot
StateRemoveSnapshot
StateRevertSnapshot
write-host ""
write-host "---- Virtual Machine – Configuration ----"
write-host ""
ConfDiskChangeTracking
ConfAddNewDisk
ConfAdvancedConf
write-host ""
write-host "---- Virtual Machine – Provisioning  ----"
write-host ""
ProvAllowDiskAccess
ProvisReadOnlyDiskAccess
ProvisAllowVMDL
write-host ""
write-host "---- Virtual Machine - Inventory  ---- "
write-host ""
InvRegister
InvRemove
write-host ""
write-host "---- Virtual Machine - Resource   ---- "
write-host ""
ResAsVMtoRP
write-host ""
write-host ""
write-host "Instant VM Recovery --------------------------------------------------------- "
write-host ""
write-host ""
write-host "---- Global ----"
write-host ""
GlobalLogEvent
write-host ""
write-host "---- Host Configuration --- "
write-host ""
HostStoragePartitionConfig
write-host ""
write-host "---- Virtual machine - Interaction --- "
write-host ""
VMIntPowerOn
VMIntPowerOff
write-host ""
write-host "---- Virtual Machine - Inventory  ---- "
write-host ""
InvRegister
InvUnregister
write-host ""
ResAsVMtoRP
write-host ""
write-host ""
write-host "SureBackup ------------------------------------------------------------------ "
write-host ""
write-host ""
write-host "---- Global ----"
write-host ""
GlobalLogEvent
GlobalCheckLic
write-host ""
write-host "---- Datastore ----"
write-host ""
DatastoreLowLevelFileOperations
DatstoreRMFile
DatastoreBrowseDS
write-host ""
write-host "---- Host Configuration --- "
write-host ""
HostNetworkConfig
HostStoragePartitionConfig
write-host ""
write-host "---- Network --- "
write-host ""
NetworkAssignNet
write-host ""
write-host "---- Virtual machine - Interaction ---"
write-host ""
VMIntPowerOn
VMIntPowerOff
write-host ""
write-host "---- Virtual Machine – Provisioning  ----"
write-host ""
ProvAllowDiskAccess
write-host ""
write-host "---- Virtual Machine – Configuration ----"
write-host ""
ConfAddRemoveDev
ConfAdvancedConf
write-host ""
write-host ""
write-host "---- Virtual Machine - Inventory  ----"
write-host ""
InvRemove
InvRegister
InvUnregister
write-host ""
write-host "---- Virtual Machine - Resource   ----"
write-host ""
ResAsVMtoRP
ResCreateRP
ResDeleteRP
write-host ""
write-host "----- Folder ----"
write-host ""
write-host ""
FolderCreate
FolderDelete
write-host ""
write-host "----- dvPort Group ----"
write-host ""
dvPortGrpCreate
dvPortGrpDelete
write-host ""
write-host ""
write-host "Full VM Restore --------------------------------------------------------"
write-host ""
write-host ""
write-host "---- Global ----"
write-host ""
GlobalLogEvent
write-host ""
write-host "---- Datastore ----"
write-host ""
DatastoreBrowseDS
DatstoreRMFile
DatsstoreAllocateSpace
DatastoreLowLevelFileOperations
write-host ""
write-host "---- Virtual Machine - State ----"
write-host ""
StateCreateSnapshot
StateRevertSnapshot
StateRemoveSnapshot
write-host ""
write-host "---- Virtual machine - Interaction --- "
write-host ""
VMIntPowerOn
write-host ""
write-host "---- Virtual Machine – Provisioning  ----"
write-host ""
ProvAllowDiskAccess
ProvisReadOnlyDiskAccess
ProvisAllowVMDL
ProvVMFilesUL
write-host ""
write-host "---- Virtual Machine - Resource   ---- "
write-host ""
ResAsVMtoRP
write-host ""
write-host "---- Virtual Machine – Configuration ----"
write-host ""
ConfAdvancedConf
ConfAddNewDisk
ConfRemoveDisk
write-host ""
write-host "---- Virtual Machine - Inventory  ---- "
write-host ""
InvRemove
write-host ""
write-host "---- Folder  ---- "
write-host ""
FolderCreate
write-host ""
write-host ""
write-host "Replica Failover --------------------------------------------------------"
write-host ""
write-host ""
write-host "---- Global ----"
write-host ""
GlobalLogEvent
write-host ""
write-host "---- Datastore ----"
write-host ""
DatastoreLowLevelFileOperations
DatastoreBrowseDS
DatstoreRMFile
write-host ""
write-host ""
write-host "---- Virtual Machine - State ----"
write-host ""
StateCreateSnapshot
StateRevertSnapshot
StateRemoveSnapshot
write-host ""
write-host "---- Virtual machine - Interaction --- "
write-host ""
VMIntPowerOn
VMIntPowerOff
write-host ""
write-host "---- Virtual Machine – Configuration ----"
write-host ""
ConfAdvancedConf
ConfRename
write-host ""
write-host ""
write-host "Replica Failback -------------------------------------------------------- "
write-host ""
write-host ""
write-host "---- Global ----"
write-host ""
GlobalLogEvent
write-host ""
write-host "---- Datastore ----"
write-host ""
DatastoreLowLevelFileOperations
DatastoreBrowseDS
DatstoreRMFile
DatsstoreAllocateSpace
write-host ""
write-host "---- Virtual Machine - State ----"
write-host ""
StateCreateSnapshot
StateRevertSnapshot
StateRemoveSnapshot
write-host ""
write-host "---- Virtual machine - Interaction ---"
write-host ""
VMIntPowerOn
VMIntPowerOff
write-host ""
write-host "---- Virtual Machine – Provisioning  ----"
write-host ""
ProvisReadOnlyDiskAccess
ProvisAllowVMDL
write-host ""
write-host "---- Virtual Machine – Configuration ----"
write-host ""
ConfAdvancedConf
ConfRename
ConfDiskChangeTracking
ConfDiskLease
ConfAddNewDisk
ConfAddExistingDisk
ConfRemoveDisk
write-host ""
write-host "---- Virtual Machine - Inventory  ----"
write-host ""
InvRegister
write-host ""
write-host "---- Virtual Machine - Resource   ---- "
write-host ""
ResAsVMtoRP
write-host ""
write-host ""
write-host "File-Level Restore (Other Guest) --------------------------------------------------------"
write-host ""
write-host ""
write-host "---- Global ----"
write-host ""
GlobalLogEvent
write-host ""
write-host "---- Datastore ----"
write-host ""
DatastoreLowLevelFileOperations
DatastoreBrowseDS
write-host ""
write-host "---- Network --- "
write-host ""
NetworkAssignNet
NetworkConfig
write-host ""
write-host "---- Virtual Machine – Configuration ----"
write-host ""
ConfModifyDeviceSet
write-host ""
write-host "---- Virtual machine - Interaction --- "
write-host ""
VMIntPowerOn
VMIntPowerOff
write-host ""
write-host "---- Virtual Machine - Inventory  ----"
write-host ""
InvRegister
InvUnregister
write-host ""
write-host "---- Virtual Machine - Resource   ----"
write-host ""
ResAsVMtoRP
write-host ""
write-host "---- Host Configuration ---"
write-host ""
HostStoragePartitionConfig
write-host ""
write-host ""





jcwuerfl
Enthusiast
 
Posts: 44
Liked: 3 times
Joined: Wed Jun 29, 2011 8:26 pm
Full Name: James

Re: vCenter powershell permissions check

Veeam Logoby Gostev » Thu Feb 23, 2012 12:38 am

Thanks :)
Gostev
Veeam Software
 
Posts: 21396
Liked: 2350 times
Joined: Sun Jan 01, 2006 1:01 am
Location: Baar, Switzerland

Re: vCenter powershell permissions check

Veeam Logoby jcwuerfl » Fri Dec 13, 2013 9:34 pm 1 person likes this post

Here is an updated version for vCenter 5.5 with Veeam 7.0.

Thanks

Code: Select all
#You will need the VMware vSphere PowerCLI Installed
# http://communities.vmware.com/community/vmtn/server/vsphere/automationtools/powercli

# You will Need to change the following Lines, the quotes are needed :
$myvCenter = "default"
$myvCenterUserID = "default"
$myvCenterPW = "default"

#This command will show you a listing of your roles in vCenter
#get-virole

#This is the Role you created in vCenter:
$myVeeamRole = "default"

## You shouldn't have to modify anything below this unless you want to clean up the formating.
#----------------------------------------------------------------------------------------------------------------------------------------
# Quick Variable Checks

if ($myvCenter -eq "default") {
  write-host "Edit the $myvCenter variable in the script to run.   This would be set to your vCenter server DNS Name or IP"
  break
}

if ($myvCenterUserID -eq "default") {
  write-host "Edit the $myvCenterUserID variable in the script to run.   This would be set to your vCenter userid"
  break
}
 
if ($myvCenterPW -eq "default") {
  write-host "Edit the $myvCenterPW variable in the script to run.   This would be set to your vCenter password"
  break
}

if ($myVeeamRole  -eq "default") {
  write-host "Edit the $myVeeamRole  variable in the script to run.   This would be set to your Veeeam Role you created in vCenter"
  break
}

#---------------------------------------------------------------------------------------------------------------------------------------

# Adding PowerCLI core snapin
if (!(get-pssnapin -name VMware.VimAutomation.Core -erroraction silentlycontinue)) {
   add-pssnapin VMware.VimAutomation.Core
}

if (-not $vCenterconnection.IsConnected) {
  write-host "Connecting to VI Server"
  $vCenterConnection = Connect-VIServer -server $myvCenter -user $myvCenterUserID -password $myvCenterPW
}

# You will need to Add the Role you added for Veeam
$role = Get-VIRole $myVeeamRole

$resultdvPortGrpCreate          = $role.PrivilegeList -contains "DVPortgroup.Create"
$resultdvPortGrpDelete          = $role.PrivilegeList -contains "DVPortgroup.Delete"

if ($resultdvPortGrpCreate -eq 'False') {  $resultdvPortGrpCreateColor = "white" } else { $resultdvPortGrpCreateColor = "red" }
if ($resultdvPortGrpDelete -eq 'False') {  $resultdvPortGrpDeleteColor = "white" } else { $resultdvPortGrpDeleteColor = "red" }

$resultDatsstoreAllocateSpace   = $role.PrivilegeList -contains "Datastore.AllocateSpace"
$resultDatastoreBrowseDS        = $role.PrivilegeList -contains "Datastore.Browse"
$resultDatastoreRMFile          = $role.PrivilegeList -contains "Datastore.DeleteFile"
$resultDatastoreLowLevelFileOp  = $role.PrivilegeList -contains "Datastore.FileManagement"

if ($resultDatsstoreAllocateSpace -eq 'False') {  $resultDatsstoreAllocateSpaceColor = "white" } else { $resultDatsstoreAllocateSpaceColor = "red" }
if ($resultDatastoreBrowseDS -eq 'False') {  $resultDatastoreBrowseDSColor = "white" } else { $resultDatastoreBrowseDSColor = "red" }
if ($resultDatastoreRMFile -eq 'False') {  $resultDatastoreRMFileColor = "white" } else { $resultDatastoreRMFileColor = "red" }
if ($resultDatastoreLowLevelFileOp -eq 'False') {  $resultDatastoreLowLevelFileOpColor = "white" } else { $resultDatastoreLowLevelFileOpColor = "red" }

$resultFolderCreate             = $role.PrivilegeList -contains "Folder.Create"
$resultFolderDelete             = $role.PrivilegeList -contains "Folder.Delete"

if ($resultFolderCreate -eq 'False') {  $resultFolderCreateColor = "white" } else { $resultFolderCreateColor = "red" }
if ($resultFolderDelete -eq 'False') {  $resultFolderDeleteColor = "white" } else { $resultFolderDeleteColor = "red" }


$resultGlobalDisableMethods     = $role.PrivilegeList -contains "Global.DisableMethods"
$resultGlobalEnableMethods      = $role.PrivilegeList -contains "Global.EnableMethods"
$resultGlobalCheckLic           = $role.PrivilegeList -contains "Global.Licenses"
$resultGlobalLogEvent           = $role.PrivilegeList -contains "Global.LogEvent"
$resultGlobalManageCustomFields = $role.PrivilegeList -contains "Global.ManageCustomFields"
$resultGlobalSetCustomField     = $role.PrivilegeList -contains "Global.SetCustomField"

if ($resultGlobalDisableMethods -eq 'False') {  $resultGlobalDisableMethodsColor = "white" } else { $resultGlobalDisableMethodsColor = "red" }
if ($resultGlobalEnableMethods -eq 'False') { $resultGlobalEnableMethodsColor = "white" } else { $resultGlobalEnableMethodsColor = "red" }
if ($resultGlobalCheckLic -eq 'False') {  $resultGlobalCheckLicColor = "white" } else { $resultGlobalCheckLicColor = "red" }
if ($resultGlobalLogEvent -eq 'False') {  $resultGlobalLogEventColor = "white" } else { $resultGlobalLogEventColor = "red" }
if ($resultGlobalManageCustomFields -eq 'False') {  $resultGlobalManageCustomFieldsColor = "white" } else { $resultGlobalManageCustomFieldsColor = "red" }
if ($resultGlobalSetCustomField -eq 'False') {  $resultGlobalSetCustomFieldColor = "white" } else { $resultGlobalSetCustomFieldColor = "red" }

$resultHostNetworkConfig        = $role.PrivilegeList -contains "Host.Config.Network"
$resultHostStoragePartConfig    = $role.PrivilegeList -contains "Host.Config.Storage"

if ($resultHostNetworkConfig -eq 'False') {  $resultHostNetworkConfigColor = "white" } else { $resultHostNetworkConfigColor = "red" }
if ($resultHostStoragePartConfig -eq 'False') {  $resultHostStoragePartConfigColor = "white" } else { $resultHostStoragePartConfigColor = "red" }

$resultNetworkAssignNet         = $role.PrivilegeList -contains "Network.Assign"
$resultNetworkConfig            = $role.PrivilegeList -contains "Network.Config"

if ($resultNetworkAssignNet -eq 'False') { $resultNetworkAssignNetColor = "white" } else { $resultNetworkAssignNetColor = "red" }
if ($resultNetworkConfig -eq 'False') {  $resultNetworkConfigColor = "white" } else { $resultNetworkConfigColor = "red" }

$resultResAsVMtoRP              = $role.PrivilegeList -contains "Resource.AssignVMToPool"
$resultResColdMigrate           = $role.PrivilegeList -contains "Resource.ColdMigrate"
$resultResCreateRP              = $role.PrivilegeList -contains "Resource.CreatePool"
$resultResDeleteRP              = $role.PrivilegeList -contains "Resource.DeletePool"
$resultResHotMigrate            = $role.PrivilegeList -contains "Resource.HotMigrate"

if ($resultResAsVMtoRP -eq 'False') { $resultResAsVMtoRPColor = "white" } else { $resultResAsVMtoRPColor = "red" }
if ($resultResColdMigrate -eq 'False') { $resultResColdMigrateColor = "white" } else { $resultResColdMigrateColor = "red" }
if ($resultResCreateRP -eq 'False') { $resultResCreateRPColor = "white" } else { $resultResCreateRPColor = "red" }
if ($resultResDeleteRP -eq 'False') { $resultResDeleteRPColor = "white" } else { $resultResDeleteRPColor = "red" }
if ($resultResHotMigrate -eq 'False') { $resultResHotMigrateColor = "white" } else { $resultResHotMigrateColor = "red" }

$resultSystemAnonymous          = $role.PrivilegeList -contains "System.Anonymous"
$resultSystemRead               = $role.PrivilegeList -contains "System.Read"
$resultSystemView               = $role.PrivilegeList -contains "System.View"

if ($resultSystemAnonymous -eq 'False') { $resultSystemAnonymousColor = "white" } else { $resultSystemAnonymousColor = "red" }
if ($resultSystemRead -eq 'False') { $resultSystemReadColor = "white" } else { $resultSystemReadColor = "red" }
if ($resultSystemView -eq 'False') { $resultSystemViewColor = "white" } else { $resultSystemViewColor = "red" }

$resultVAppAssignResourcePool   = $role.PrivilegeList -contains "VApp.AssignResourcePool"
$resultVAppAssignVM             = $role.PrivilegeList -contains "VApp.AssignVM"
$resultVAppUnregister           = $role.PrivilegeList -contains "VApp.Unregister"

if ($resultVAppAssignResourcePool -eq 'False') { $resultVAppAssignResourcePoolColor = "white" } else { $resultVAppAssignResourcePoolColor = "red" }
if ($resultVAppAssignVM -eq 'False') {  $resultVAppAssignVMColor = "white" } else { $resultVAppAssignVMColor = "red" }
if ($resultVAppUnregister -eq 'False') { $resultVAppUnregisterColor = "white" } else { $resultVAppUnregisterColor = "red" }

$resultConfAddExistingDisk      = $role.PrivilegeList -contains "VirtualMachine.Config.AddExistingDisk"
$resultConfAddNewDisk           = $role.PrivilegeList -contains "VirtualMachine.Config.AddNewDisk"
$resultConfAddRemoveDevs        = $role.PrivilegeList -contains "VirtualMachine.Config.AddRemoveDevice"
$resultConfAdvancedConf         = $role.PrivilegeList -contains "VirtualMachine.Config.AdvancedConfig"
$resultConfigDiskChangeTracking = $role.PrivilegeList -contains "VirtualMachine.Config.ChangeTracking"
$resultConfDiskLease            = $role.PrivilegeList -contains "VirtualMachine.Config.DiskLease"
$resultConfModifyDeviceSet      = $role.PrivilegeList -contains "VirtualMachine.Config.EditDevice"
$resultConfRemoveDisk           = $role.PrivilegeList -contains "VirtualMachine.Config.RemoveDisk"
$resultConfRename               = $role.PrivilegeList -contains "VirtualMachine.Config.Rename"
$resultConfChangeResource       = $role.PrivilegeList -contains "VirtualMachine.Config.Resource"

if ($resultConfAddExistingDisk -eq 'False') {$resultConfAddExistingDiskColor = "white" } else { $resultConfAddExistingDiskColor = "red" }
if ($resultConfAddNewDisk -eq 'False') { $resultConfAddNewDiskColor = "white" } else { $resultConfAddNewDiskColor = "red" }
if ($resultConfAddRemoveDevs -eq 'False') { $resultConfAddRemoveDevsColor = "white" } else { $resultConfAddRemoveDevsColor = "red" }
if ($resultConfAdvancedConf -eq 'False') { $resultConfAdvancedConfColor = "white" } else { $resultConfAdvancedConfColor = "red" }
if ($resultConfigDiskChangeTracking -eq 'False') { $resultConfigDiskChangeTrackingColor = "white" } else { $resultConfigDiskChangeTrackingColor = "red" }
if ($resultConfDiskLease -eq 'False') {  $resultConfDiskLeaseColor = "white" } else { $resultConfDiskLeaseColor = "red" }
if ($resultConfModifyDeviceSet -eq 'False') { $resultConfModifyDeviceSetColor = "white" } else { $resultConfModifyDeviceSetColor = "red" }
if ($resultConfRemoveDisk -eq 'False') { $resultConfRemoveDiskColor = "white" } else { $resultConfRemoveDiskColor = "red" }
if ($resultConfRename -eq 'False') { $resultConfRenameColor = "white" } else { $resultConfRenameColor = "red" }
if ($resultConfChangeResource -eq 'False') { $resultConfChangeResourceColor = "white" } else { $resultConfChangeResourceColor = "red" }

$resultVMIntDeviceConnection    = $role.PrivilegeList -contains "VirtualMachine.Interact.DeviceConnection"
$resultVMIntGuestControl        = $role.PrivilegeList -contains "VirtualMachine.Interact.GuestControl"
$resultVMIntPowerOff            = $role.PrivilegeList -contains "VirtualMachine.Interact.PowerOff"
$resultVMIntPowerOn             = $role.PrivilegeList -contains "VirtualMachine.Interact.PowerOn"
$resultVMIntPowerSuspend        = $role.PrivilegeList -contains "VirtualMachine.Interact.Suspend"

if ($resultVMIntDeviceConnection -eq 'False') { $resultVMIntDeviceConnectionColor = "white" } else { $resultVMIntDeviceConnectionColor = "red" }
if ($resultVMIntGuestControl -eq 'False') { $resultVMIntGuestControlColor = "white" } else { $resultVMIntGuestControlColor = "red" }
if ($resultVMIntPowerOff -eq 'False') { $resultVMIntPowerOffColor = "white" } else { $resultVMIntPowerOffColor = "red" }
if ($resultVMIntPowerOn -eq 'False') { $resultVMIntPowerOnColor = "white" } else { $resultVMIntPowerOnColor = "red" }
if ($resultVMIntPowerSuspend -eq 'False') { $resultVMIntPowerSuspendColor = "white" } else { $resultVMIntPowerSuspendColor = "red" }

$resultInvRemove                = $role.PrivilegeList -contains "VirtualMachine.Inventory.Delete"
$resultInvRegister              = $role.PrivilegeList -contains "VirtualMachine.Inventory.Register"
$resultInvUnregister            = $role.PrivilegeList -contains "VirtualMachine.Inventory.Unregister"

if ($resultInvRemove -eq 'False') { $resultInvRemoveColor = "white" } else { $resultInvRemoveColor = "red" }
if ($resultInvRegister -eq 'False') { $resultInvRegisterColor = "white" } else { $resultInvRegisterColor = "red" }
if ($resultInvUnregister -eq 'False') { $resultInvUnregisterColor = "white" } else { $resultInvUnregister = "red" }

$resultProvAllowDiskAccess      = $role.PrivilegeList -contains "VirtualMachine.Provisioning.DiskRandomAccess"
$resultProvisReadOnlyDiskAccess = $role.PrivilegeList -contains "VirtualMachine.Provisioning.DiskRandomRead"
$resultProfisAllowVMDL          = $role.PrivilegeList -contains "VirtualMachine.Provisioning.GetVmFiles"
$resultProvVMFilesUL            = $role.PrivilegeList -contains "VirtualMachine.Provisioning.PutVmFiles"

if ($resultProvAllowDiskAccess -eq 'False') { $resultProvAllowDiskAccessColor = "white" } else { $resultProvAllowDiskAccessColor = "red" }
if ($resultProvisReadOnlyDiskAccess -eq 'False') { $resultProvisReadOnlyDiskAccessColor = "white" } else { $resultProvisReadOnlyDiskAccessColor = "red" }
if ($resultProfisAllowVMDL -eq 'False') { $resultProfisAllowVMDLColor = "white" } else { $resultProfisAllowVMDLColor = "red" }
if ($resultProvVMFilesUL -eq 'False') { $resultProvVMFilesULColor = "white" } else { $resultProvVMFilesULColor = "red" }

$resultManagementCreateSnapshot = $role.PrivilegeList -contains "VirtualMachine.State.CreateSnapshot"
$resultManagementRemoveSnapshot = $role.PrivilegeList -contains "VirtualMachine.State.RemoveSnapshot"
$resultManagementRenameSnapshot = $role.PrivilegeList -contains "VirtualMachine.State.RenameSnapshot"
$resultManagementRevertSnapshot = $role.PrivilegeList -contains "VirtualMachine.State.RevertToSnapshot"

if ($resultManagementCreateSnapshot -eq 'False') { $resultManagementCreateSnapshotColor = "white" } else { $resultManagementCreateSnapshotColor = "red" }
if ($resultManagementRemoveSnapshot -eq 'False') { $resultManagementRemoveSnapshotColor = "white" } else { $resultManagementRemoveSnapshotColor = "red" }
if ($resultManagementRenameSnapshot -eq 'False') { $resultManagementRenameSnapshotColor = "white" } else { $resultManagementRenameSnapshotColor = "red" }
if ($resultManagementRevertSnapshot -eq 'False') { $resultManagementRevertSnapshotColor = "white" } else { $resultManagementRevertSnapshotColor = "red" }

# ------------------------------------------------------------------------------------------------------------------
write-host ""
write-host " Veeam vCenter Server Granular Permissions v7 check Script"
write-host " compatible with vCenter 5.5"
write-host "ref: http://forums.veeam.com/viewtopic.php?f=24&t=10478"
write-host ""
write-host ""
write-host "Backup - Direct SAN Access Mode --------------------------------------   "
write-host ""
write-host ""
write-host "---- Global ----"
write-host ""
write-host "Log Event                                : $resultGlobalLogEvent"         -foregroundcolor $resultGlobalLogEventColor
write-host "Disable Methods                          : $resultGlobalDisableMethods"         -foregroundcolor $resultGlobalDisableMethodsColor
write-host "Enable Methods                           : $resultGlobalEnableMethods"         -foregroundcolor $resultGlobalEnableMethodsColor
write-host "Manage custom attributes                 : $resultGlobalManageCustomFields"         -foregroundcolor $resultGlobalManageCustomFieldsColor
write-host "Set custom attribute                     : $resultGlobalSetCustomField"         -foregroundcolor $resultGlobalSetCustomFieldColor
write-host ""
write-host "---- Datastore ----"
write-host ""
write-host "Low Level File Operations                : $resultDatastoreLowLevelFileOp"         -foregroundcolor $resultDatastoreLowLevelFileOpColor
write-host ""
write-host "---- Virtual Machine - Snapshot Management ----"
write-host ""
write-host "Create Snapshot                          : $resultManagementCreateSnapshot"         -foregroundcolor $resultManagementCreateSnapshotColor
write-host "Remove Snapshot                          : $resultManagementRemoveSnapshot"         -foregroundcolor $resultManagementRemoveSnapshotColor
write-host ""
write-host "---- Virtual Machine - Interaction ----"
write-host ""
write-host "Guest OS Management by VIX API :         : $resultVMIntGuestControl"         -foregroundcolor $resultVMIntGuestControlColor
write-host ""
write-host "---- Virtual Machine - Configuration ----"
write-host ""
write-host "Disk change tracking                     : $resultConfigDiskChangeTracking"         -foregroundcolor $resultConfigDiskChangeTrackingColor
write-host "Disk lease                               : $resultConfDiskLease"         -foregroundcolor $resultConfDiskLeaseColor
write-host ""
write-host "---- Virtual Machine - Provisioning  ----"
write-host ""
write-host "Allow read-only disk access              : $resultProvisReadOnlyDiskAccess"         -foregroundcolor $resultProvisReadOnlyDiskAccessColor
write-host "Allow virtual machine download           : $resultProfisAllowVMDL"         -foregroundcolor $resultProfisAllowVMDLColor
write-host ""
write-host ""
write-host "Backup - Virtual Appliance mode   -------------------------   "
write-host ""
write-host ""
write-host "---- Global ----"
write-host ""
write-host "Log Event                                : $resultGlobalLogEvent"         -foregroundcolor $resultGlobalLogEventColor
write-host ""
write-host "---- Datastore ----"
write-host ""
write-host "Low Level File Operations                : $resultDatastoreLowLevelFileOp"         -foregroundcolor $resultDatastoreLowLevelFileOpColor
write-host ""
write-host "---- Virtual Machine - Snapshot Management ----"
write-host ""
write-host "Create Snapshot                          : $resultManagementCreateSnapshot"         -foregroundcolor $resultManagementCreateSnapshotColor
write-host "Remove Snapshot                          : $resultManagementRemoveSnapshot"         -foregroundcolor $resultManagementRemoveSnapshotColor
write-host ""
write-host "---- Virtual Machine - Interaction ----"
write-host ""
write-host "Guest OS Management by VIX API :         : $resultVMIntGuestControl"         -foregroundcolor $resultVMIntGuestControlColor
write-host ""
write-host "---- Virtual Machine – Configuration ----"
write-host ""
write-host "Disk change tracking                     : $resultConfigDiskChangeTracking"         -foregroundcolor $resultConfigDiskChangeTrackingColor
write-host "Disk Change resource                     : $resultConfChangeResource"         -foregroundcolor $resultConfChangeResourceColor
write-host "Add existing disk                        : $resultConfAddExistingDisk"         -foregroundcolor $resultConfAddExistingDiskColor
write-host "Remove disk                              : $resultConfRemoveDisk"         -foregroundcolor $resultConfRemoveDiskColor         
write-host ""
write-host "---- Virtual Machine – Provisioning  ----"
write-host ""
write-host "Allow read-only disk access              : $resultProvisReadOnlyDiskAccess"         -foregroundcolor $resultProvisReadOnlyDiskAccessColor
write-host "Allow virtual machine download           : $resultProfisAllowVMDL"         -foregroundcolor $resultProfisAllowVMDLColor
write-host ""
write-host ""
write-host "Backup - Network mode  -----------------------------------   "
write-host ""
write-host ""
write-host "---- Global ----"
write-host ""
write-host "Log Event                                : $resultGlobalLogEvent"        -foregroundcolor $resultGlobalLogEventColor
write-host "Licenses                                 : $resultGlobalCheckLic"        -foregroundcolor $resultGlobalCheckLicColor
write-host ""
write-host "---- Datastore ----"
write-host ""
write-host "Low Level File Operations                : $resultDatastoreLowLevelFileOp"         -foregroundcolor $resultDatastoreLowLevelFileOpColor
write-host ""
write-host "---- Virtual Machine - Snapshot Management ----"
write-host ""
write-host "Create Snapshot                          : $resultManagementCreateSnapshot"         -foregroundcolor $resultManagementCreateSnapshotColor
write-host "Remove Snapshot                          : $resultManagementRemoveSnapshot"         -foregroundcolor $resultManagementRemoveSnapshotColor
write-host ""
write-host "---- Virtual Machine - Interaction ----"
write-host ""
write-host "Guest OS Management by VIX API :         : $resultVMIntGuestControl"         -foregroundcolor $resultVMIntGuestControlColor
write-host ""
write-host "---- Virtual Machine – Configuration ----"
write-host ""
write-host "Disk change tracking                     : $resultConfigDiskChangeTracking"         -foregroundcolor $resultConfigDiskChangeTrackingColor
write-host ""
write-host "---- Virtual Machine – Provisioning  ----"
write-host ""
write-host "Allow read-only disk access              : $resultProvisReadOnlyDiskAccess"         -foregroundcolor $resultProvisReadOnlyDiskAccessColor
write-host "Allow virtual machine download           : $resultProfisAllowVMDL"         -foregroundcolor $resultProfisAllowVMDLColor
write-host ""
write-host ""
write-host "Replication - Direct SAN Access Mode-----------------------------------   "
write-host ""
write-host "---- Global ----"
write-host ""
write-host "Log Event                                : $resultGlobalLogEvent"         -foregroundcolor $resultGlobalLogEventColor
write-host "Disable Method                           : $resultGlobalDisableMethods"         -foregroundcolor $resultGlobalDisableMethodsColor
write-host "Enable Method                            : $resultGlobalEnableMethods"         -foregroundcolor $resultGlobalEnableMethodsColor
write-host "Manage Custom Attributes                 : $resultGlobalManageCustomFields"         -foregroundcolor $resultGlobalManageCustomFieldsColor
write-host "Set Custom Attributes                    : $resultGlobalSetCustomField"         -foregroundcolor $resultGlobalSetCustomFieldColor
write-host ""
write-host "---- Datastore ----"
write-host ""
write-host "Low Level File Operations                : $resultDatastoreLowLevelFileOp"         -foregroundcolor $resultDatastoreLowLevelFileOpColor
write-host "Browse datastore                         : $resultDatastoreBrowseDS"         -foregroundcolor $resultDatastoreBrowseDSColor
write-host "Remove file                              : $resultDatastoreRMFile"         -foregroundcolor $resultDatastoreRMFileColor
write-host "Allocate space                           : $resultDatsstoreAllocateSpace"         -foregroundcolor $resultDatsstoreAllocateSpaceColor
write-host ""
write-host "---- Virtual Machine - Snapshot Management ----"
write-host ""
write-host "Create Snapshot                          : $resultManagementCreateSnapshot"         -foregroundcolor $resultManagementCreateSnapshotColor
write-host "Remove Snapshot                          : $resultManagementRemoveSnapshot"         -foregroundcolor $resultManagementRemoveSnapshotColor
write-host "Revert to snapshot                       : $resultManagementRevertSnapshot"         -foregroundcolor $resultManagementRevertSnapshotColor
write-host ""
write-host "---- Virtual Machine - Interaction ----"
write-host ""
write-host "Guest OS Management by VIX API :         : $resultVMIntGuestControl"         -foregroundcolor $resultVMIntGuestControlColor
write-host "Device Connection                        : $resultVMIntDeviceConnection"         -foregroundcolor $resultVMIntDeviceConnectionColor
write-host ""
write-host "---- Virtual Machine – Configuration ----"
write-host ""
write-host "Disk change tracking                     : $resultConfigDiskChangeTracking"         -foregroundcolor $resultConfigDiskChangeTrackingColor
write-host "Disk lease                               : $resultConfDiskLease"         -foregroundcolor $resultConfDiskLeaseColor
write-host "Advanced                                 : $resultConfAdvancedConf"         -foregroundcolor $resultConfAdvancedConfColor
write-host "Add new disk                             : $resultConfAddNewDisk"         -foregroundcolor $resultConfAddNewDiskColor
write-host ""
write-host "---- Virtual Machine – Provisioning  ----"
write-host ""
write-host "Allow disk access                        : $resultProvAllowDiskAccess"         -foregroundcolor $resultProvAllowDiskAccessColor
write-host "Allow read-only disk access              : $resultProvisReadOnlyDiskAccess"         -foregroundcolor $resultProvisReadOnlyDiskAccessColor
write-host "Allow virtual machine download           : $resultProfisAllowVMDL"         -foregroundcolor $resultProfisAllowVMDLColor
write-host ""
write-host "---- Virtual Machine - Inventory  ---- "
write-host ""
write-host "Register                                 : $resultInvRegister"         -foregroundcolor $resultInvRegisterColor
write-host "Remove                                   : $resultInvRemove"         -foregroundcolor $resultInvRemoveColor
write-host ""
write-host "---- Virtual Machine - Resource   ---- "
write-host ""
write-host "Assign virtual machine to resource pool  : $resultResAsVMtoRP"         -foregroundcolor $resultResAsVMtoRPColor
write-host ""
write-host "Replication - Virtual Appliance mode ----------------------- "
write-host ""
write-host ""
write-host "---- Global ----"
write-host ""
write-host "Log Event                                : $resultGlobalLogEvent"         -foregroundcolor $resultGlobalLogEventColor
write-host "Disable Method                           : $resultGlobalDisableMethods"         -foregroundcolor $resultGlobalDisableMethodsColor
write-host "Enable Method                            : $resultGlobalEnableMethods"         -foregroundcolor $resultGlobalEnableMethodsColor
write-host "Manage Custom Attributes                 : $resultGlobalManageCustomFields"         -foregroundcolor $resultGlobalManageCustomFieldsColor
write-host "Set Custom Attributes                    : $resultGlobalSetCustomField"         -foregroundcolor $resultGlobalSetCustomFieldColor
write-host ""
write-host "---- Datastore ----"
write-host ""
write-host "Low Level File Operations                : $resultDatastoreLowLevelFileOp"         -foregroundcolor $resultDatastoreLowLevelFileOpColor
write-host "Browse datastore                         : $resultDatastoreBrowseDS"         -foregroundcolor $resultDatastoreBrowseDSColor
write-host "Remove file                              : $resultDatastoreRMFile"         -foregroundcolor $resultDatastoreRMFileColor
write-host "Allocate space                           : $resultDatsstoreAllocateSpace"         -foregroundcolor $resultDatsstoreAllocateSpaceColor
write-host ""
write-host "---- Virtual Machine - Snapshot Management ----"
write-host ""
write-host "Create Snapshot                          : $resultManagementCreateSnapshot"         -foregroundcolor $resultManagementCreateSnapshotColor
write-host "Remove Snapshot                          : $resultManagementRemoveSnapshot"         -foregroundcolor $resultManagementRemoveSnapshotColor
write-host "Revert to snapshot                       : $resultManagementRevertSnapshot"         -foregroundcolor $resultManagementRevertSnapshotColor
write-host ""
write-host "---- Virtual Machine - Interaction ----"
write-host ""
write-host "Guest OS Management by VIX API :         : $resultVMIntGuestControl"         -foregroundcolor $resultVMIntGuestControlColor
write-host "Device Connection                        : $resultVMIntDeviceConnection"         -foregroundcolor $resultVMIntDeviceConnectionColor
write-host ""
write-host "---- Virtual Machine – Configuration ----"
write-host ""
write-host "Disk change tracking                     : $resultConfigDiskChangeTracking"         -foregroundcolor $resultConfigDiskChangeTrackingColor
write-host "Change resource                          : $resultConfChangeResource"        -foregroundcolor $resultConfChangeResourceColor
write-host "Advanced                                 : $resultConfAdvancedConf"         -foregroundcolor $resultConfAdvancedConfColor
write-host "Add new disk                             : $resultConfAddNewDisk"         -foregroundcolor $resultConfAddNewDiskColor
write-host "Add existing disk                        : $resultConfAddExistingDisk"         -foregroundcolor $resultConfAddExistingDiskColor
write-host "Remove disk                              : $resultConfRemoveDisk"         -foregroundcolor $resultConfRemoveDiskColor
write-host ""
write-host "---- Virtual Machine – Provisioning  ----"
write-host ""
write-host "Allow disk access                        : $resultProvAllowDiskAccess"         -foregroundcolor $resultProvAllowDiskAccessColor
write-host "Allow read-only disk access              : $resultProvisReadOnlyDiskAccess"         -foregroundcolor $resultProvisReadOnlyDiskAccessColor
write-host "Allow virtual machine download           : $resultProfisAllowVMDL"         -foregroundcolor $resultProfisAllowVMDLColor
write-host ""
write-host "---- Virtual Machine - Inventory  ---- "
write-host ""
write-host "Register                                 : $resultInvRegister"         -foregroundcolor $resultInvRegisterColor
write-host "Remove                                   : $resultInvRemove"         -foregroundcolor $resultInvRemoveColor
write-host ""
write-host "---- Virtual Machine - Resource   ---- "
write-host ""
write-host "Assign virtual machine to resource pool  : $resultResAsVMtoRP"         -foregroundcolor $resultResAsVMtoRPColor
write-host ""
write-host ""
write-host "Replication - Network mode  ------------------------------------- "
write-host ""
write-host ""
write-host "---- Global ----"
write-host ""
write-host "Log Event                                : $resultGlobalLogEvent"         -foregroundcolor $resultGlobalLogEventColor
write-host "Disable Method                           : $resultGlobalDisableMethods"         -foregroundcolor $resultGlobalDisableMethodsColor
write-host "Enable Method                            : $resultGlobalEnableMethods"         -foregroundcolor $resultGlobalEnableMethodsColor
write-host "Manage Custom Attributes                 : $resultGlobalManageCustomFields"         -foregroundcolor $resultGlobalManageCustomFieldsColor
write-host "Set Custom Attributes                    : $resultGlobalSetCustomField"         -foregroundcolor $resultGlobalSetCustomFieldColor
write-host ""
write-host "---- Datastore ----"
write-host ""
write-host "Low Level File Operations                : $resultDatastoreLowLevelFileOp"         -foregroundcolor $resultDatastoreLowLevelFileOpColor
write-host "Browse datastore                         : $resultDatastoreBrowseDS"         -foregroundcolor $resultDatastoreBrowseDSColor
write-host "Remove file                              : $resultDatastoreRMFile"         -foregroundcolor $resultDatastoreRMFileColor
write-host "Allocate space                           : $resultDatsstoreAllocateSpace"         -foregroundcolor $resultDatsstoreAllocateSpaceColor
write-host ""
write-host "---- Virtual Machine - Snapshot Management ----"
write-host ""
write-host "Create Snapshot                          : $resultManagementCreateSnapshot"         -foregroundcolor $resultManagementCreateSnapshotColor
write-host "Remove Snapshot                          : $resultManagementRemoveSnapshot"         -foregroundcolor $resultManagementRemoveSnapshotColor
write-host "Revert to snapshot                       : $resultManagementRevertSnapshot"         -foregroundcolor $resultManagementRevertSnapshotColor
write-host ""
write-host "---- Virtual Machine - Interaction ----"
write-host ""
write-host "Guest OS Management by VIX API :         : $resultVMIntGuestControl"         -foregroundcolor $resultVMIntGuestControlColor
write-host "Device Connection                        : $resultVMIntDeviceConnection"         -foregroundcolor $resultVMIntDeviceConnectionColor
write-host ""
write-host "---- Virtual Machine – Configuration ----"
write-host ""
write-host "Disk change tracking                     : $resultConfigDiskChangeTracking"         -foregroundcolor $resultConfigDiskChangeTrackingColor
write-host "Add new disk                             : $resultConfAddNewDisk"         -foregroundcolor $resultConfAddNewDiskColor
write-host "Advanced                                 : $resultConfAdvancedConf"         -foregroundcolor $resultConfAdvancedConfColor
write-host ""
write-host "---- Virtual Machine – Provisioning  ----"
write-host ""
write-host "Allow disk access                        : $resultProvAllowDiskAccess"         -foregroundcolor $resultProvAllowDiskAccessColor
write-host "Allow read-only disk access              : $resultProvisReadOnlyDiskAccess"         -foregroundcolor $resultProvisReadOnlyDiskAccessColor
write-host "Allow virtual machine download           : $resultProfisAllowVMDL"         -foregroundcolor $resultProfisAllowVMDLColor
write-host ""
write-host "---- Virtual Machine - Inventory  ---- "
write-host ""
write-host "Register                                 : $resultInvRegister"         -foregroundcolor $resultInvRegisterColor
write-host "Remove                                   : $resultInvRemove"         -foregroundcolor $resultInvRemoveColor
write-host ""
write-host "---- Virtual Machine - Resource   ---- "
write-host ""
write-host "Assign virtual machine to resource pool  : $resultResAsVMtoRP"         -foregroundcolor $resultResAsVMtoRPColor
write-host ""
write-host ""
write-host "Instant VM Recovery --------------------------------------------------------- "
write-host ""
write-host ""
write-host "---- Global ----"
write-host ""
write-host "Log Event                                : $resultGlobalLogEvent"         -foregroundcolor $resultGlobalLogEventColor
write-host ""
write-host "---- Host Configuration --- "
write-host ""
write-host "Storage partition configuration          : $resultHostStoragePartConfig"        -foregroundcolor $resultHostStoragePartConfigColor
write-host ""
write-host "---- Virtual machine - Interaction --- "
write-host ""
write-host "Power On                                  : $resultVMIntPowerOn"        -foregroundcolor $resultVMIntPowerOnColor
write-host "Power Off                                 : $resultVMIntPowerOff"        -foregroundcolor $resultVMIntPowerOffColor
write-host ""
write-host "---- Virtual Machine - Inventory  ---- "
write-host ""
write-host "Register                                   : $resultInvRegister"         -foregroundcolor $resultInvRegisterColor
write-host "Unregister                                 : $resultInvUnregister"        -foregroundcolor $resultInvUnregisterColor
write-host ""
write-host "---- Virtual Machine - Resource  ---- "
write-host "Assign virtual machine to resource pool  : $resultResAsVMtoRP"         -foregroundcolor $resultResAsVMtoRPColor
write-host ""
write-host "--- vApp----  "
write-host "Add virtual machine                      : $resultVAppAssignVM"        -foregroundcolor $resultVAppAssignVMColor
write-host "Assign resource pool                     : $resultVAppAssignResourcePool"        -foregroundcolor $resultVAppAssignResourcePoolColor
write-host "Unregister                               : $resultVAppUnregister"        -foregroundcolor $resultVAppUnregisterColor
write-host "Quick Migration ------------------------------------------------------------ "
write-host "---- Datastore ----"
write-host ""
write-host "Allocate space                           : $resultDatsstoreAllocateSpace"         -foregroundcolor $resultDatsstoreAllocateSpaceColor
write-host "---- Virtual machine - Interaction --- "
write-host ""
write-host "Suspend                                  : $resultVMIntPowerSuspend"        -foregroundcolor $resultVMIntPowerSuspendColor
write-host "---- Virtual Machine - Resource   ----"
write-host ""
write-host "Migrate powered on virtual machine       : $resultResColdMigrate"           -foregroundcolor $resultResColdMigrateColor
write-host "Migrate powered off virtual machine      : $resultResHotMigrate"             -foregroundcolor $resultResHotMigrateColor
write-host ""
write-host ""
write-host "SureBackup ------------------------------------------------------------------ "
write-host ""
write-host ""
write-host "---- Global ----"
write-host ""
write-host "Log Event                                : $resultGlobalLogEvent"         -foregroundcolor $resultGlobalLogEventColor
write-host "Check Licenses                           : $resultGlobalCheckLic"        -foregroundcolor $resultGlobalCheckLicColor
write-host ""
write-host "---- Datastore ----"
write-host ""
write-host "Low Level File Operations                : $resultDatastoreLowLevelFileOp"         -foregroundcolor $resultDatastoreLowLevelFileOpColor
write-host "Remove file                              : $resultDatastoreRMFile"         -foregroundcolor $resultDatastoreRMFileColor
write-host "Browse datastore                         : $resultDatastoreBrowseDS"         -foregroundcolor $resultDatastoreBrowseDSColor
write-host ""
write-host "---- Host Configuration --- "
write-host ""
write-host "Network Configuration                    : $resultHostNetworkConfig"        -foregroundcolor $resultHostNetworkConfigColor
write-host "Storage partition configuration          : $resultHostStoragePartConfig"        -foregroundcolor $resultHostStoragePartConfigColor
write-host ""
write-host "---- Network --- "
write-host ""
write-host "Assign Network                           : $resultNetworkAssignNet"        -foregroundcolor $resultNetworkAssignNetColor
write-host ""
write-host "---- Virtual machine - Interaction ---"
write-host ""
write-host "Power On                                  : $resultVMIntPowerOn"        -foregroundcolor $resultVMIntPowerOnColor
write-host "Power Off                                 : $resultVMIntPowerOff"        -foregroundcolor $resultVMIntPowerOffColor
write-host ""
write-host "---- Virtual Machine – Provisioning  ----"
write-host ""
write-host "Check Allow disk access                   : $resultProvAllowDiskAccess"         -foregroundcolor $resultProvAllowDiskAccessColor
write-host ""
write-host "---- Virtual Machine – Configuration ----"
write-host ""
write-host "Add or remove device                     : $resultConfAddRemoveDevs"        -foregroundcolor $resultConfAddRemoveDevsColor
write-host "Advanced                                 : $resultConfAdvancedConf"         -foregroundcolor $resultConfAdvancedConfColor
write-host ""
write-host ""
write-host "---- Virtual Machine - Inventory  ----"
write-host ""
write-host "Remove                                     : $resultInvRemove"         -foregroundcolor $resultInvRemoveColor
write-host "Register                                   : $resultInvRegister"         -foregroundcolor $resultInvRegisterColor
write-host "Unregister                                 : $resultInvUnregister"        -foregroundcolor $resultInvUnregisterColor
write-host ""
write-host "---- Virtual Machine - Resource   ----"
write-host ""
write-host "Assign virtual machine to resource pool  : $resultResAsVMtoRP"         -foregroundcolor $resultResAsVMtoRPColor
write-host "Create Resource Pool                     : $resultResCreateRP"        -foregroundcolor $resultResCreateRPColor
write-host "Remove Resource Pool                     : $resultResDeleteRP"        -foregroundcolor $resultResDeleteRPColor
write-host ""
write-host "----- Folder ----"
write-host ""
write-host ""
write-host "Create Folder                             : $resultFolderCreate"        -foregroundcolor $resultFolderCreateColor
write-host "Delete Folder                             : $resultFolderDelete"        -foregroundcolor $resultFolderDeleteColor
write-host ""
write-host "----- dvPort Group ----"
write-host ""
write-host "Create                                    :  $resultdvPortGrpCreate"        -foregroundcolor $resultdvPortGrpCreateColor
write-host "Delete                                    :  $resultdvPortGrpDelete"        -foregroundcolor $resultdvPortGrpDeleteColor
write-host ""
write-host ""
write-host "Full VM Restore --------------------------------------------------------"
write-host ""
write-host ""
write-host "---- Global ----"
write-host ""
write-host "Log Event                                : $resultGlobalLogEvent"         -foregroundcolor $resultGlobalLogEventColor
write-host "Browse datastore                         : $resultDatastoreBrowseDS"         -foregroundcolor $resultDatastoreBrowseDSColor
write-host ""
write-host "---- Datastore ----"
write-host ""
write-host "Browse datastore                         : $resultDatastoreBrowseDS"         -foregroundcolor $resultDatastoreBrowseDSColor
write-host "Remove file                              : $resultDatastoreRMFile"         -foregroundcolor $resultDatastoreRMFileColor
write-host "Allocate space                           : $resultDatsstoreAllocateSpace"         -foregroundcolor $resultDatsstoreAllocateSpaceColor
write-host "Low Level File Operations                : $resultDatastoreLowLevelFileOp"         -foregroundcolor $resultDatastoreLowLevelFileOpColor
write-host ""
write-host "---- Virtual Machine - Snapshot Management ----"
write-host ""
write-host "Create Snapshot                          : $resultManagementCreateSnapshot"         -foregroundcolor $resultManagementCreateSnapshotColor
write-host "Revert to snapshot                       : $resultManagementRevertSnapshot"         -foregroundcolor $resultManagementRevertSnapshotColor
write-host "Remove Snapshot                          : $resultManagementRemoveSnapshot"         -foregroundcolor $resultManagementRemoveSnapshotColor
write-host ""
write-host "---- Virtual machine - Interaction --- "
write-host ""
write-host "Power On                                  : $resultVMIntPowerOn"        -foregroundcolor $resultVMIntPowerOnColor
write-host ""
write-host "---- Virtual Machine – Provisioning  ----"
write-host ""
write-host "Allow disk access                        : $resultProvAllowDiskAccess"         -foregroundcolor $resultProvAllowDiskAccessColor
write-host "Allow read-only disk access              : $resultProvisReadOnlyDiskAccess"         -foregroundcolor $resultProvisReadOnlyDiskAccessColor
write-host "Allow virtual machine download           : $resultProfisAllowVMDL"         -foregroundcolor $resultProfisAllowVMDLColor
write-host "Allow virtual machine files upload       : $resultProvVMFilesUL"         -foregroundcolor $resultProvVMFilesULColor
write-host ""
write-host "---- Virtual Machine - Resource   ---- "
write-host ""
write-host "Assign virtual machine to resource pool  : $resultResAsVMtoRP"         -foregroundcolor $resultResAsVMtoRPColor
write-host ""
write-host "---- Virtual Machine – Configuration ----"
write-host ""
write-host "Advanced                                 : $resultConfAdvancedConf"         -foregroundcolor $resultConfAdvancedConfColor
write-host "Add new disk                             : $resultConfAddNewDisk"         -foregroundcolor $resultConfAddNewDiskColor
write-host "Remove disk                              : $resultConfRemoveDisk"         -foregroundcolor $resultConfRemoveDiskColor
write-host ""
write-host "---- Virtual Machine - Inventory  ---- "
write-host ""
write-host "Register                                     : $resultInvRegister"         -foregroundcolor $resultInvRegisterColor
write-host ""
write-host "---- Folder  ---- "
write-host ""
write-host "Create Folder                             : $resultFolderCreate"        -foregroundcolor $resultFolderCreateColor
write-host ""
write-host ""
write-host "--- vApp----  "
write-host "Add virtual machine                      : $resultVAppAssignVM"        -foregroundcolor $resultVAppAssignVMColor
write-host "Assign resource pool                     : $resultVAppAssignResourcePool"        -foregroundcolor $resultVAppAssignResourcePoolColor
write-host "Unregister                               : $resultVAppUnregister"        -foregroundcolor $resultVAppUnregisterColor
write-host "----- dvPort Group ----"
write-host ""
write-host "Create                                    :  $resultdvPortGrpCreate"        -foregroundcolor $resultdvPortGrpCreateColor
write-host "Delete                                    :  $resultdvPortGrpDelete"        -foregroundcolor $resultdvPortGrpDeleteColor
write-host ""
write-host "Replica Failover --------------------------------------------------------"
write-host ""
write-host ""
write-host "---- Global ----"
write-host ""
write-host "Log Event                                : $resultGlobalLogEvent"         -foregroundcolor $resultGlobalLogEventColor
write-host ""
write-host "---- Datastore ----"
write-host ""
write-host "Low Level File Operations                : $resultDatastoreLowLevelFileOp"         -foregroundcolor $resultDatastoreLowLevelFileOpColor
write-host "Browse datastore                         : $resultDatastoreBrowseDS"         -foregroundcolor $resultDatastoreBrowseDSColor
write-host "Remove file                              : $resultDatastoreRMFile"         -foregroundcolor $resultDatastoreRMFileColor
write-host ""
write-host ""
write-host "---- Virtual Machine - Snapshot Management ----"
write-host ""
write-host "Create Snapshot                          : $resultManagementCreateSnapshot"         -foregroundcolor $resultManagementCreateSnapshotColor
write-host "Revert to snapshot                       : $resultManagementRevertSnapshot"         -foregroundcolor $resultManagementRevertSnapshotColor
write-host "Remove Snapshot                          : $resultManagementRemoveSnapshot"         -foregroundcolor $resultManagementRemoveSnapshotColor
write-host ""
write-host "---- Virtual machine - Interaction --- "
write-host ""
write-host "Power On                                  : $resultVMIntPowerOn"        -foregroundcolor $resultVMIntPowerOnColor
write-host "Power Off                                 : $resultVMIntPowerOff"        -foregroundcolor $resultVMIntPowerOffColor
write-host ""
write-host "---- Virtual Machine – Configuration ----"
write-host ""
write-host "Advanced                                 : $resultConfAdvancedConf"         -foregroundcolor $resultConfAdvancedConfColor
write-host "Rename                                   : $resultConfRename"                -foregroundcolor $resultConfRenameColor
write-host ""
write-host ""
write-host "Replica Failback -------------------------------------------------------- "
write-host ""
write-host ""
write-host "---- Global ----"
write-host ""
write-host "Log Event                                : $resultGlobalLogEvent"         -foregroundcolor $resultGlobalLogEventColor
write-host ""
write-host "---- Datastore ----"
write-host ""
write-host "Low Level File Operations                : $resultDatastoreLowLevelFileOp"         -foregroundcolor $resultDatastoreLowLevelFileOpColor
write-host "Browse datastore                         : $resultDatastoreBrowseDS"         -foregroundcolor $resultDatastoreBrowseDSColor
write-host "Remove file                              : $resultDatastoreRMFile"         -foregroundcolor $resultDatastoreRMFileColor
write-host "Allocate space                           : $resultDatsstoreAllocateSpace"         -foregroundcolor $resultDatsstoreAllocateSpaceColor
write-host ""
write-host "---- Virtual Machine - Snapshot Management ----"
write-host ""
write-host "Create Snapshot                          : $resultManagementCreateSnapshot"         -foregroundcolor $resultManagementCreateSnapshotColor
write-host "Revert to snapshot                       : $resultManagementRevertSnapshot"         -foregroundcolor $resultManagementRevertSnapshotColor
write-host "Remove Snapshot                          : $resultManagementRemoveSnapshot"         -foregroundcolor $resultManagementRemoveSnapshotColor
write-host ""
write-host "---- Virtual machine - Interaction ---"
write-host ""
write-host "Power On                                  : $resultVMIntPowerOn"        -foregroundcolor $resultVMIntPowerOnColor
write-host "Power Off                                 : $resultVMIntPowerOff"        -foregroundcolor $resultVMIntPowerOffColor
write-host ""
write-host "---- Virtual Machine – Provisioning  ----"
write-host ""
write-host "Allow read-only disk access              : $resultProvisReadOnlyDiskAccess"         -foregroundcolor $resultProvisReadOnlyDiskAccessColor
write-host "Allow virtual machine download           : $resultProfisAllowVMDL"         -foregroundcolor $resultProfisAllowVMDLColor
write-host ""
write-host "---- Virtual Machine – Configuration ----"
write-host ""
write-host "Advanced                                 : $resultConfAdvancedConf"         -foregroundcolor $resultConfAdvancedConfColor
write-host "Rename                                   : $resultConfRename"                -foregroundcolor $resultConfRenameColor
write-host "Disk change tracking                     : $resultConfigDiskChangeTracking"         -foregroundcolor $resultConfigDiskChangeTrackingColor
write-host "Disk lease                               : $resultConfDiskLease"         -foregroundcolor $resultConfDiskLeaseColor
write-host "Add new disk                             : $resultConfAddNewDisk"         -foregroundcolor $resultConfAddNewDiskColor
write-host "Add existing disk                        : $resultConfAddExistingDisk"         -foregroundcolor $resultConfAddExistingDiskColor
write-host "Remove disk                              : $resultConfRemoveDisk"         -foregroundcolor $resultConfRemoveDiskColor
write-host ""
write-host "---- Virtual Machine - Inventory  ----"
write-host ""
write-host "Register                                   : $resultInvRegister"         -foregroundcolor $resultInvRegisterColor
write-host ""
write-host "---- Virtual Machine - Resource   ---- "
write-host ""
write-host "Assign virtual machine to resource pool  : $resultResAsVMtoRP"         -foregroundcolor $resultResAsVMtoRPColor
write-host ""
write-host ""
write-host "File-Level Restore (Other Guest) --------------------------------------------------------"
write-host ""
write-host ""
write-host "---- Global ----"
write-host ""
write-host "Log Event                                : $resultGlobalLogEvent"         -foregroundcolor $resultGlobalLogEventColor
write-host ""
write-host "---- Datastore ----"
write-host ""
write-host "Low Level File Operations                : $resultDatastoreLowLevelFileOp"         -foregroundcolor $resultDatastoreLowLevelFileOpColor
write-host "Browse datastore                         : $resultDatastoreBrowseDS"         -foregroundcolor $resultDatastoreBrowseDSColor
write-host ""
write-host "---- Network --- "
write-host ""
write-host "Assign Network                           : $resultNetworkAssignNet"        -foregroundcolor $resultNetworkAssignNetColor
write-host "Configure                                : $resultNetworkConfig"           -foregroundcolor $resultNetworkConfigColor
write-host ""
write-host "---- Virtual Machine – Configuration ----"
write-host ""
write-host "Modify device settings                   : $resultConfModifyDeviceSet"     -foregroundcolor $resultConfModifyDeviceSetColor
write-host ""
write-host "---- Virtual machine - Interaction --- "
write-host ""
write-host "Power On                                  : $resultVMIntPowerOn"        -foregroundcolor $resultVMIntPowerOnColor
write-host "Power Off                                 : $resultVMIntPowerOff"        -foregroundcolor $resultVMIntPowerOffColor
write-host ""
write-host "---- Virtual Machine - Inventory  ----"
write-host ""
write-host "Register                                   : $resultInvRegister"         -foregroundcolor $resultInvRegisterColor
write-host "Unregister                                 : $resultInvUnregister"        -foregroundcolor $resultInvUnregisterColor
write-host ""
write-host "---- Virtual Machine - Resource   ----"
write-host ""
write-host "Assign virtual machine to resource pool  : $resultResAsVMtoRP"         -foregroundcolor $resultResAsVMtoRPColor
write-host ""
write-host "---- Host Configuration ---"
write-host ""
write-host "Storage partition configuration          : $resultHostStoragePartConfig"        -foregroundcolor $resultHostStoragePartConfigColor
write-host ""
write-host ""
jcwuerfl
Enthusiast
 
Posts: 44
Liked: 3 times
Joined: Wed Jun 29, 2011 8:26 pm
Full Name: James

Re: vCenter powershell permissions check

Veeam Logoby jasonpearce » Wed Jun 03, 2015 8:44 pm 2 people like this post

If just want to set/configure a new vCenter Role with all of the Privileges that Veeam Backup and Replication needs, run these commands in PowerCLI.

Code: Select all
# An empty or existing vCenter Role
$myVeeamRole = "My-Test-Veeam-Role"

# Configure your $myVeeamRole to have all of the correct Veeam privileges
Set-VIRole -Role $myVeeamRole -AddPrivilege (Get-VIPrivilege -ID "Datastore.AllocateSpace")
Set-VIRole -Role $myVeeamRole -AddPrivilege (Get-VIPrivilege -ID "Datastore.Browse")
Set-VIRole -Role $myVeeamRole -AddPrivilege (Get-VIPrivilege -ID "Datastore.DeleteFile")
Set-VIRole -Role $myVeeamRole -AddPrivilege (Get-VIPrivilege -ID "Datastore.FileManagement")
Set-VIRole -Role $myVeeamRole -AddPrivilege (Get-VIPrivilege -ID "DVPortgroup.Create")
Set-VIRole -Role $myVeeamRole -AddPrivilege (Get-VIPrivilege -ID "DVPortgroup.Delete")
Set-VIRole -Role $myVeeamRole -AddPrivilege (Get-VIPrivilege -ID "Folder.Create")
Set-VIRole -Role $myVeeamRole -AddPrivilege (Get-VIPrivilege -ID "Folder.Delete")
Set-VIRole -Role $myVeeamRole -AddPrivilege (Get-VIPrivilege -ID "Global.DisableMethods")
Set-VIRole -Role $myVeeamRole -AddPrivilege (Get-VIPrivilege -ID "Global.EnableMethods")
Set-VIRole -Role $myVeeamRole -AddPrivilege (Get-VIPrivilege -ID "Global.Licenses")
Set-VIRole -Role $myVeeamRole -AddPrivilege (Get-VIPrivilege -ID "Global.LogEvent")
Set-VIRole -Role $myVeeamRole -AddPrivilege (Get-VIPrivilege -ID "Global.ManageCustomFields")
Set-VIRole -Role $myVeeamRole -AddPrivilege (Get-VIPrivilege -ID "Global.SetCustomField")
Set-VIRole -Role $myVeeamRole -AddPrivilege (Get-VIPrivilege -ID "Host.Config.Network")
Set-VIRole -Role $myVeeamRole -AddPrivilege (Get-VIPrivilege -ID "Host.Config.Storage")
Set-VIRole -Role $myVeeamRole -AddPrivilege (Get-VIPrivilege -ID "Network.Assign")
Set-VIRole -Role $myVeeamRole -AddPrivilege (Get-VIPrivilege -ID "Network.Config")
Set-VIRole -Role $myVeeamRole -AddPrivilege (Get-VIPrivilege -ID "Resource.AssignVMToPool")
Set-VIRole -Role $myVeeamRole -AddPrivilege (Get-VIPrivilege -ID "Resource.ColdMigrate")
Set-VIRole -Role $myVeeamRole -AddPrivilege (Get-VIPrivilege -ID "Resource.CreatePool")
Set-VIRole -Role $myVeeamRole -AddPrivilege (Get-VIPrivilege -ID "Resource.DeletePool")
Set-VIRole -Role $myVeeamRole -AddPrivilege (Get-VIPrivilege -ID "Resource.HotMigrate")
Set-VIRole -Role $myVeeamRole -AddPrivilege (Get-VIPrivilege -ID "System.Anonymous")
Set-VIRole -Role $myVeeamRole -AddPrivilege (Get-VIPrivilege -ID "System.Read")
Set-VIRole -Role $myVeeamRole -AddPrivilege (Get-VIPrivilege -ID "System.View")
Set-VIRole -Role $myVeeamRole -AddPrivilege (Get-VIPrivilege -ID "VApp.AssignResourcePool")
Set-VIRole -Role $myVeeamRole -AddPrivilege (Get-VIPrivilege -ID "VApp.AssignVM")
Set-VIRole -Role $myVeeamRole -AddPrivilege (Get-VIPrivilege -ID "VApp.Unregister")
Set-VIRole -Role $myVeeamRole -AddPrivilege (Get-VIPrivilege -ID "VirtualMachine.Config.AddExistingDisk")
Set-VIRole -Role $myVeeamRole -AddPrivilege (Get-VIPrivilege -ID "VirtualMachine.Config.AddNewDisk")
Set-VIRole -Role $myVeeamRole -AddPrivilege (Get-VIPrivilege -ID "VirtualMachine.Config.AddRemoveDevice")
Set-VIRole -Role $myVeeamRole -AddPrivilege (Get-VIPrivilege -ID "VirtualMachine.Config.AdvancedConfig")
Set-VIRole -Role $myVeeamRole -AddPrivilege (Get-VIPrivilege -ID "VirtualMachine.Config.ChangeTracking")
Set-VIRole -Role $myVeeamRole -AddPrivilege (Get-VIPrivilege -ID "VirtualMachine.Config.DiskLease")
Set-VIRole -Role $myVeeamRole -AddPrivilege (Get-VIPrivilege -ID "VirtualMachine.Config.EditDevice")
Set-VIRole -Role $myVeeamRole -AddPrivilege (Get-VIPrivilege -ID "VirtualMachine.Config.RemoveDisk")
Set-VIRole -Role $myVeeamRole -AddPrivilege (Get-VIPrivilege -ID "VirtualMachine.Config.Rename")
Set-VIRole -Role $myVeeamRole -AddPrivilege (Get-VIPrivilege -ID "VirtualMachine.Config.Resource")
Set-VIRole -Role $myVeeamRole -AddPrivilege (Get-VIPrivilege -ID "VirtualMachine.Interact.DeviceConnection")
Set-VIRole -Role $myVeeamRole -AddPrivilege (Get-VIPrivilege -ID "VirtualMachine.Interact.GuestControl")
Set-VIRole -Role $myVeeamRole -AddPrivilege (Get-VIPrivilege -ID "VirtualMachine.Interact.PowerOff")
Set-VIRole -Role $myVeeamRole -AddPrivilege (Get-VIPrivilege -ID "VirtualMachine.Interact.PowerOn")
Set-VIRole -Role $myVeeamRole -AddPrivilege (Get-VIPrivilege -ID "VirtualMachine.Interact.Suspend")
Set-VIRole -Role $myVeeamRole -AddPrivilege (Get-VIPrivilege -ID "VirtualMachine.Inventory.Delete")
Set-VIRole -Role $myVeeamRole -AddPrivilege (Get-VIPrivilege -ID "VirtualMachine.Inventory.Register")
Set-VIRole -Role $myVeeamRole -AddPrivilege (Get-VIPrivilege -ID "VirtualMachine.Inventory.Unregister")
Set-VIRole -Role $myVeeamRole -AddPrivilege (Get-VIPrivilege -ID "VirtualMachine.Provisioning.DiskRandomAccess")
Set-VIRole -Role $myVeeamRole -AddPrivilege (Get-VIPrivilege -ID "VirtualMachine.Provisioning.DiskRandomRead")
Set-VIRole -Role $myVeeamRole -AddPrivilege (Get-VIPrivilege -ID "VirtualMachine.Provisioning.GetVmFiles")
Set-VIRole -Role $myVeeamRole -AddPrivilege (Get-VIPrivilege -ID "VirtualMachine.Provisioning.PutVmFiles")
Set-VIRole -Role $myVeeamRole -AddPrivilege (Get-VIPrivilege -ID "VirtualMachine.State.CreateSnapshot")
Set-VIRole -Role $myVeeamRole -AddPrivilege (Get-VIPrivilege -ID "VirtualMachine.State.RemoveSnapshot")
Set-VIRole -Role $myVeeamRole -AddPrivilege (Get-VIPrivilege -ID "VirtualMachine.State.RenameSnapshot")
Set-VIRole -Role $myVeeamRole -AddPrivilege (Get-VIPrivilege -ID "VirtualMachine.State.RevertToSnapshot")


I think that is everything that is needed, but I welcome corrections. I used this on a vCenter Virtual Appliance v5.5 U2. I'm Veeam BR 8.
jasonpearce
Influencer
 
Posts: 23
Liked: 5 times
Joined: Wed Mar 11, 2015 2:31 pm
Full Name: Jason Pearce

Re: vCenter powershell permissions check

Veeam Logoby v.Eremin » Thu Jun 04, 2015 9:29 am

Great job, thank for sharing such valuable information; appreciated. Thanks.
v.Eremin
Veeam Software
 
Posts: 13296
Liked: 974 times
Joined: Fri Oct 26, 2012 3:28 pm
Full Name: Vladimir Eremin


Return to PowerShell



Who is online

Users browsing this forum: No registered users and 9 guests