Blog

Immer aktuell informiert sein in unserem Blog!

[vc_row][vc_column][vc_column_text]Currently I am working on a project which requires to change a LDAP of a VMware vCloud Director from one AD Domain to another.

During my research I found, that automation is required for the large setup of VCD.

I looked at Powercli functions like GET-CISUER, REMOVE-CIUSER, NEW-CIUSER, GET-CIGROUP, REMOVE-CIGROUP, NEW-CIGROUP

Link :

I found get-ciuser as a standard cmdlet ( Official Powercli Reference ) and new-cisuer as blog post 

The missing functions I wrote by myself and here they are:

 

Function New-CIUserLDAP { 
    Param ( 
        $Name, 
        [Switch]$Enabled, 
        $Org, 
        $Role 
    ) 
    Process { 
        write-host "New LDAP User "$name "in " $Org " as "$Role
        $OrgED = (Get-Org $Org).ExtensionData 
        $orgAdminUser = New-Object VMware.VimAutomation.Cloud.Views.User 
        $orgAdminUser.Name = $Name 
        $orgAdminUser.IsEnabled = $Enabled

        $orgAdminUser.IsExternal = "True"
        
        $vcloud = $DefaultCIServers[0].ExtensionData 
        
        $orgAdminRole = $vcloud.RoleReferences.RoleReference | where {$_.Name -eq $Role} 
        $orgAdminUser.Role = $orgAdminRole 
        
        $user = $orgED.CreateUser($orgAdminUser) 
        Get-CIUser -Org $Org -Name $Name 
    } 
}    


Function New-CIGroup { 
    Param ( 
        $Name, 
        $Org, 
        $Role 
    ) 
    Process { 

        write-host "New CIGROUP "$name "in " $Org " as " $Role
        $OrgED = (Get-Org $Org).ExtensionData 
      
        $orgGroup = New-Object VMware.VimAutomation.Cloud.Views.Group 
        $orgGroup.Name = $Name 
              
        $vcloud = $DefaultCIServers[0].ExtensionData 
        
        $orgAdminRole = $vcloud.RoleReferences.RoleReference | where {$_.Name -eq $Role} 
        $orgGroup.Role = $orgAdminRole 
        
        $group = $orgED.CreateGroup($orgGroup) 
        $group | ft
    } 
}   


Function Remove-CIGroup { 
    Param ( 
        $Name, 
        $Org
       
    ) 
    Process { 

        write-host "Remove "$name "in " $Org
        $OrgED = (Get-Org $Org).ExtensionData 
        
        $group = $OrgED.Groups.GroupReference | where{$_.name -match $name}

        $groupview = $group.GetCIView()
        $groupview.delete()


    } 
}     

Function Remove-CIUser { 
    Param ( 
        $Name, 
        $Org
       
    ) 
    Process { 
        write-host "Remove "$name "in " $Org
         
        $user = get-ciuser -Org $Org $Name
        $user.ExtensionData.Delete()


    } 
}     

New-CIUserLDAP -enabled 'ldapuser' 'Org-ADMIN' 'vApp User'
New-CIGroup 'ADGroup' 'Org-ADMIN' 'vApp User'
Remove-CIGroup 'ADGroup' 'Org-ADMIN'
remove-ciuser 'ldpauser' 'org-admin'

 

 

[/vc_column_text][/vc_column][/vc_row]

Unseren Newsletter abonnieren