Environment
PlateSpin Migrate 12.x
PlateSpin Protect 11.x
PlateSpin Protect 11.x
Situation
This article discusses about how to use the PlateSpin VMware role tool to verify, modify, or create permission for the VMware roles.
Resolution
See the instructions below to use the VMware role tool.
Tool Execution:
Execute the following command using the suggested parameters:
PlateSpin.VMwareRoleTool.exe /host=[ip address of vcenter or esx host] /user=[username] /role=PlateSpinRole.xml /interactive
Parameter Explanation:
/host – IP address of the VMWare Server
/user – User name of an administrator account.
/role - File name of the file that provides the role's permissions. Use the PlateSpinRole.xml file unless you are advised to use a different file.
/interactive – Runs the command shell for the tool. This is the recommended option for running the tool as provides a menu to execute various options within a single execution of the tool.
/help – Displays information on additional parameters not described here
Tool Menu:
The tool menu contains two the top level options when ran in interactive mode (/interactive).
Main Menu:
Select a PlateSpin Role
Display Server Defined Privileges
This first option is for Select a PlateSpin Role
Under Select a PlateSpin Role, menu option for the roles:
PlateSpin Virtual Machine Manager
PlateSpin Virtual Infrastructure Manager
PlateSpin User
Once the PlateSpin role is selected, the options for the roles are:
Create Role - This option will create the selected role with the required permissions listed in the PlatespinRole.xml file.
Compare with existing Role – This option will allow you to verify if an existing role is compatible with the selected PlateSpin Role.
List existing compatible Roles – This option will display a list of all existing roles that are compatible with the selected PlateSpin Role.
The second option in the root menu (Display Server Defined Privileges) simply displays a list of defined privileges on the server. To view the complete list of privileges it may be necessary to press the space bar.
PlateSpin Role Tool:
The steps for PlateSpin Virtual Manager or PlateSpin Virtual Infrastructure Manger roles are the same as the PlateSpin User Roles. To create, compare or list the PlateSpin Roles, execute the tool.
Execute the following command using the suggested parameters:
This first option is for Select a PlateSpin Role
Under Select a PlateSpin Role, menu option for the roles:
Select PlateSpin Virtual Machine Manager
Select Compare with existing roles
Then selecting a role to compare and press Enter
Create Role:
1. To create the desired role select, “Select a PlateSpin Roleâ€.
2. Select the PlateSpin User role.
3. Select “Create Roleâ€.
4. Press Enter when prompted to return to the action menu.
Note: If the “PlateSpin User†was already created, a message stating it already exists will be displayed.
Compare with existing Roles:
1. From the action menu select ,â€Compare with existing Rolesâ€.
2. Select an existing role to compare to the PlateSpin configured roles. If the existing role is compatible, you will be notified with a message "Role "<your role>" is compatible with "<selected PlateSpin role>"
3. Repeat the same process for any other roles you want to query.
4. Press enter to scroll through the listed privileges and return to the Actions menu.
List existing compatible roles:
1. Select “List existing compatible roles†and press enter to show the compatible roles. As expected, the Admin is compatible to the PlateSpin User.
2. Press enter to return to the actions menu.
3. Press escape to return to the PlateSpin Roles menu to check another role Or press escape to return to the top menu.
4. To exit the program hit [ESC] as required until the program exits.
Tool Execution:
Execute the following command using the suggested parameters:
PlateSpin.VMwareRoleTool.exe /host=[ip address of vcenter or esx host] /user=[username] /role=PlateSpinRole.xml /interactive
Parameter Explanation:
/host – IP address of the VMWare Server
/user – User name of an administrator account.
/role - File name of the file that provides the role's permissions. Use the PlateSpinRole.xml file unless you are advised to use a different file.
/interactive – Runs the command shell for the tool. This is the recommended option for running the tool as provides a menu to execute various options within a single execution of the tool.
/help – Displays information on additional parameters not described here
Tool Menu:
The tool menu contains two the top level options when ran in interactive mode (/interactive).
Main Menu:
Select a PlateSpin Role
Display Server Defined Privileges
This first option is for Select a PlateSpin Role
Under Select a PlateSpin Role, menu option for the roles:
PlateSpin Virtual Machine Manager
PlateSpin Virtual Infrastructure Manager
PlateSpin User
Once the PlateSpin role is selected, the options for the roles are:
Create Role - This option will create the selected role with the required permissions listed in the PlatespinRole.xml file.
Compare with existing Role – This option will allow you to verify if an existing role is compatible with the selected PlateSpin Role.
List existing compatible Roles – This option will display a list of all existing roles that are compatible with the selected PlateSpin Role.
The second option in the root menu (Display Server Defined Privileges) simply displays a list of defined privileges on the server. To view the complete list of privileges it may be necessary to press the space bar.
PlateSpin Role Tool:
The steps for PlateSpin Virtual Manager or PlateSpin Virtual Infrastructure Manger roles are the same as the PlateSpin User Roles. To create, compare or list the PlateSpin Roles, execute the tool.
Execute the following command using the suggested parameters:
This first option is for Select a PlateSpin Role
Under Select a PlateSpin Role, menu option for the roles:
Select PlateSpin Virtual Machine Manager
Select Compare with existing roles
Then selecting a role to compare and press Enter
Create Role:
1. To create the desired role select, “Select a PlateSpin Roleâ€.
2. Select the PlateSpin User role.
3. Select “Create Roleâ€.
4. Press Enter when prompted to return to the action menu.
Note: If the “PlateSpin User†was already created, a message stating it already exists will be displayed.
Compare with existing Roles:
1. From the action menu select ,â€Compare with existing Rolesâ€.
2. Select an existing role to compare to the PlateSpin configured roles. If the existing role is compatible, you will be notified with a message "Role "<your role>" is compatible with "<selected PlateSpin role>"
3. Repeat the same process for any other roles you want to query.
4. Press enter to scroll through the listed privileges and return to the Actions menu.
List existing compatible roles:
1. Select “List existing compatible roles†and press enter to show the compatible roles. As expected, the Admin is compatible to the PlateSpin User.
2. Press enter to return to the actions menu.
3. Press escape to return to the PlateSpin Roles menu to check another role Or press escape to return to the top menu.
4. To exit the program hit [ESC] as required until the program exits.