Table of Contents IntroductionConfiguration
For more info about see http://social.technet.microsoft.com/wiki/contents/articles/12554.actions-available-to-self-service-user-roles-in-vmm-2012.aspx
Choose actions according to your group, and then click Next. Figure 8 - Actions In some cases you may need a different user with specific permissions on a group of hosts or even a cloud. This type of object in the VMM is called Run As Profile. It is nothing more than a service account that can be used by group members. In the example of Figure 9 is the local administrator account used for all hosts, but because the group limitation that we are creating will be used only in virtual machines that are in Sao Paulo Private Cloud.
Figure 9 - Run As Profiles In Sumary confirm the options chosen, and if you prefer, export the script from powershell to create models or future automation. Figure 10 - Summary Clicking on View Script a text file is displayed with the PowerShell commandlets. Check out the script for the demonstration used in this article:
$cloudsToAdd = @()
$cloudsToAdd += Get-SCCloud -Id "2d34f303-7de0-4371-85cd-a2691b751101"
$runAsProfilesToAdd = @()
$runAsProfilesToAdd += Get-SCRunAsProfile -Name "Administrator"
$scopeToAdd = $cloudsToAdd + $runAsProfilesToAdd
Set-SCUserRole -JobGroup "304bb8d1-d9eb-4d4d-8515-f19085027d2d" -AddMember @("CONTOSO\SPCloudAdmins") -AddScope $scopeToAdd -Permission @("Author", "Checkpoint", "CreateFromVHDOrTemplate", "AllowLocalAdmin", "PauseAndResume", "CanReceive", "RemoteConnect", "Remove", "Save", "CanShare", "Shutdown", "Start", "Stop", "Store") -ShowPROTips $false -UserRoleDataPath "\\WIN-PNNSMPE05M8.Contoso.msft\SPLibrary\SPPrivateCloud"
$cloud = Get-SCCloud -Id "2d34f303-7de0-4371-85cd-a2691b751101"
Set-SCUserRoleQuota -Cloud $cloud -JobGroup "304bb8d1-d9eb-4d4d-8515-f19085027d2d" -UseCPUCountMaximum -MemoryMB "800" -StorageGB "8000" -CustomQuotaCount "20" -VMCount "40"
Set-SCUserRoleQuota -Cloud $cloud -JobGroup "304bb8d1-d9eb-4d4d-8515-f19085027d2d" -QuotaPerUser -UseCPUCountMaximum -MemoryMB "100" -StorageGB "1000" -CustomQuotaCount "3" -VMCount "10"
$libResource = Get-SCVirtualMachine -ID "b3de7103-d7df-47cb-a0d7-7fffc0230eb6"
Grant-SCResource -Resource $libResource -JobGroup "304bb8d1-d9eb-4d4d-8515-f19085027d2d"
$libResource = Get-SCVirtualMachine -ID "8d22f54e-012c-42a5-9c14-8d62844abb58"
$libResource = Get-SCVirtualMachine -ID "c7f018ef-0846-41fb-ac06-5f0c81b185ad"
$libResource = Get-SCVirtualMachine -ID "8c9042e0-f124-46a4-8419-e0fdda215864"
$libResource = Get-SCVirtualMachine -ID "e86def06-37cb-4e19-ab78-8a5531b1d4e0"
$libResource = Get-SCTemplate -ID "f189f57a-0f5c-4502-b219-7b590defccb7"
$libResource = Get-SCTemplate -ID "c56bfc92-9973-4717-9655-af3d4c874765"
$libResource = Get-SCHardwareProfile -ID "5dc61fd3-b613-4ece-98be-4be83456c6e6"
$libResource = Get-SCHardwareProfile -ID "83301787-c270-436d-814e-b8a1f8be9853"
$libResource = Get-SCHardwareProfile -ID "216d8006-da6d-498a-be99-e0aefd18201a"
$libResource = Get-GuestOSProfile -Name "Infrastructure Server"
$libResource = Get-GuestOSProfile -Name "Windows Server 2008 R2 OS Profile"
$libResource = Get-GuestOSProfile -Name "VPN Guest Profile"
$libResource = Get-GuestOSProfile -Name "File Server Guest Profile"
$libResource = Get-SCApplicationProfile -Name "Windows Server x64"
New-SCUserRole -Name "SP Cloud Admins" -UserRoleProfile "SelfServiceUser" -Description "User Role to access and manage the Sao Paulo Private Cloud through the Web Console (Self Service Portal)" -JobGroup "304bb8d1-d9eb-4d4d-8515-f19085027d2d"
If you want to change the settings of an existing User Role, through the management console, click Settings, Security and User Roles. Select the Role that will change and click Properties, as Figure 11. Figure 11 - User Roles In figure 12 you can see the web console called the VMM Self-Service Portal (SSP). It offers portability for group members to administer the virtual environment using the URL from anywhere, even from the Internet if it is published to the web. Figure 12 - VMM Self Service Portal When a specific user from this User Role logs on through the SSP he will only see the virtual machines and the options were assigned to their group. Figure 13 - Virtual machines See the option of creating a new virtual machine through the SSP in figure 14:
Leandro Carvalho MCSA+S+M | MCSE+S | MCTS | MCITP | MCBMSS | MCT | MVP Virtual Machine MSVirtualization | Wordpress | Winsec.org | LinhadeCodigo | MVP Profile Twitter: LeandroEduardo | LinkedIn: Leandroesc
AlessandroCardoso edited Revision 6. Comment: add link to actions
Ed Price - MSFT edited Revision 3. Comment: Minor edits
Wow, it's awesome! it's seems I will be here many times