Ben writes about VMs

In every company there are re-orgs. And sometimes the AD administrators are faster with deleting the old group before you can update your permission sets in vCenter Server.

So I wrote a small script that helped me to get the old permissions and assigns it to the new group.

After that it will remove the old group's permissions from the vCenter.

$vmCreds = Get-Credential
$VIServers = "vcenter.benslab.net"
Connect-VIServer -Server $VIServers -Credential $vmCreds
$oldGroupName = "*NoLongerExsistingGroup*"
$newGroupName = "Group"
$newGroup = Get-VIAccount -Group $newGroupName -Domain "AD.BENS.SYSTEMS"
$UserbasedPerms = Get-VIPermission | Where { $_.Principal -like $oldGroupName}
foreach ($entityRole in $UserbasedPerms) {
    New-VIPermission -Entity $entityRole.Entity -Principal $newGroup -Role $entityRole.Role -Propagate $true
}
$GroupbasedPerms = Get-VIPermission -Principal $newGroup
$UserbasedPerms.Count
$GroupbasedPerms.Count
Remove-VIPermission -Permission $UserbasedPerms

The script can also be found on my GitLab instance.

#vSphere #PowerCLI

On my GitLab instance, I setup a small project, that checks if the API for VMware Security Announcements is containing the latest published information.

The test script is run once a day, and checks from 4 different networks if the CDN is already up to date.

The status and the project can be found here: https://git.frenzel.systems/ben/vmsa-stuff

I wanted to play more with “Infrastructure as Code” and all the #GitOps stuff. So I installed a GitLab instance and deployed a few GitLab Runners.

After a few test pipelines with shell scripts using this lovely guide, I think over the next few weeks I will dig deeper into the automation in my lab.

So I hope you will join me on my journey.

So after Michael provided us a home on his amazing Mastodon instance, I was thinking about restart my blog once more and use Write Freely which allows me natively to also publish using ActivityPub.

So let's see how this will work out in the future.