Partager via


New-SCUserRole

New-SCUserRole

Creates a user role for a group of VMM users.

Syntax

Parameter Set: Default
New-SCUserRole [-Name] <String> -UserRoleProfile <Profile> {Administrator | DelegatedAdmin | TenantAdmin | SelfServiceUser | ReadOnlyAdmin} [-Description <String> ] [-ID <Guid]> ] [-JobGroup <Guid]> ] [-JobVariable <String> ] [-OnBehalfOfUser <System.String> ] [-OnBehalfOfUserRole <Microsoft.SystemCenter.VirtualMachineManager.UserRole> ] [-ParentUserRole <UserRole> ] [-PROTipID <Guid]> ] [-RunAsynchronously] [-VMMServer <ServerConnection> ] [ <CommonParameters>]

Detailed Description

The New-SCUserRole cmdlet creates a user role for a group of Virtual Machine Manager (VMM) users. You can create the following user roles: Delegated Administrator, Read-Only Administrator, and Self-Service user. Only one Administrator role exists; you cannot create another Administrator role or delete the existing one.

If you are a member of a Delegated Administrator user role, you can create a user role. However, the scope of the new user role must be a subset of the scope of its parent user role.

After you create a user role, you can use the Set-SCUserRole cmdlet to rename the user role, to add or remove members, and to add or modify the scope of objects that members of the role can manage. For a Self-Service user role, you can specify which actions members of a Self-Service user role can take on their virtual machines, and you can define a quota that limits the number of virtual machines Self-Service users can create. Although you cannot create or remove the Administrator role or limit its scope, you can use Set-SCUserRole to add or remove members to that role.

For information about setting the properties of a user role, type Get-Help Set-SCUserRole -detailed.

Parameters

-Description<String>

States a description for the specified object.

Aliases

none

Required?

false

Position?

named

Default Value

none

Accept Pipeline Input?

false

Accept Wildcard Characters?

false

-ID<Guid]>

Specifies the numerical identifier as a globally unique identifier (GUID) for a specific object.

Aliases

none

Required?

false

Position?

named

Default Value

none

Accept Pipeline Input?

false

Accept Wildcard Characters?

false

-JobGroup<Guid]>

Specifies an identifier for a series of commands that will run as a set just before the final command that includes the same job group identifier runs.

Aliases

none

Required?

false

Position?

named

Default Value

none

Accept Pipeline Input?

false

Accept Wildcard Characters?

false

-JobVariable<String>

Specifies that job progress is tracked and stored in the variable named by this parameter.

Aliases

none

Required?

false

Position?

named

Default Value

none

Accept Pipeline Input?

false

Accept Wildcard Characters?

false

-Name<String>

Specifies the name of a VMM object.

Aliases

none

Required?

true

Position?

1

Default Value

none

Accept Pipeline Input?

false

Accept Wildcard Characters?

false

-OnBehalfOfUser<System.String>

Aliases

none

Required?

false

Position?

named

Default Value

none

Accept Pipeline Input?

false

Accept Wildcard Characters?

false

-OnBehalfOfUserRole<Microsoft.SystemCenter.VirtualMachineManager.UserRole>

Aliases

none

Required?

false

Position?

named

Default Value

none

Accept Pipeline Input?

false

Accept Wildcard Characters?

false

-ParentUserRole<UserRole>

Specifies an existing VMM user role as the parent of a new user role.

Aliases

none

Required?

false

Position?

named

Default Value

none

Accept Pipeline Input?

false

Accept Wildcard Characters?

false

-PROTipID<Guid]>

Specifies the ID of the PRO tip that triggered this action. This allows for auditing of PRO tips.

Aliases

none

Required?

false

Position?

named

Default Value

none

Accept Pipeline Input?

false

Accept Wildcard Characters?

false

-RunAsynchronously

Indicates that the job runs asynchronously so that control returns to the command shell immediately.

Aliases

none

Required?

false

Position?

named

Default Value

none

Accept Pipeline Input?

false

Accept Wildcard Characters?

false

-UserRoleProfile<Profile>

Specifies the type of profile to use as the basis for the user role. Valid values are:

-- DelegatedAdmin
-- ReadOnlyAdmin
-- SelfServiceUser

Aliases

none

Required?

true

Position?

named

Default Value

none

Accept Pipeline Input?

false

Accept Wildcard Characters?

false

-VMMServer<ServerConnection>

Specifies a VMM server object.

Aliases

none

Required?

false

Position?

named

Default Value

none

Accept Pipeline Input?

True (ByValue)

Accept Wildcard Characters?

false

<CommonParameters>

This cmdlet supports the common parameters: -Verbose, -Debug, -ErrorAction, -ErrorVariable, -OutBuffer, and -OutVariable. For more information, see    about_CommonParameters (https://go.microsoft.com/fwlink/p/?LinkID=113216).

Inputs

The input type is the type of the objects that you can pipe to the cmdlet.

Outputs

The output type is the type of the objects that the cmdlet emits.

  • UserRole

Examples

Example Example 1: Create a delegated Delegated administrator Administrator user role.Delegated Administrator

This command creates a delegated administrator user role named ContosoDelegatedAdmin, provides the description Delegated Administrators for the Contoso.com domain, and uses the UserRoleProfile parameter to designate the user role type as Delegated Administrator.

PS C:\> New-SCUserRole -Name "ContosoDelegatedAdmin" -Description "Delegated Administrators for the Contoso.com domain" -UserRoleProfile "DelegatedAdmin"

Example Example 2: Create a Self -Service User user role.-

This command creates a new user role named ContosoSelfServiceUsers, uses the UserRoleProfile parameter to designate the new user role type as Self-Service user, and then stores the new user role object in the $SelfServiceRole variable.

PS C:\> $SelfServiceRole = New-SCUserRole -Name "ContosoSelfServiceUsers" -UserRoleProfile "SelfServiceUser"

Get-SCUserRole

Remove-SCUserRole

Set-SCUserRole