Revoke-SCResource
Revoke-SCResource
Revokes access to a resource from a user or user role.
Syntax
Parameter Set: Default
Revoke-SCResource -Resource <ClientObject> [-JobGroup <Guid]> ] [-JobVariable <String> ] [-OnBehalfOfUser <System.String> ] [-OnBehalfOfUserRole <Microsoft.SystemCenter.VirtualMachineManager.UserRole> ] [-PROTipID <Guid]> ] [-RunAsynchronously] [-UserName <String> ] [-UserRoleID <Guid[]> ] [-UserRoleName <String[]> ] [-VMMServer <ServerConnection> ] [ <CommonParameters>]
Detailed Description
The Revoke-SCResource cmdlet revokes access to a resource from a user or user role.
Parameters
-JobGroup<Guid]>
Specifies an identifier for a series of commands that will run as a set just before the final command that includes the same job group identifier runs.
Aliases |
none |
Required? |
false |
Position? |
named |
Default Value |
none |
Accept Pipeline Input? |
false |
Accept Wildcard Characters? |
false |
-JobVariable<String>
Specifies that job progress is tracked and stored in the variable named by this parameter.
Aliases |
none |
Required? |
false |
Position? |
named |
Default Value |
none |
Accept Pipeline Input? |
false |
Accept Wildcard Characters? |
false |
-OnBehalfOfUser<System.String>
Aliases |
none |
Required? |
false |
Position? |
named |
Default Value |
none |
Accept Pipeline Input? |
false |
Accept Wildcard Characters? |
false |
-OnBehalfOfUserRole<Microsoft.SystemCenter.VirtualMachineManager.UserRole>
Aliases |
none |
Required? |
false |
Position? |
named |
Default Value |
none |
Accept Pipeline Input? |
false |
Accept Wildcard Characters? |
false |
-PROTipID<Guid]>
Specifies the ID of the PRO tip that triggered this action. This allows for auditing of PRO tips.
Aliases |
none |
Required? |
false |
Position? |
named |
Default Value |
none |
Accept Pipeline Input? |
false |
Accept Wildcard Characters? |
false |
-Resource<ClientObject>
Specifies a resource object.
Aliases |
none |
Required? |
true |
Position? |
named |
Default Value |
none |
Accept Pipeline Input? |
True (ByValue) |
Accept Wildcard Characters? |
false |
-RunAsynchronously
Indicates that the job runs asynchronously so that control returns to the command shell immediately.
Aliases |
none |
Required? |
false |
Position? |
named |
Default Value |
none |
Accept Pipeline Input? |
false |
Accept Wildcard Characters? |
false |
-UserName<String>
Specifies a the name of a user. Enter a user name with the format Domain\User.
Aliases |
none |
Required? |
false |
Position? |
named |
Default Value |
none |
Accept Pipeline Input? |
false |
Accept Wildcard Characters? |
false |
-UserRoleID<Guid[]>
Specifies the ID of a user role.
Aliases |
none |
Required? |
false |
Position? |
named |
Default Value |
none |
Accept Pipeline Input? |
false |
Accept Wildcard Characters? |
false |
-UserRoleName<String[]>
Specifies the name of a user role. Types of user roles that are named include Delegated Administrator, Read-Only Administrator and Self-Service User.
Aliases |
none |
Required? |
false |
Position? |
named |
Default Value |
none |
Accept Pipeline Input? |
false |
Accept Wildcard Characters? |
false |
-VMMServer<ServerConnection>
Specifies a VMM server object.
Aliases |
none |
Required? |
false |
Position? |
named |
Default Value |
none |
Accept Pipeline Input? |
false |
Accept Wildcard Characters? |
false |
<CommonParameters>
This cmdlet supports the common parameters: -Verbose, -Debug, -ErrorAction, -ErrorVariable, -OutBuffer, and -OutVariable. For more information, see about_CommonParameters (https://go.microsoft.com/fwlink/p/?LinkID=113216).
Inputs
The input type is the type of the objects that you can pipe to the cmdlet.
Outputs
The output type is the type of the objects that the cmdlet emits.
- Resource
Examples
Example 1: Revoke access to a resource from a specific user
The first command gets the template object named Template01, and then stores the object in the $Resource variable.
The second command revokes access to the resource stored in $Resource from the user named Katarina. If the user is a member of multiple user roles, access will be revoked from the user in all its user roles.
PS C:\> $Resource = Get-SCVMTemplate | where {$_.Name -eq "Template01"}
PS C:\> Revoke-SCResource -Resource $Resource -Username "Contoso\Katarina"
Example 2: Revoke access to a resource from a user who is a member of multiple user roles
The first command gets the template object named Template01, and then stores the object in the $Resource variable.
The second command revokes access to the resource stored in $Resource from the user named Katarina, but only if the user is using the ContosoSelfServiceUsers or SelfServiceUserRole02 user roles. If Katarina uses a different user role that has access to the resource then she will still be able to access the resource.
PS C:\> $Resource = Get-SCVMTemplate | where {$_.Name -eq "Template01"}
PS C:\> Revoke-SCResource -Resource $Resource -Username "Contoso\Katarina" -UserRoleName @("ContosoSelfServiceUsers", "SelfServiceUserRole02")
Example 3: Revoke access to a resource from all members of a user role
The first command gets the template object named Template01, and then stores the object in the $Resource variable.
The second command revokes access to the resource stored in $Resource from all members of the ContosoSelfServiceUsers user role.
PS C:\> $Resource = Get-SCVMTemplate | where {$_.Name -eq "Template01"}
PS C:\> Revoke-SCResource -Resource $Resource -UserRoleName "ContosoSelfServiceUsers"