Skip to main content

Set-LXCARoleGroup

This cmdlet modifies a specific role group.

Note
You cannot pipe objects to this cmdlet.

Syntax

Set-LXCARoleGroup [-Connection LXCAConnection] 
-Id String
[-Description String]
[-RoleGroupName String]
[-RoleList String[]]
[-UserList String[]]
[CommonParameter]

Parameters

-Connection LXCAConnection
Specifies the connection to the Lenovo XClarity Administrator server. If no connection is specified, the result from the last Connect-LXCA cmdlet is used.
-Id String
Specifies the unique ID of the role group to be changed.
-Description String
Specifies the description for the new role group.
-RoleGroupName String
Specifies the name of the role group. The name must be unique.
-RoleList String[]
One or more roles to be associated with the new role group. This can be one of the following values.
  • lxc-supervisor. Users that are assigned this role can access, configure, and perform all available operations on the management server and all managed devices.

    Users that are assigned this role always have access to all managed devices. You cannot restrict access to devices for this role.

  • lxc-admin. Users that are assigned this role can modify non-security related settings and perform all non-security related operations on the management server, including the ability to update and restart the management server. This role also provides the ability to view all configuration and status information about the management server and managed devices.
  • lxc-security-admin. Users that are assigned this role can modify security settings and perform security-related operations on the management server and managed devices. This role also provides ability to view all configuration and status information about the management server and managed devices.

    Users that are assigned this role always have access to all managed devices. You cannot restrict access to devices for this role.

  • lxc-hw-admin. Users that are assigned this role can modify non-security settings and perform non-security related operations on managed devices, including the ability to update and restart managed devices. This role also provides the ability to view all configuration and status information about the management server and all managed devices.
  • lxc-fw-admin. Users that are assigned this role can create firmware policies and deploy those policies to managed devices. Users that are not assigned this role can only view policy information.
  • lxc-os-admin. Users that are assigned this role can download and deploy operating systems and device-driver updates to managed servers. Users that are not assigned this role can only view operating-system and device-driver information.
  • lxc-service-admin. Users that are assigned this role can collect and download service files for XClarity Administrator and managed devices. Users that are not assigned this role can collect but not download service data.
  • lxc-hw-manager. Users that are assigned this role can discover new devices and place those devices under the management control of the XClarity Administrator. This role prohibits users from performing operations or modifying configurations settings on the management server and managed devices beyond those operations that are necessary to discover and manage new devices.
  • lxc-operator. Users that are assigned this role can view all configuration and status information about the management server and managed devices. This role prohibits users from performing operations or modifying configurations settings on the management server and managed devices.
  • lxc-recovery. Users that are assigned this role can modify security settings and perform security-related operations on the management server. These users can also authenticate directly to the XClarity Administrator even if the authentication method is set to external LDAP server. This role provides a recovery mechanism in case a communication error occurs with the external LDAP server that uses the Login Credentials configuration.

    Users that are assigned this role always have access to all managed devices. You cannot restrict access to devices for this role.

The following predefined roles are reserved and cannot be used to create new role groups or assigned to new users.
  • lxc-sysrdr
  • lxc-sysmgr
-UserList String[]
Specifies the IDs of one or more users to associate with the role group. You can use the Get-LXCAUserAccount cmdlet to obtain a user account.
CommonParameters
This cmdlet supports the following common parameters: -Verbose, -Debug, -ErrorAction, -ErrorVariable, -WarningAction, -WarningVariable, -OutBuffer, -PipelineVariable, -OutVariable. For detailed information about each common parameter, see the Microsoft PowerShell Common Parameters webpage.

Results

This cmdlet does not return an object.

Examples

  • The following example modifies the role group name.

    $cred = Get-Credential
    Connect-LXCA -Host 192.0.2.0 -Credential $cred

    $group = Get-LXCARoleGroup -GroupName TEST
    Set-LXCARoleGroup -Id $group.Id -RoleGroupName $name

    Disconnect-LXCA
  • The following example modifies the role group description and roles list.

    $cred = Get-Credential
    Connect-LXCA -Host 192.0.2.0 -Credential $cred

    $group = Get-LXCARoleGroup -GroupName TEST
    $role = Get-LXCARole
    Set-LXCARoleGroup -Id $group.Id -Description $desc -RoleList $role[1],$role[2]

    Disconnect-LXCA
  • The following example modifies the users that are associated with a role group.

    $cred = Get-Credential
    Connect-LXCA -Host 192.0.2.0 -Credential $cred

    $group = Get-LXCARoleGroup -GroupName TEST
    $role = Get-LXCARole
    Set-LXCARoleGroup -Id $group.Id -UserList $user[1],$user[2]

    Disconnect-LXCA