Add-CMSecurityRoleToAdministrativeUser

Add-CMSecurityRoleToAdministrativeUser

Adds a security role to an administrative user or group in Configuration Manager.

Syntax

Parameter Set: AddRoleToAdminByName_Name
Add-CMSecurityRoleToAdministrativeUser -AdministrativeUserName <String> -RoleName <String> [-Confirm] [-WhatIf] [ <CommonParameters>]

Parameter Set: AddRoleToAdminById_Id
Add-CMSecurityRoleToAdministrativeUser -AdministrativeUserId <Int32> -RoleId <String> [-Confirm] [-WhatIf] [ <CommonParameters>]

Parameter Set: AddRoleToAdminById_Name
Add-CMSecurityRoleToAdministrativeUser -AdministrativeUserName <String> -RoleId <String> [-Confirm] [-WhatIf] [ <CommonParameters>]

Parameter Set: AddRoleToAdminById_Object
Add-CMSecurityRoleToAdministrativeUser -AdministrativeUser <IResultObject> -RoleId <String> [-Confirm] [-WhatIf] [ <CommonParameters>]

Parameter Set: AddRoleToAdminByName_Id
Add-CMSecurityRoleToAdministrativeUser -AdministrativeUserId <Int32> -RoleName <String> [-Confirm] [-WhatIf] [ <CommonParameters>]

Parameter Set: AddRoleToAdminByName_Object
Add-CMSecurityRoleToAdministrativeUser -AdministrativeUser <IResultObject> -RoleName <String> [-Confirm] [-WhatIf] [ <CommonParameters>]

Parameter Set: AddRoleToAdminByObject_Id
Add-CMSecurityRoleToAdministrativeUser -AdministrativeUserId <Int32> -Role <IResultObject> [-Confirm] [-WhatIf] [ <CommonParameters>]

Parameter Set: AddRoleToAdminByObject_Name
Add-CMSecurityRoleToAdministrativeUser -AdministrativeUserName <String> -Role <IResultObject> [-Confirm] [-WhatIf] [ <CommonParameters>]

Parameter Set: AddRoleToAdminByObject_Object
Add-CMSecurityRoleToAdministrativeUser -AdministrativeUser <IResultObject> -Role <IResultObject> [-Confirm] [-WhatIf] [ <CommonParameters>]

Detailed Description

The Add-CMSecurityRoleToAdministrativeUser cmdlet adds a security role to an administrative user or administrative group in Microsoft System Center 2012 SP1 Configuration Manager.

Permissions defined in a role represent object types and actions available for each object type. System Center 2012 Configuration Manager provides some built-in security roles. You can also create custom security roles. For more information about security roles, see Configuring Security for Configuration Manager (https://go.microsoft.com/fwlink/?LinkID=247225) on TechNet.

You can specify an administrative user or group by name or by ID or you can use the use the Get-CMAdministrativeUser cmdlet to obtain a user or group object. You can specify a role to add by name or by ID, or you can use the Get-CMSecurityRole cmdlet to obtain a role.

Parameters

-AdministrativeUser<IResultObject>

Specifies an administrative user or administrative group object. To obtain an administrative user or administrative group object, use the Get-CMAdministrativeUser cmdlet.

Aliases

none

Required?

true

Position?

named

Default Value

none

Accept Pipeline Input?

True (ByPropertyName)

Accept Wildcard Characters?

false

-AdministrativeUserId<Int32>

Specifies an ID of an administrative user or administrative group.

Aliases

none

Required?

true

Position?

named

Default Value

none

Accept Pipeline Input?

True (ByPropertyName)

Accept Wildcard Characters?

false

-AdministrativeUserName<String>

Specifies a name of an administrative user or administrative group.

Aliases

none

Required?

true

Position?

named

Default Value

none

Accept Pipeline Input?

True (ByPropertyName)

Accept Wildcard Characters?

false

-Role<IResultObject>

Specifies a role object. To obtain a role object, use the Get-CMSecurityRole cmdlet. A role represents Configuration Manager permissions granted to a user.

Aliases

none

Required?

true

Position?

named

Default Value

none

Accept Pipeline Input?

True (ByPropertyName)

Accept Wildcard Characters?

false

-RoleId<String>

Specifies an ID of a role. A role represents Configuration Manager permissions granted to a user.

Aliases

none

Required?

true

Position?

named

Default Value

none

Accept Pipeline Input?

True (ByPropertyName)

Accept Wildcard Characters?

false

-RoleName<String>

Specifies a name of a role. A role represents Configuration Manager permissions granted to a user.

Aliases

none

Required?

true

Position?

named

Default Value

none

Accept Pipeline Input?

True (ByPropertyName)

Accept Wildcard Characters?

false

-Confirm

Prompts you for confirmation before running the cmdlet.

Required?

false

Position?

named

Default Value

false

Accept Pipeline Input?

false

Accept Wildcard Characters?

false

-WhatIf

Shows what would happen if the cmdlet runs. The cmdlet is not run.

Required?

false

Position?

named

Default Value

false

Accept Pipeline Input?

false

Accept Wildcard Characters?

false

<CommonParameters>

This cmdlet supports the common parameters: -Verbose, -Debug, -ErrorAction, -ErrorVariable, -OutBuffer, and -OutVariable. For more information, see    about_CommonParameters (https://go.microsoft.com/fwlink/p/?LinkID=113216).

Inputs

The input type is the type of the objects that you can pipe to the cmdlet.

Outputs

The output type is the type of the objects that the cmdlet emits.

Examples

Example 1: Add a named role to a named user group

This command adds a security role named SecurityRole17 to the administrative group named Western Administrators.

PS C:\> Add-CMSecurityRoleToAdministrativeUser -AdministrativeUserName "Western Administrators " -RoleName "SecurityRole17"

Example 2: Add a role to a named user group identified by using an ID

This command adds a security role that has the specified ID to the administrative group named Western Administrators.

PS C:\> Add-CMSecurityRoleToAdministrativeUser -AdministrativeUserName "Western Administrators" -RoleId "SMS38973"

Add-CMDeviceCollectionToAdministrativeUser

Add-CMSecurityScopeToAdministrativeUser

Add-CMUserCollectionToAdministrativeUser

Get-CMAdministrativeUser

Get-CMSecurityRole

Remove-CMSecurityRoleFromAdministrativeUser