Mastering Windows Server 2016 Hyper-V

(Romina) #1

-CPUCount 40 -StorageGB 1024


$resources = @()
$resources += Get-SCLogicalNetwork -Name "Hyper-V Network Virtualization PA"
-ID "c75b66eb-c844–49a2–8bbd-83198fc8ccc0"
$resources += Get-SCLogicalNetwork -Name "Lab" -ID " XXXXXX "


$resources += Get-SCStorageClassification -Name "Gold" -ID " XXXXXX "


$addCapabilityProfiles = @()
$addCapabilityProfiles += Get-SCCapabilityProfile -Name "Hyper-V"


Set-SCCloud -JobGroup " XXXXXX" -RunAsynchronously -AddCloudResource $resources
-AddCapabilityProfile $addCapabilityProfiles


$hostGroups = @()
$hostGroups += Get-SCVMHostGroup -ID " XXXXXX "
New-SCCloud -JobGroup " XXXXXX " -VMHostGroup $hostGroups -Name "Test Cloud" -Description "" -RunAsynchronously
-DisasterRecoverySupported $false


You now have a cloud that no one can use, so the next step is to assign the cloud to
users and groups. To assign access to clouds, you use user roles. These can be either a
Delegated Administrator who can do anything to the objects within their scope, a
Read-Only Administrator who can view information about everything but can see
nothing that is useful for auditors and interns, or a Self-Service user. Each user role
has a scope that defines the clouds to which it applies and the capabilities and the
users/groups within that user role. It is common, therefore, that you will create a new
Self-Service user role and possibly a Delegated Administrator user role for every cloud
you create to enable granularity in assigning cloud access.


Open the Settings workspace, navigate to User Roles, and select the Create User Role
action on the ribbon. The Create User Role Wizard opens, requesting a name and
description for the object being created. If the user role is cloud specific, include the
name of the cloud in the role name. Click Next, and the wizard requests the type of
user role; select Self-Service User, and click Next.


The next stage prompts for the users and groups that are part of this role. Normally,
my recommendation is to always use Active Directory groups and add users to the AD
group that need access to the user role, so that it’s unnecessary to keep modifying the
user role. When a user is added to the AD group, the user automatically gets the cloud
rights that the AD group has. This works great if you are creating a cloud for a certain
business unit and that business unit already has an AD group. Just grant that business
unit’s AD group access to the cloud-specific Self-Service user role, and then as users
join the business unit, they get access to the cloud. Even if the cloud is not business-
unit specific, but you have good processes in place to add users to groups, you could

Free download pdf