Edit

Share via


Add-CMSecurityScopeToAdministrativeUser

Add a security scope to a user or group.

Syntax

AddScopeToAdminByName_Name (Default)

Add-CMSecurityScopeToAdministrativeUser
    -AdministrativeUserName <String>
    -SecurityScopeName <String>
    [-DisableWildcardHandling]
    [-ForceWildcardHandling]
    [-WhatIf]
    [-Confirm]
    [<CommonParameters>]

AddScopeToAdminById_Object

Add-CMSecurityScopeToAdministrativeUser
    -AdministrativeUser <IResultObject>
    -SecurityScopeId <String>
    [-DisableWildcardHandling]
    [-ForceWildcardHandling]
    [-WhatIf]
    [-Confirm]
    [<CommonParameters>]

AddScopeToAdminByName_Object

Add-CMSecurityScopeToAdministrativeUser
    -AdministrativeUser <IResultObject>
    -SecurityScopeName <String>
    [-DisableWildcardHandling]
    [-ForceWildcardHandling]
    [-WhatIf]
    [-Confirm]
    [<CommonParameters>]

AddScopeToAdminByObject_Object

Add-CMSecurityScopeToAdministrativeUser
    -AdministrativeUser <IResultObject>
    -SecurityScope <IResultObject>
    [-DisableWildcardHandling]
    [-ForceWildcardHandling]
    [-WhatIf]
    [-Confirm]
    [<CommonParameters>]

AddScopeToAdminById_Id

Add-CMSecurityScopeToAdministrativeUser
    -AdministrativeUserId <Int32>
    -SecurityScopeId <String>
    [-DisableWildcardHandling]
    [-ForceWildcardHandling]
    [-WhatIf]
    [-Confirm]
    [<CommonParameters>]

AddScopeToAdminByName_Id

Add-CMSecurityScopeToAdministrativeUser
    -AdministrativeUserId <Int32>
    -SecurityScopeName <String>
    [-DisableWildcardHandling]
    [-ForceWildcardHandling]
    [-WhatIf]
    [-Confirm]
    [<CommonParameters>]

AddScopeToAdminByObject_Id

Add-CMSecurityScopeToAdministrativeUser
    -AdministrativeUserId <Int32>
    -SecurityScope <IResultObject>
    [-DisableWildcardHandling]
    [-ForceWildcardHandling]
    [-WhatIf]
    [-Confirm]
    [<CommonParameters>]

AddScopeToAdminById_Name

Add-CMSecurityScopeToAdministrativeUser
    -AdministrativeUserName <String>
    -SecurityScopeId <String>
    [-DisableWildcardHandling]
    [-ForceWildcardHandling]
    [-WhatIf]
    [-Confirm]
    [<CommonParameters>]

AddScopeToAdminByObject_Name

Add-CMSecurityScopeToAdministrativeUser
    -AdministrativeUserName <String>
    -SecurityScope <IResultObject>
    [-DisableWildcardHandling]
    [-ForceWildcardHandling]
    [-WhatIf]
    [-Confirm]
    [<CommonParameters>]

Description

Use this cmdlet to add a security scope to an administrative user or administrative group in Configuration Manager.

For more information about security scopes, see Fundamentals of role-based administration in Configuration Manager.

You can specify an administrative user or group by name or by ID or you can use the use the Get-CMAdministrativeUser cmdlet to obtain a user or group object. An administrative user in Configuration Manager defines a local or domain user or group. You can specify a security scope to add by name or by ID or you can use the Get-CMSecurityScope cmdlet to obtain a security scope.

Note

Run Configuration Manager cmdlets from the Configuration Manager site drive, for example PS XYZ:\>. For more information, see getting started.

Examples

Example 1: Add a custom security scope to a domain user group

This command adds a security scope named Scope22 for a domain group named Western Administrators. This command assumes that you already created the custom security scope and the administrative user.

Add-CMSecurityScopeToAdministrativeUser -AdministrativeUserName "Contoso\Western Administrators" -SecurityScopeName "Scope22"

Parameters

-AdministrativeUser

Specify an administrative user object to configure. To get this object, use the Get-CMAdministrativeUser cmdlet.

Parameter properties

Type:IResultObject
Default value:None
Supports wildcards:False
DontShow:False

Parameter sets

AddScopeToAdminById_Object
Position:Named
Mandatory:True
Value from pipeline:True
Value from pipeline by property name:False
Value from remaining arguments:False
AddScopeToAdminByName_Object
Position:Named
Mandatory:True
Value from pipeline:True
Value from pipeline by property name:False
Value from remaining arguments:False
AddScopeToAdminByObject_Object
Position:Named
Mandatory:True
Value from pipeline:True
Value from pipeline by property name:False
Value from remaining arguments:False

-AdministrativeUserId

Specify the ID of the administrative user to configure. This value is the AdminID property, which is an integer value. For example, 16777234.

Parameter properties

Type:Int32
Default value:None
Supports wildcards:False
DontShow:False

Parameter sets

AddScopeToAdminById_Id
Position:Named
Mandatory:True
Value from pipeline:False
Value from pipeline by property name:False
Value from remaining arguments:False
AddScopeToAdminByName_Id
Position:Named
Mandatory:True
Value from pipeline:False
Value from pipeline by property name:False
Value from remaining arguments:False
AddScopeToAdminByObject_Id
Position:Named
Mandatory:True
Value from pipeline:False
Value from pipeline by property name:False
Value from remaining arguments:False

-AdministrativeUserName

Specify the name of the administrative user to configure.

You can use wildcard characters:

  • *: Multiple characters
  • ?: Single character

Parameter properties

Type:String
Default value:None
Supports wildcards:False
DontShow:False

Parameter sets

AddScopeToAdminByName_Name
Position:Named
Mandatory:True
Value from pipeline:False
Value from pipeline by property name:False
Value from remaining arguments:False
AddScopeToAdminById_Name
Position:Named
Mandatory:True
Value from pipeline:False
Value from pipeline by property name:False
Value from remaining arguments:False
AddScopeToAdminByObject_Name
Position:Named
Mandatory:True
Value from pipeline:False
Value from pipeline by property name:False
Value from remaining arguments:False

-Confirm

Prompts you for confirmation before running the cmdlet.

Parameter properties

Type:SwitchParameter
Default value:False
Supports wildcards:False
DontShow:False
Aliases:cf

Parameter sets

(All)
Position:Named
Mandatory:False
Value from pipeline:False
Value from pipeline by property name:False
Value from remaining arguments:False

-DisableWildcardHandling

This parameter treats wildcard characters as literal character values. You can't combine it with ForceWildcardHandling.

Parameter properties

Type:SwitchParameter
Default value:None
Supports wildcards:False
DontShow:False

Parameter sets

(All)
Position:Named
Mandatory:False
Value from pipeline:False
Value from pipeline by property name:False
Value from remaining arguments:False

-ForceWildcardHandling

This parameter processes wildcard characters and may lead to unexpected behavior (not recommended). You can't combine it with DisableWildcardHandling.

Parameter properties

Type:SwitchParameter
Default value:None
Supports wildcards:False
DontShow:False

Parameter sets

(All)
Position:Named
Mandatory:False
Value from pipeline:False
Value from pipeline by property name:False
Value from remaining arguments:False

-SecurityScope

Specify a security scope object to add. To get this object, use the Get-CMSecurityScope cmdlet.

Parameter properties

Type:IResultObject
Default value:None
Supports wildcards:False
DontShow:False

Parameter sets

AddScopeToAdminByObject_Object
Position:Named
Mandatory:True
Value from pipeline:True
Value from pipeline by property name:False
Value from remaining arguments:False
AddScopeToAdminByObject_Id
Position:Named
Mandatory:True
Value from pipeline:True
Value from pipeline by property name:False
Value from remaining arguments:False
AddScopeToAdminByObject_Name
Position:Named
Mandatory:True
Value from pipeline:True
Value from pipeline by property name:False
Value from remaining arguments:False

-SecurityScopeId

Specify the ID of the security scope to add. This value is the CategoryID property, for example SMS00UNA for the Default scope.

Parameter properties

Type:String
Default value:None
Supports wildcards:False
DontShow:False

Parameter sets

AddScopeToAdminById_Object
Position:Named
Mandatory:True
Value from pipeline:False
Value from pipeline by property name:False
Value from remaining arguments:False
AddScopeToAdminById_Id
Position:Named
Mandatory:True
Value from pipeline:False
Value from pipeline by property name:False
Value from remaining arguments:False
AddScopeToAdminById_Name
Position:Named
Mandatory:True
Value from pipeline:False
Value from pipeline by property name:False
Value from remaining arguments:False

-SecurityScopeName

Specify the name of the security scope to add.

Parameter properties

Type:String
Default value:None
Supports wildcards:False
DontShow:False

Parameter sets

AddScopeToAdminByName_Name
Position:Named
Mandatory:True
Value from pipeline:False
Value from pipeline by property name:False
Value from remaining arguments:False
AddScopeToAdminByName_Object
Position:Named
Mandatory:True
Value from pipeline:False
Value from pipeline by property name:False
Value from remaining arguments:False
AddScopeToAdminByName_Id
Position:Named
Mandatory:True
Value from pipeline:False
Value from pipeline by property name:False
Value from remaining arguments:False

-WhatIf

Shows what would happen if the cmdlet runs. The cmdlet doesn't run.

Parameter properties

Type:SwitchParameter
Default value:False
Supports wildcards:False
DontShow:False
Aliases:wi

Parameter sets

(All)
Position:Named
Mandatory:False
Value from pipeline:False
Value from pipeline by property name:False
Value from remaining arguments:False

CommonParameters

This cmdlet supports the common parameters: -Debug, -ErrorAction, -ErrorVariable, -InformationAction, -InformationVariable, -OutBuffer, -OutVariable, -PipelineVariable, -ProgressAction, -Verbose, -WarningAction, and -WarningVariable. For more information, see about_CommonParameters.

Inputs

Microsoft.ConfigurationManagement.ManagementProvider.IResultObject

Outputs

System.Object