Bewerken

Delen via


Add-CMSecurityScopeToAdministrativeUser

Add a security scope to a user or group.

Syntax

Add-CMSecurityScopeToAdministrativeUser
   -AdministrativeUserName <String>
   -SecurityScopeName <String>
   [-DisableWildcardHandling]
   [-ForceWildcardHandling]
   [-WhatIf]
   [-Confirm]
   [<CommonParameters>]
Add-CMSecurityScopeToAdministrativeUser
   -AdministrativeUser <IResultObject>
   -SecurityScopeId <String>
   [-DisableWildcardHandling]
   [-ForceWildcardHandling]
   [-WhatIf]
   [-Confirm]
   [<CommonParameters>]
Add-CMSecurityScopeToAdministrativeUser
   -AdministrativeUser <IResultObject>
   -SecurityScopeName <String>
   [-DisableWildcardHandling]
   [-ForceWildcardHandling]
   [-WhatIf]
   [-Confirm]
   [<CommonParameters>]
Add-CMSecurityScopeToAdministrativeUser
   -AdministrativeUser <IResultObject>
   -SecurityScope <IResultObject>
   [-DisableWildcardHandling]
   [-ForceWildcardHandling]
   [-WhatIf]
   [-Confirm]
   [<CommonParameters>]
Add-CMSecurityScopeToAdministrativeUser
   -AdministrativeUserId <Int32>
   -SecurityScopeId <String>
   [-DisableWildcardHandling]
   [-ForceWildcardHandling]
   [-WhatIf]
   [-Confirm]
   [<CommonParameters>]
Add-CMSecurityScopeToAdministrativeUser
   -AdministrativeUserId <Int32>
   -SecurityScopeName <String>
   [-DisableWildcardHandling]
   [-ForceWildcardHandling]
   [-WhatIf]
   [-Confirm]
   [<CommonParameters>]
Add-CMSecurityScopeToAdministrativeUser
   -AdministrativeUserId <Int32>
   -SecurityScope <IResultObject>
   [-DisableWildcardHandling]
   [-ForceWildcardHandling]
   [-WhatIf]
   [-Confirm]
   [<CommonParameters>]
Add-CMSecurityScopeToAdministrativeUser
   -AdministrativeUserName <String>
   -SecurityScopeId <String>
   [-DisableWildcardHandling]
   [-ForceWildcardHandling]
   [-WhatIf]
   [-Confirm]
   [<CommonParameters>]
Add-CMSecurityScopeToAdministrativeUser
   -AdministrativeUserName <String>
   -SecurityScope <IResultObject>
   [-DisableWildcardHandling]
   [-ForceWildcardHandling]
   [-WhatIf]
   [-Confirm]
   [<CommonParameters>]

Description

Use this cmdlet to add a security scope to an administrative user or administrative group in Configuration Manager.

For more information about security scopes, see Fundamentals of role-based administration in Configuration Manager.

You can specify an administrative user or group by name or by ID or you can use the use the Get-CMAdministrativeUser cmdlet to obtain a user or group object. An administrative user in Configuration Manager defines a local or domain user or group. You can specify a security scope to add by name or by ID or you can use the Get-CMSecurityScope cmdlet to obtain a security scope.

Note

Run Configuration Manager cmdlets from the Configuration Manager site drive, for example PS XYZ:\>. For more information, see getting started.

Examples

Example 1: Add a custom security scope to a domain user group

This command adds a security scope named Scope22 for a domain group named Western Administrators. This command assumes that you already created the custom security scope and the administrative user.

Add-CMSecurityScopeToAdministrativeUser -AdministrativeUserName "Contoso\Western Administrators" -SecurityScopeName "Scope22"

Parameters

-AdministrativeUser

Specify an administrative user object to configure. To get this object, use the Get-CMAdministrativeUser cmdlet.

Type:IResultObject
Position:Named
Default value:None
Required:True
Accept pipeline input:True
Accept wildcard characters:False

-AdministrativeUserId

Specify the ID of the administrative user to configure. This value is the AdminID property, which is an integer value. For example, 16777234.

Type:Int32
Position:Named
Default value:None
Required:True
Accept pipeline input:False
Accept wildcard characters:False

-AdministrativeUserName

Specify the name of the administrative user to configure.

You can use wildcard characters:

  • *: Multiple characters
  • ?: Single character
Type:String
Position:Named
Default value:None
Required:True
Accept pipeline input:False
Accept wildcard characters:False

-Confirm

Prompts you for confirmation before running the cmdlet.

Type:SwitchParameter
Aliases:cf
Position:Named
Default value:False
Required:False
Accept pipeline input:False
Accept wildcard characters:False

-DisableWildcardHandling

This parameter treats wildcard characters as literal character values. You can't combine it with ForceWildcardHandling.

Type:SwitchParameter
Position:Named
Default value:None
Required:False
Accept pipeline input:False
Accept wildcard characters:False

-ForceWildcardHandling

This parameter processes wildcard characters and may lead to unexpected behavior (not recommended). You can't combine it with DisableWildcardHandling.

Type:SwitchParameter
Position:Named
Default value:None
Required:False
Accept pipeline input:False
Accept wildcard characters:False

-SecurityScope

Specify a security scope object to add. To get this object, use the Get-CMSecurityScope cmdlet.

Type:IResultObject
Position:Named
Default value:None
Required:True
Accept pipeline input:True
Accept wildcard characters:False

-SecurityScopeId

Specify the ID of the security scope to add. This value is the CategoryID property, for example SMS00UNA for the Default scope.

Type:String
Position:Named
Default value:None
Required:True
Accept pipeline input:False
Accept wildcard characters:False

-SecurityScopeName

Specify the name of the security scope to add.

Type:String
Position:Named
Default value:None
Required:True
Accept pipeline input:False
Accept wildcard characters:False

-WhatIf

Shows what would happen if the cmdlet runs. The cmdlet doesn't run.

Type:SwitchParameter
Aliases:wi
Position:Named
Default value:False
Required:False
Accept pipeline input:False
Accept wildcard characters:False

Inputs

Microsoft.ConfigurationManagement.ManagementProvider.IResultObject

Outputs

System.Object