Role capabilities
Role capabilities are a vital part of a JEA session configuration. Each intended role has one or more capabilities assigned, such as visible cmdlets and functions, exported variables, visible providers such as the filesystem or the registry, and so on. The role definitions are usually stored in a role capability file with the psrc
extension. One or more of those role capabilities can be assigned to one user and will be merged:
# While all properties can be filled through cmdlet parameters # it is usually easier to edit the file manually $roleCapabilityOptions = @{ Path = '.\FirstLevelUserSupport.psrc' Description = 'Provides first level support access to change user passwords' VisibleCmdlets = @( @{ Name = 'Get-Service' Parameters = @{ Name = 'Name' ValidateSet = 'Spooler' } } @{ Name = 'Add-NTFSAccess' Parameters = @{ Name = 'Path...