PowerCLI - VM Permissions

Displays the permissions for a specific VM

Get-VM -Name YourVMname | Get-VIPermission | select role, Principal

Displays the given permission for a specific user on a specific VM

Get-VM -Name YourVMName | Get-VIPermission | Where {$_.Principal -eq 'VSPHERE.LOCAL\yourusername'} | select role, Principal

Gets Permissions of a VM and remove the permissions for a specific user from the VM permissions

Get-VIPermission -Entity YourVMName -Principal 'VSPHERE.LOCAL\yourusername' | Remove-VIPermission -Confirm:$false

Gets permissions from all VMs where the specific user has permission and display the vm name, role and username

connect-viserver YourVcenterIPAddress -User This email address is being protected from spambots. You need JavaScript enabled to view it. -Password YourPassword
foreach($vm in Get-Inventory)
{
Get-VIPermission -Entity $vm | Where-Object {$_.Principal -eq 'VSPHERE.LOCAL\youruser'} | Select Entity, Role, Principal
} 

 Remove permissions for a specific user from a specific VM permissions

Get-VIPermission -Entity 'YourVMName' -Principal 'VSPHERE.LOCAL\yourusername' | Remove-VIPermission -Confirm:$false 

Remove permissions for a specific user from ALL Vms

connect-viserver YourVcenterIPAddress -User This email address is being protected from spambots. You need JavaScript enabled to view it. -Password Yourpassword
foreach($vm in Get-Inventory)
{
Get-VIPermission -Entity $vm -Principal 'VSPHERE.LOCAL\youruser' | Remove-VIPermission -Confirm:$false
}