LightSwitch: Modifying roles, permissions and users via PowerShell

Using the built-in RBAC feature of LightSwitch is really cool and easy to use until you have to assign all of your application defined permissions to roles and users. This is usually where the Administration DesktopClient does not scale too well… But of course there is help: and it is especially easy, when you utilize PowerShell to tackle that task.
In order to automate this you just have to create a service wrapper (or Service Reference to be precise) as described already on the LightSwitch Team blog and elsewhere. But instead of using ‘ApplicationData.svc’ as the service reference you specify ‘Microsoft.LightSwitch.SecurityData.svc’ as the data source. And there you are. You now only have to compile the assembly and instantiate it like it is shown in ‘AddRolesPermissions.ps1’:

From there you take the usual approach as already described in my post about the vCAC Management Context (as they use the same underlying technology (‘Microsoft ADO.NET Data Services’).
To assign a permission to a role you would do something like in ‘file-addrolespermissions-ps1’ from the above example.

The same works for adding users to roles and so forth.

[UPDATE] For a more detailed description on what you can also do with the SecurityData.svc and its architecture you can also have a look at Matt Thalman’s article on Using the SecurityData service in LightSwitch.


  1. […] introduction on how to use the LightSwitch data model from PowerShell you can have a quick look at LightSwitch: Modifying roles, permissions and users via PowerShell. In short, you just have to create an empty class library with a service reference in Visual […]

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

This site uses Akismet to reduce spam. Learn how your comment data is processed.

%d bloggers like this: