Solved

user could not log onto the ESXi because of the permission

Posted on 2012-04-03
18
2,046 Views
Last Modified: 2012-05-01
I just created the new user with root permission. However, he could not log onto the ESXi host using vShpere. He got this error message

The vsphere client could not connect to 10.10.10.40. You do not have permission to login to the server 10.10.10.40.

Please advice me .
Thanks,
0
Comment
Question by:dongocdung
  • 7
  • 6
  • 3
  • +2
18 Comments
 
LVL 9

Expert Comment

by:Geodash
ID: 37801688
Are you using AD authentication?
0
 
LVL 40

Assisted Solution

by:coolsport00
coolsport00 earned 350 total points
ID: 37801690
Is that the IP of the host or to vCenter? After you create a User, you have to assign the user "Permission". Click the Permission tab and add that user the permission to log into either the Host or vCenter.

~coolsport00
0
 
LVL 118

Assisted Solution

by:Andrew Hancock (VMware vExpert / EE MVE)
Andrew Hancock (VMware vExpert / EE MVE) earned 150 total points
ID: 37801697
Have you also granted permission for this user, to the Server Object in the vSphere Client, just creating a user does not give them access, unless you assign the user permission to the object.

e.g. top of the tree
0
 
LVL 40

Assisted Solution

by:coolsport00
coolsport00 earned 350 total points
ID: 37801740
Click on 'Host' in upper left, then permission tab on right. Then, click the 'whitespace' to 'Add Permission' of this new user.

~coolsport00

Host Permission
0
 

Author Comment

by:dongocdung
ID: 37801821
I assigned the root permission to this user but he could not log in. This ESXi is not connected to the network yet.
0
 
LVL 40

Assisted Solution

by:coolsport00
coolsport00 earned 350 total points
ID: 37801830
If the host can't be 'seen' on the network, but only your workstation, for example,, then no one but you will be able to log in until you get IP settings configured in the Configuration tab.
0
 

Author Comment

by:dongocdung
ID: 37802265
I get into the Configuration tab, but I don't know where I can set the IP Address.
0
 
LVL 40

Assisted Solution

by:coolsport00
coolsport00 earned 350 total points
ID: 37802288
Under Networking in the 'Hardware' box. You'll basically configure a VMkernel port as a "management" network. Or, maybe an easier way to do so is to connect to your host console, the DCUI (direct console user interface) and configure your host IP settings there (pressing F2, then log in with 'root').

~coolsport00
0
 

Author Comment

by:dongocdung
ID: 37802347
I see the VmKernel has IP address already.
0
IT, Stop Being Called Into Every Meeting

Highfive is so simple that setting up every meeting room takes just minutes and every employee will be able to start or join a call from any room with ease. Never be called into a meeting just to get it started again. This is how video conferencing should work!

 
LVL 118

Assisted Solution

by:Andrew Hancock (VMware vExpert / EE MVE)
Andrew Hancock (VMware vExpert / EE MVE) earned 150 total points
ID: 37802363
Check Management Network IP Address
0
 
LVL 40

Assisted Solution

by:coolsport00
coolsport00 earned 350 total points
ID: 37802372
Ok..if you're using 4.x, it will be a "mgmt" network, whereas if you're using 5.x, it'll be a VMKernel port with "Management"...VMware kinda consolidated things a bit.
0
 

Author Comment

by:dongocdung
ID: 37802701
What do I do now?
Thanks,
0
 
LVL 40

Assisted Solution

by:coolsport00
coolsport00 earned 350 total points
ID: 37802715
Have your user use that IP in his/her vSphere Client to try and log into the Host...
0
 

Author Comment

by:dongocdung
ID: 37802814
Yes, he did but got the permission error above.
0
 
LVL 118

Assisted Solution

by:Andrew Hancock (VMware vExpert / EE MVE)
Andrew Hancock (VMware vExpert / EE MVE) earned 150 total points
ID: 37802829
did you assign permissions to server object?
0
 
LVL 40

Accepted Solution

by:
coolsport00 earned 350 total points
ID: 37802973
See my screenshot above and how I have the actual host highlighted, then the Permissions tab is accessed on the right. So, if I were to expand my host (virtual01), there would be VMs below it (or Resource Pools and VMs). Those are all what VMware calls "objects" in the object or naviagation tree there on the left side. You can set permissions at any level. And those permissions, when granted on a certain level, are at that level and propagate downward. Since you want this user to have access to your host, you grant it at the host level. If you want to forbid access at any given level below the object where access is granted, you assign the user in question the 'no access' right/permission on a given object.

~coolsport00
0
 

Author Comment

by:dongocdung
ID: 37812948
I granted him a "root level" to a host but he could not log on to the host using the v Sphere client.
0
 

Expert Comment

by:dainjah
ID: 37855566
Post your screenshots. You must have done something wrong that can't be explained using text-mode only.
0

Featured Post

How your wiki can always stay up-to-date

Quip doubles as a “living” wiki and a project management tool that evolves with your organization. As you finish projects in Quip, the work remains, easily accessible to all team members, new and old.
- Increase transparency
- Onboard new hires faster
- Access from mobile/offline

Join & Write a Comment

This is an issue that we can get adding / removing permissions in the vCSA 6.0. We can also have issues searching for users / groups in the AD (using your identify sources). This is how one of the ways to handle this issues and fix it.
In this article, I will show you HOW TO: Perform a Physical to Virtual (P2V) Conversion the easy way from a computer backup (image).
Teach the user how to install vSphere Update Manager  Console to Windows system:  Install vSphere Update Manager: Configure vSphere Update Manager plug-in in vSphere Client: Verify vSphere Update Manager settings in vSphere Client:
Teach the user how to configure vSphere clusters to support the VMware FT feature Open vSphere Web Client: Verify vSphere HA is enabled: Verify netowrking for vMotion and FT Logging is in place or create it: Turn On FT for a virtual machine: Verify …

747 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

13 Experts available now in Live!

Get 1:1 Help Now