Solved

VSphere Client Role Permissions

Posted on 2013-05-17
3
402 Views
Last Modified: 2013-06-06
Hey folks - Is it possible to apply a security role permission to a group of virtual machines rather than assign the role permission individually to each virtual machine?

Basically, I would like to clone an existing sample role and use it for helpdesk staff, but I am being lazy and do not want to edit the permissions on each server.  I would like to group the servers and apply the new permission role all members of the virtual machine group.


Thanks
0
Comment
Question by:LenCepeda
  • 2
3 Comments
 
LVL 118

Accepted Solution

by:
Andrew Hancock (VMware vExpert / EE MVE) earned 250 total points
ID: 39175688
Yes.

see Chapter 4 - Authentication and User Management - Page 41

vSphere Security Guide

if you have a Default installation, you have probably added everyone as Administrator!

Assigning Permissions to Folders (if you switch to VM and Template view), and defining and creating Groups in Active Directory, adding these groups to the folders, with specific VMware vCenter Server Roles, allows you to define very granular security and access to VMs.

Developer Access via vSphere Client
We have a group of Developers, we let access our VMware vSphere vCenter Server (ESXi Farm), but we only allow them access to *THEIR VMs*, they have the ability to power on, off, shutdown, restart, add floppy disks, add cdroms, but no other functions, just like a normal computer.

When they login, they only see the above screenshot, but their VMs are shared with 1000s more!
0
 
LVL 11

Assisted Solution

by:rafael_acc
rafael_acc earned 250 total points
ID: 39184235
LenCepeda,

This is possible indeed. As advised already, you could use folders! It is very similar to how you do it using Active Directory - in this case you would use OU (Organizational Units).

However, I do believe it is best you read the chapter in the book ... it is a very good one and it would eventually clarify your doubts, but also give you a better insight and best practices recommendations.

thanks
0
 
LVL 118
ID: 39199684
Do you need further help with this question?
0

Featured Post

Microsoft Certification Exam 74-409

Veeam® is happy to provide the Microsoft community with a study guide prepared by MVP and MCT, Orin Thomas. This guide will take you through each of the exam objectives, helping you to prepare for and pass the examination.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

HOW TO: Install and Configure VMware vSphere Hypervisor 6.5 (ESXi 6.5), Step by Step Tutorial with screenshots. From Download, Checking Media, to Completed Installation.
In this article, I will show you HOW TO: Suppress Configuration Issues and Warnings Alert displayed in Summary status for ESXi 6.5 after enabling SSH or ESXi Shell.
Teach the user how to configure vSphere clusters to support the VMware FT feature Open vSphere Web Client: Verify vSphere HA is enabled: Verify netowrking for vMotion and FT Logging is in place or create it: Turn On FT for a virtual machine: Verify …
Teach the user how to join ESXi hosts to Active Directory domains Open vSphere Client: Join ESXi host to AD domain: Verify ESXi computer account in AD: Configure permissions for domain user in ESXi: Test domain user login to ESXi host:

911 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

18 Experts available now in Live!

Get 1:1 Help Now