Solved

VSphere Client Role Permissions

Posted on 2013-05-17
3
403 Views
Last Modified: 2013-06-06
Hey folks - Is it possible to apply a security role permission to a group of virtual machines rather than assign the role permission individually to each virtual machine?

Basically, I would like to clone an existing sample role and use it for helpdesk staff, but I am being lazy and do not want to edit the permissions on each server.  I would like to group the servers and apply the new permission role all members of the virtual machine group.


Thanks
0
Comment
Question by:LenCepeda
  • 2
3 Comments
 
LVL 119

Accepted Solution

by:
Andrew Hancock (VMware vExpert / EE MVE^2) earned 250 total points
ID: 39175688
Yes.

see Chapter 4 - Authentication and User Management - Page 41

vSphere Security Guide

if you have a Default installation, you have probably added everyone as Administrator!

Assigning Permissions to Folders (if you switch to VM and Template view), and defining and creating Groups in Active Directory, adding these groups to the folders, with specific VMware vCenter Server Roles, allows you to define very granular security and access to VMs.

Developer Access via vSphere Client
We have a group of Developers, we let access our VMware vSphere vCenter Server (ESXi Farm), but we only allow them access to *THEIR VMs*, they have the ability to power on, off, shutdown, restart, add floppy disks, add cdroms, but no other functions, just like a normal computer.

When they login, they only see the above screenshot, but their VMs are shared with 1000s more!
0
 
LVL 11

Assisted Solution

by:rafael_acc
rafael_acc earned 250 total points
ID: 39184235
LenCepeda,

This is possible indeed. As advised already, you could use folders! It is very similar to how you do it using Active Directory - in this case you would use OU (Organizational Units).

However, I do believe it is best you read the chapter in the book ... it is a very good one and it would eventually clarify your doubts, but also give you a better insight and best practices recommendations.

thanks
0
 
LVL 119
ID: 39199684
Do you need further help with this question?
0

Featured Post

PRTG Network Monitor: Intuitive Network Monitoring

Network Monitoring is essential to ensure that computer systems and network devices are running. Use PRTG to monitor LANs, servers, websites, applications and devices, bandwidth, virtual environments, remote systems, IoT, and many more. PRTG is easy to set up & use.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

In this article, I will show you HOW TO: Install VMware Tools for Windows on a VMware Windows virtual machine on a VMware vSphere Hypervisor 6.5 (ESXi 6.5) Host Server, using the VMware Host Client. The virtual machine has Windows Server 2016 instal…
In this article we will learn how to backup a VMware farm using Nakivo Backup & Replication. In this tutorial we will install the software on a Windows 2012 R2 Server.
Teach the user how to use vSphere Update Manager to update the VMware Tools and virtual machine hardware version Open vSphere Client: Review manual processes for updating VMware Tools and virtual hardware versions: Create a new baseline group in vSp…
This tutorial will walk an individual through the steps necessary to enable the VMware\Hyper-V licensed feature of Backup Exec 2012. In addition, how to add a VMware server and configure a backup job. The first step is to acquire the necessary licen…

809 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question