[Webinar] Streamline your web hosting managementRegister Today

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 371
  • Last Modified:

admin role in vcenter

can anyone provide some examples of the kind of issue/risk if an unauthorised user gained access to vcenter with an account with the admin role permissions. I am trying to gauge the potential risk if this ever happened.
0
pma111
Asked:
pma111
  • 2
1 Solution
 
Andrew Hancock (VMware vExpert / EE MVE^2)VMware and Virtualization ConsultantCommented:
1. Stop Virtual Machines
2. Delete Virtual Machines
3. Remove ESXi Hosts from vCenter Server.
4. Shutdown ESXi Hosts
5. Reboot ESXi Hosts
6. Potentially Access Console or Hosts
7. Potentially obtain files from VMs
8. Many Risks.....
0
 
pma111Author Commented:
Any risks from a data security standpoint, i.e. a virtual file server with sensitive payroll xls - can they access that from there?
0
 
Andrew Hancock (VMware vExpert / EE MVE^2)VMware and Virtualization ConsultantCommented:
Yes, an Admin could do the following:-

1. Power off VM.
2. Copy the Virtual Machine Disk to local laptop.
3. Mount the virtual machine disk (VMDK) as a drive letter, overcoming ANY OS Active Directory or Unix Login.
4. Inspect the data.

Easy!

if you wanted to do this secretly, without turning off the VM.

1. Clone the VM, whilst the VM was on.
2. Copy the Virtual Machine CLONE Disk to local laptop.
3. Delete the CLONE VM.
4. 3. Mount the virtual machine disk (VMDK) as a drive letter, overcoming ANY OS Active Directory or Unix Login.
4. Inspect the data.

Easy!

Virtualisation Administrators have more POWER, than your usual Domain Administrators!

Domain Administrators are responsible for Microsoft Active Directory Management (e.g  Domain, usernames and accounts, passwords , group policy).

Virtualisation Administrators are not often Domain Administrators, but they can be!
0

Featured Post

Hire Technology Freelancers with Gigs

Work with freelancers specializing in everything from database administration to programming, who have proven themselves as experts in their field. Hire the best, collaborate easily, pay securely, and get projects done right.

  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now