patron
asked on
Issue after adding Esxi 4.1 into Ad Domain
added my host using vi client to Ad domain.
Tried to login with domain id part of AD Group named : ESX Admins -login is fine.
but unable to use any command like we are able to perform in 5.1 for domain ids ?
kindly advice if any more config required to use domain id with root privilege ?
and how can we add local user on esxi 4.1 with root privilege ?
Tried to login with domain id part of AD Group named : ESX Admins -login is fine.
but unable to use any command like we are able to perform in 5.1 for domain ids ?
kindly advice if any more config required to use domain id with root privilege ?
and how can we add local user on esxi 4.1 with root privilege ?
ASKER
everything is fine using vi client.
but if i take putty using domain id and run any command like esxtop or esxcfg-nics -l
showing output :ash: esxtop or esxcfg :not found
please advice if any more config required for it, id is already part of group named Esx Admins
but if i take putty using domain id and run any command like esxtop or esxcfg-nics -l
showing output :ash: esxtop or esxcfg :not found
please advice if any more config required for it, id is already part of group named Esx Admins
This is because the path is not set for your user.
change to /sbin
and try the commands, and you may also need to su to root
change to /sbin
and try the commands, and you may also need to su to root
ASKER
In 5.1, we simply added host to ad domain and all user form group named Esx Admins were able to do everything as earlier doing with root.
but here after adding host Esxi 4.1 to ad domain, we are able to do everything form vi client using domain id part of Esx admins group..but when trying to run any command form putty saying not found ?
Please help to get this resolved..or if any specific configuration we have to do using any command line /file ?
but here after adding host Esxi 4.1 to ad domain, we are able to do everything form vi client using domain id part of Esx admins group..but when trying to run any command form putty saying not found ?
Please help to get this resolved..or if any specific configuration we have to do using any command line /file ?
Yes, 3.x, 4.x and 5.x are different!
type /sbin/ in front of the command
type /sbin/ in front of the command
ASKER
tried sudo su - /sbin
in all cases..showing command not found
in all cases..showing command not found
so if you do the following it does not work...
cd /sbin
./esxcfg-nics
or
/sbin/esxcfg-nics
it works for me.
and it's bcause your path does not include /sbin
type echo $PATH
what is your path ?
This is ALL standard UNIX/LINUX stuff
cd /sbin
./esxcfg-nics
or
/sbin/esxcfg-nics
it works for me.
and it's bcause your path does not include /sbin
type echo $PATH
what is your path ?
This is ALL standard UNIX/LINUX stuff
ASKER
/bin
Yes, that's the issue, update your path as posted.
ASKER
great, i tried for /sbin/esxcfg-nics
got output for options..but i use any of options like /sbin/esxcfg-nics -l
showing Error:Error During version check:Failed to get vmkernel version:Operation not permitted[Running as non root?]
would be great help if we can get this fixed ?
got output for options..but i use any of options like /sbin/esxcfg-nics -l
showing Error:Error During version check:Failed to get vmkernel version:Operation not permitted[Running as non root?]
would be great help if we can get this fixed ?
Yes, you are non ROOT!
type su (followed by root password)
see here
Local ESX/ESXi 4.1 users are not able to issue any administrative commands (2005299)
type su (followed by root password)
see here
Local ESX/ESXi 4.1 users are not able to issue any administrative commands (2005299)
ASKER
Please advice ,how to configure it in a way, so that domain user can use command ..as we use with root id
You need to use SU
This is normal for ESXi 4.1! (yes different to ESXi 5.x)
This is an expected behavior in ESX/ESXi 4.1. Non-root users are not permitted to run administrative commands on an ESX/ESXi 4.1 host. This is true even if they have been granted the administrator role.
Source
http://kb.vmware.com/kb/2005299
This is normal for ESXi 4.1! (yes different to ESXi 5.x)
This is an expected behavior in ESX/ESXi 4.1. Non-root users are not permitted to run administrative commands on an ESX/ESXi 4.1 host. This is true even if they have been granted the administrator role.
Source
http://kb.vmware.com/kb/2005299
ASKER
Thanks a lot, got it.
but now i need to solve it some how?
but now i need to solve it some how?
There is no solution.
You will need to su, type in root password.
It's how it's been designed.
You will need to su, type in root password.
It's how it's been designed.
ASKER
really.. then what is use of creating/adding user ?
if we cant use domain ids to run command like we do in 5.1.
if we cant use domain ids to run command like we do in 5.1.
ASKER
Thanks for all ur supportive info here,but still m looking if we can have some way to get this configured, with out using root cred. each time?
Did you read the VMware KB ? There is a workaround published, which is to use su, maybe it's a bug, but VMware ESXI 4.1 is no longer supported, and unlikely to be fixed.
This is an expected behavior in ESX/ESXi 4.1. Non-root users are not permitted to run administrative commands on an ESX/ESXi 4.1 host. This is true even if they have been granted the administrator role.
Source
http://kb.vmware.com/kb/2005299
This is an expected behavior in ESX/ESXi 4.1. Non-root users are not permitted to run administrative commands on an ESX/ESXi 4.1 host. This is true even if they have been granted the administrator role.
Source
http://kb.vmware.com/kb/2005299
ASKER
su is fine..to use su everything..it will again ask for root cred right ?
so what's the use of using this su every time
m looking for solution like where root should not be used in any case ?
so what's the use of using this su every time
m looking for solution like where root should not be used in any case ?
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
Thanks a lot.
See here for details, and the video
http://blogs.vmware.com/vsphere/2011/01/esxi-41-active-directory-integration.html