Want to protect your cyber security and still get fast solutions? Ask a secure question today.Go Premium

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 733
  • Last Modified:

Need To Create Users with shell access on ESXi 5.5 Host with all rights but not to modify permission!!

it was good to configure in 5.1,but in 5.5 am unable to locate option to disable modify permission ?

 is something difference made in 5.1 and 5.5 ? for user creation ?

Can we create users @ ESXi only or VC access is required to create user with modify restriction  ?

Pls share quick and best way to configure using GUI/command line?
0
patron
Asked:
patron
  • 3
  • 3
2 Solutions
 
Andrew Hancock (VMware vExpert / EE MVE^2)VMware and Virtualization ConsultantCommented:
Modify what ?

virtual machines ?

or host files ?
0
 
patronAuthor Commented:
m sorry if i missed  it earlier. its for modify permission  option should  not be allowed for user created on host.
0
 
Andrew Hancock (VMware vExpert / EE MVE^2)VMware and Virtualization ConsultantCommented:
Yes, but what do you want users to stop modifying files on the host OS or Virtual Machines ?
0
Independent Software Vendors: We Want Your Opinion

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

 
patronAuthor Commented:
user should not be able to modify any thing on VC,VM ,Host
0
 
Andrew Hancock (VMware vExpert / EE MVE^2)VMware and Virtualization ConsultantCommented:
Well all those are different.

ESXi Host - not possible (root or nothing).

vCenter Server - Windows Permissions either Local or Active Directory Local Administrator.

Virtual Machines - Windows Permissions either Local or Active Directory Local Administrator.

Create a User for vCenter Server, with no modification permissions, e.g. Read Only to view, but not change machines.
0
 
Dawid FusekVirtualization Expert, Sr B&R, Storage SpecialistCommented:
not sure how advanced restricted privileged  access You need but there are products like CA ControlMinder (now CA Identity Manager) for Virtual Environment where you can manage root and users permissions up to single command or even a protected shell, where the user (or root) can have access to everything, but may modify only a few or nothing.

It's rather not cheap software and not very easy to implement but if there are a need to privileged access to VE it's one of solution you can consider.

You can read more here:
http://www.ca.com/us/securecenter/ca-privileged-identity-manager-for-virtual-environments.aspx

regards
NTShad0w
0
 
patronAuthor Commented:
Thanks
0

Featured Post

Keep up with what's happening at Experts Exchange!

Sign up to receive Decoded, a new monthly digest with product updates, feature release info, continuing education opportunities, and more.

  • 3
  • 3
Tackle projects and never again get stuck behind a technical roadblock.
Join Now