Solved

Need To Create Users with shell access on ESXi 5.5 Host with all rights but not to modify permission!!

Posted on 2014-12-12
7
589 Views
Last Modified: 2014-12-28
it was good to configure in 5.1,but in 5.5 am unable to locate option to disable modify permission ?

 is something difference made in 5.1 and 5.5 ? for user creation ?

Can we create users @ ESXi only or VC access is required to create user with modify restriction  ?

Pls share quick and best way to configure using GUI/command line?
0
Comment
Question by:patron
  • 3
  • 3
7 Comments
 
LVL 117
ID: 40495845
Modify what ?

virtual machines ?

or host files ?
0
 
LVL 1

Author Comment

by:patron
ID: 40496063
m sorry if i missed  it earlier. its for modify permission  option should  not be allowed for user created on host.
0
 
LVL 117
ID: 40496107
Yes, but what do you want users to stop modifying files on the host OS or Virtual Machines ?
0
Backup Your Microsoft Windows Server®

Backup all your Microsoft Windows Server – on-premises, in remote locations, in private and hybrid clouds. Your entire Windows Server will be backed up in one easy step with patented, block-level disk imaging. We achieve RTOs (recovery time objectives) as low as 15 seconds.

 
LVL 1

Author Comment

by:patron
ID: 40497837
user should not be able to modify any thing on VC,VM ,Host
0
 
LVL 117

Accepted Solution

by:
Andrew Hancock (VMware vExpert / EE MVE) earned 250 total points
ID: 40497846
Well all those are different.

ESXi Host - not possible (root or nothing).

vCenter Server - Windows Permissions either Local or Active Directory Local Administrator.

Virtual Machines - Windows Permissions either Local or Active Directory Local Administrator.

Create a User for vCenter Server, with no modification permissions, e.g. Read Only to view, but not change machines.
0
 
LVL 5

Assisted Solution

by:Dawid Fusek
Dawid Fusek earned 250 total points
ID: 40501794
not sure how advanced restricted privileged  access You need but there are products like CA ControlMinder (now CA Identity Manager) for Virtual Environment where you can manage root and users permissions up to single command or even a protected shell, where the user (or root) can have access to everything, but may modify only a few or nothing.

It's rather not cheap software and not very easy to implement but if there are a need to privileged access to VE it's one of solution you can consider.

You can read more here:
http://www.ca.com/us/securecenter/ca-privileged-identity-manager-for-virtual-environments.aspx

regards
NTShad0w
0
 
LVL 1

Author Closing Comment

by:patron
ID: 40521365
Thanks
0

Featured Post

IT, Stop Being Called Into Every Meeting

Highfive is so simple that setting up every meeting room takes just minutes and every employee will be able to start or join a call from any room with ease. Never be called into a meeting just to get it started again. This is how video conferencing should work!

Join & Write a Comment

When we have a dead host and we lose all connections to the ESXi, and we need to find a way to move all VMs from that dead ESXi host.
HOW TO: Connect to the VMware vSphere Hypervisor 6.5 (ESXi 6.5) using the vSphere (HTML5 Web) Host Client 6.5, and perform a simple configuration task of adding a new VMFS 6 datastore.
This Micro Tutorial steps you through the configuration steps to configure your ESXi host Management Network settings and test the management network, ensure the host is recognized by the DNS Server, configure a new password, and the troubleshooting…
In this video tutorial I show you the main steps to install and configure  a VMware ESXi6.0 server. The video has my comments as text on the screen and you can pause anytime when needed. Hope this will be helpful. Verify that your hardware and BIO…

758 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

18 Experts available now in Live!

Get 1:1 Help Now