Need To Create Users with shell access on ESXi 5.5 Host with all rights but not to modify permission!!

it was good to configure in 5.1,but in 5.5 am unable to locate option to disable modify permission ?

 is something difference made in 5.1 and 5.5 ? for user creation ?

Can we create users @ ESXi only or VC access is required to create user with modify restriction  ?

Pls share quick and best way to configure using GUI/command line?
LVL 1
patronAsked:
Who is Participating?

Improve company productivity with a Business Account.Sign Up

x
 
Andrew Hancock (VMware vExpert / EE MVE^2)Connect With a Mentor VMware and Virtualization ConsultantCommented:
Well all those are different.

ESXi Host - not possible (root or nothing).

vCenter Server - Windows Permissions either Local or Active Directory Local Administrator.

Virtual Machines - Windows Permissions either Local or Active Directory Local Administrator.

Create a User for vCenter Server, with no modification permissions, e.g. Read Only to view, but not change machines.
0
 
Andrew Hancock (VMware vExpert / EE MVE^2)VMware and Virtualization ConsultantCommented:
Modify what ?

virtual machines ?

or host files ?
0
 
patronAuthor Commented:
m sorry if i missed  it earlier. its for modify permission  option should  not be allowed for user created on host.
0
Improve Your Query Performance Tuning

In this FREE six-day email course, you'll learn from Janis Griffin, Database Performance Evangelist. She'll teach 12 steps that you can use to optimize your queries as much as possible and see measurable results in your work. Get started today!

 
Andrew Hancock (VMware vExpert / EE MVE^2)VMware and Virtualization ConsultantCommented:
Yes, but what do you want users to stop modifying files on the host OS or Virtual Machines ?
0
 
patronAuthor Commented:
user should not be able to modify any thing on VC,VM ,Host
0
 
Dawid FusekConnect With a Mentor Virtualization Expert, Sr B&R, Storage SpecialistCommented:
not sure how advanced restricted privileged  access You need but there are products like CA ControlMinder (now CA Identity Manager) for Virtual Environment where you can manage root and users permissions up to single command or even a protected shell, where the user (or root) can have access to everything, but may modify only a few or nothing.

It's rather not cheap software and not very easy to implement but if there are a need to privileged access to VE it's one of solution you can consider.

You can read more here:
http://www.ca.com/us/securecenter/ca-privileged-identity-manager-for-virtual-environments.aspx

regards
NTShad0w
0
 
patronAuthor Commented:
Thanks
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.