Currently the devs used a script that uses a single user - security & accountability = bad
1) Setup up a groups system whereby dev1 and dev2 and in future lots of devs can have access to vsphere via Production Domain group membership (ie ability to create/delete vms but only those belonging to/created by their "group")
NB: This would also give users like dev1/dev2 the ability to log into vsphere to see vms created etc.
My initial thought is an AD group, but I am not sure how to proceed past that?
Its a 5.1 vSphere environment