How to Restrict Acces to NetApp StorageConsole in ...

hank-ger · ‎04-14-2011

Hi,

how is it possible to restrict the access to the NetApp StorageConsole Plugin in vCenter?

My problem is, that everybody with access to my vcenter server (vCenter-Role = user) can use the NetApp storageConsole for resizing LUNs or change the BackupJobs.

The goal is, that only vcenter-admins can uses this plugin.

thanks for any help

bulletprooffool · ‎04-14-2011

Does setting the permissions on your Datastores affect this ability?

One day I will virtualise myself . . .

hank-ger · ‎04-14-2011

No!

There are only "one" User (Backupuser) and the Admin-Group from my vCenter which have the permission to the storage.

chriswahl · ‎04-14-2011

I've run in to this issue. The problem is that the VSC (virtual storage console) runs things under a specific user context; as long as you can install the plugin, you have full access to what it does.

I would suggest using IPsec on the server that VSC is installed on to only allow access to that port for specific workstations or personnel. That way they simply cannot connect to the plugin.

VCDX #104 (DCV, NV) ஃ WahlNetwork.com ஃ @ChrisWahl ஃ Author, Networking for VMware Administrators

hank-ger · ‎04-19-2011

Thank you for your help chriswahl00.

Did you think that will be an support request for vmware or netapp?

chriswahl · ‎04-19-2011

To block the plugin? I'd assume NetApp.

VCDX #104 (DCV, NV) ஃ WahlNetwork.com ஃ @ChrisWahl ஃ Author, Networking for VMware Administrators

All

How to Restrict Acces to NetApp StorageConsole in vCenter??