VMware Cloud Community
raog
Expert
Expert
‎11-18-2013 04:01 AM
Jump to solution

How to create user for accessing web console of Vcenter Server Appliance

The console by default is located at https://<ip>:5480

For VC appliance, the default user that has access is root. Can I create another system level user and grant him access to the console?

I tried creating a user via useradd -m consoleuser and changed his passwd.. however I am not able to login to the web console with this user..

On a similar note, can I give access to the console to an AD user?

Regards

Girish

To Virtualization and beyond! PS::If you felt the answer as helpful, please mark it as helpful/answered so that it helps other users as well! Blog:: www.virtualtipsntricks.com
Tags (1)
0 Kudos
1 Solution

Accepted Solutions
kegman21
Contributor
Contributor
‎08-14-2014 04:13 PM
Jump to solution

This is likely unsupported by VMware, but it appears they're locking down the web console access via pam rules.

You'd need to edit the file /etc/pam.d/vami-sfcb to change the line reading 'auth     required     pam_succeed_if.so uid eq 0' to change to succeed/deny rule.

For example you could change the line to read 'auth     required     pam_succeed_if.so uid >= 0' and then allow any user with a UID of 0 or higher to login to the web console.

View solution in original post

0 Kudos
8 Replies
admin
Immortal
Immortal
‎11-20-2013 09:22 AM
Jump to solution

You have created a limited role that allows for deployment of virtual machine templates. Create a vCenter Server user, which you can associate with the newly-created limited role. You can create new users in the vSphere Web Client.

You can associate roles with users and groups, so that the privileges provided by a role are only available to specific users.

In Windows-based vCenter Server installations, the administrator of the vCenter Server system is a separate entity from the administrator of vCenter Single Sign On.

Procedure

1

Log in to the vSphere Web Client as the vCenter Single Sign On administrator.

a

In the User name text field, type admin@System-Domain.

b

In the Password text field, type My_password1.

You set the vCenter Single Sign on password during the vCenter Server installation scenario.

2

Click Administration.

3

Click SSO Users and Groups, and click the Users tab.

4

Click the New User icon.

5

Fill in the required information to create a new user.

a

In the Username text field, type user-deploy.

b

In the Password text field, type deploy-password.

c

Click Regular user.

d

Click OK.

6

Log out of the vSphere Web Client.

0 Kudos
raog
Expert
Expert
‎11-21-2013 02:16 AM
Jump to solution

This user has permissions to access VC just fine. I want him to be able to access the web console.

Regards

Girish

To Virtualization and beyond! PS::If you felt the answer as helpful, please mark it as helpful/answered so that it helps other users as well! Blog:: www.virtualtipsntricks.com
0 Kudos
dhanarajramesh
Expert
Expert
‎11-26-2013 09:45 PM
Jump to solution

the vcenter apps is unix so u can add user as unix command
first login thru ssh with your root. then add user as below:
type: useradd -m "username"
To set a password to the newly created account
  type: passwd "username"
it will ask you the password
moreover in order to add this user to sudo privilege as root account, you have to edit the sudo by typing: vi sudo then edit this file as mentioned in the attache and add the user and permisiion to all
  with this new user id you may able to access the cweb console
example i have added dramesh to sudo privilege

Preview file
41 KB
0 Kudos
raog
Expert
Expert
‎11-26-2013 09:50 PM
Jump to solution

that's what i have already done as per my original post.. did you even read it?

Regards

Girish

To Virtualization and beyond! PS::If you felt the answer as helpful, please mark it as helpful/answered so that it helps other users as well! Blog:: www.virtualtipsntricks.com
0 Kudos
dhanarajramesh
Expert
Expert
‎11-26-2013 10:16 PM
Jump to solution

did you give sudo privilage to the user? i will try at my home lab, try this may be it will help you, http://virtual-drive.in/2011/12/18/creating-local-user-accounts-on-vcenter-server-appliance/

0 Kudos
raog
Expert
Expert
‎11-26-2013 10:19 PM
Jump to solution

Yes i did. Its a 5.5 VCVA btw.

Regards

Girish

To Virtualization and beyond! PS::If you felt the answer as helpful, please mark it as helpful/answered so that it helps other users as well! Blog:: www.virtualtipsntricks.com
0 Kudos
kegman21
Contributor
Contributor
‎08-14-2014 04:13 PM
Jump to solution

This is likely unsupported by VMware, but it appears they're locking down the web console access via pam rules.

You'd need to edit the file /etc/pam.d/vami-sfcb to change the line reading 'auth     required     pam_succeed_if.so uid eq 0' to change to succeed/deny rule.

For example you could change the line to read 'auth     required     pam_succeed_if.so uid >= 0' and then allow any user with a UID of 0 or higher to login to the web console.

0 Kudos
raog
Expert
Expert
‎08-17-2014 09:06 PM
Jump to solution

Thanks! That worked.

Regards

Girish

To Virtualization and beyond! PS::If you felt the answer as helpful, please mark it as helpful/answered so that it helps other users as well! Blog:: www.virtualtipsntricks.com
0 Kudos