VMware Cloud Community
cengizhan80
Contributor
Contributor
‎05-16-2011 08:07 AM
Jump to solution

Backup of permissions for Active Directory users

Hi,

is there any way (e.g. via vim-cmd), to backup permission settings pertaining to AD users?

I've got a dc that's sometimes briefly failing and anytime that happens, my esxi forgets/looses all permissions for AD users, so that I have to manually input them again afterwards.

:smileyangry:

Or does anyone have another tip for me, that might help preventing the loss of permission setttings for AD users?

Thanks in advance!

0 Kudos
1 Solution

Accepted Solutions
lamw
Community Manager
Community Manager
‎05-16-2011 09:59 AM
Jump to solution

I would investigate why your DC is falling over, as it seems that is causing the initial problems. afaik, once the permissions have been applied, they should persists, but since your DC is falling over, I can't really say what the expected outcome is. You may want to take a look at logs to see if it requires DC to be available to keep the roles/etc.

In any case, if you need to quickly redeploy the rules using vim-cmd, take a look a this blog post - http://www.virtuallyghetto.com/2011/02/automating-active-directory-user.html

These permisisons should be stored under /etc/vmware/hostd/authorization.xml, so you technically could just backup this file and restore if needed. You'll probably have to either restart hostd process or the host for the changes to take effect

View solution in original post

0 Kudos
4 Replies
AndreTheGiant
Immortal
Immortal
‎05-16-2011 08:34 AM
Jump to solution

Have a look at: http://communities.vmware.com/thread/268411

Andrew | http://about.me/amauro | http://vinfrastructure.it/ | @Andrea_Mauro
lamw
Community Manager
Community Manager
‎05-16-2011 09:59 AM
Jump to solution

I would investigate why your DC is falling over, as it seems that is causing the initial problems. afaik, once the permissions have been applied, they should persists, but since your DC is falling over, I can't really say what the expected outcome is. You may want to take a look at logs to see if it requires DC to be available to keep the roles/etc.

In any case, if you need to quickly redeploy the rules using vim-cmd, take a look a this blog post - http://www.virtuallyghetto.com/2011/02/automating-active-directory-user.html

These permisisons should be stored under /etc/vmware/hostd/authorization.xml, so you technically could just backup this file and restore if needed. You'll probably have to either restart hostd process or the host for the changes to take effect

0 Kudos
cengizhan80
Contributor
Contributor
‎05-16-2011 11:44 PM
Jump to solution

Thanks for the reply!

0 Kudos
cengizhan80
Contributor
Contributor
‎05-16-2011 11:45 PM
Jump to solution

Thanks lamw, that is exactly what I have been looking for!

Smiley Happy

0 Kudos