I have a script that I ran on my ESXi 5.0 hosts which required you to be root to execute it. You had to execute the su - command and enter the root password or login as the root account to run the script. The command, su -, does not exist in 5.1 and I am hoping there is some alternative that I can use, besides telling the users to login as root.
I have read that the 5.1 user accounts now have administrative privileges and should no longer need to use the su command, but that doesn't seem to be the case for me. Is there something I am missing?
The first command my script has problems with when I run it as a regular user is "vim-cmd vmsvc/getallvms". I get the following error: Failed to login: vim.fault.NoPermission. This is on a host with no VMs on it.
I appreciate any suggestions.
Maureen
you can use sudo command to instead of su -
It appears the sudo command doesn't exist either. I get the following error: -sh: sudo: not found
I've just tried with my ESXi 5.1 test box and works fine with a local user, don't need su - or sudo.
~ # vim-cmd vmsvc/getallvms
Vmid Name File Guest OS Version Annotation
1 test1 [datastore1 (1)] test1/test1.vmx windows7Server64Guest vmx-09
2 test2 [datastore1 (1)] test2/test2.vmx windows7Server64Guest vmx-09
3 test3 [datastore1 (1)] test3/test3.vmx windows7Server64Guest vmx-09
4 test4 [datastore1 (1)] test4/test4.vmx windows7Server64Guest vmx-09
Have you assigned proper permission to the user? I've assigned Administrator to it for the testing purpose.
Evening,
You might want to look into the vma from vmware this virtual appliance will give you the ability to execute commands on the host without too much escalation.
Just a two cents suggestion.
Thanks,
with the latest version of Vsphere the administrative privileges can be removed from the default root account and individually assigned to Local Users which will provide them full access to the ESXi shell.
Try to edit your user Property and make sure that your user has the “Grant shell access” check-box checked then edit its permission and add it to the Administrator group after that try to execute your script and let me know how it goes .
Hello MCioe,
You can try "runuser" command using root instead of user.
You can use this command to run as another user or as root user.
Hope will help.
Yours,
Mar Vista
I don't have any groups listed when I create users and can't seem to add users to the Administrative group in the vSphere Client. I can see some of the default users (root, dcui) have the Administrator role, but can't seem to add any new accounts. Grant shell access is enabled as I can definitely log into the host with the new user account.
My environment only has the vSphere Client and the ESXi host; i.e. no vCenter. Would that make a difference in the group/role assignment?
Also, runuser does not exist on the ESXi host either.
Here is a short video, this would help but you can ignore the last bit, when he tries su -. It should just work after setting up an user!