VMware Cloud Community
vmwaredude1
Contributor
Contributor
‎10-29-2007 05:37 PM
Jump to solution

Info needed about Permissions

Hi,

Can someone please point me to a document, or if they can share the permission concepts used in ESX and VC?

I am aware of different roles used in VC and ESX, but still I will like to know more about it.

Thanks

0 Kudos
1 Solution

Accepted Solutions
virtualdud3
Expert
Expert
‎10-29-2007 07:42 PM
Jump to solution

Here is a document that should help out greatly:

http://www.vmware.com/pdf/vi3_vc_roles.pdf

###############

If you found this information useful, please consider awarding points for "Correct" or "Helpful". Thanks!!!

############### Under no circumstances are you to award me any points. Thanks!!!

View solution in original post

0 Kudos
5 Replies
GBromage
Expert
Expert
‎10-29-2007 07:27 PM
Jump to solution

Well, in simple terms a "role" is a set of permissions. Such as, the ability to reboot a VM machine, or create a new one.

Then, within your cluster, folder, VM structure you can grant those permissions to a user or group by choosing the object, and selecting the person's user/group and what "role" you want them to play on that object (or ones beneath it.)

If you're familiar with granting permissions on a file system, it's the same mentality. The role defines the rights you're granting, and you assign the NT user or group rights to an object.

I hope this information helps you. If it does, please consider awarding points with the 'Helpful' or 'Correct' buttons. If it doesn't help you, please ask for clarification!
virtualdud3
Expert
Expert
‎10-29-2007 07:42 PM
Jump to solution

Here is a document that should help out greatly:

http://www.vmware.com/pdf/vi3_vc_roles.pdf

###############

If you found this information useful, please consider awarding points for "Correct" or "Helpful". Thanks!!!

############### Under no circumstances are you to award me any points. Thanks!!!
0 Kudos
Texiwill
Leadership
Leadership
‎10-30-2007 05:53 AM
Jump to solution

Hello,

Where you set the roles for users is also important. Remember to set them on the View that makes sense. You would not set a VM role on a resource pool for example, but a Folder would work just fine.

Best regards,

Edward L. Haletky, author of the forthcoming 'VMWare ESX Server in the Enterprise: Planning and Securing Virtualization Servers', publishing January 2008, (c) 2008 Pearson Education. Available on Rough Cuts at http://safari.informit.com/9780132302074

--
Edward L. Haletky
vExpert XIV: 2009-2023,
VMTN Community Moderator
vSphere Upgrade Saga: https://www.astroarch.com/blogs
GitHub Repo: https://github.com/Texiwill
GBromage
Expert
Expert
‎10-30-2007 02:45 PM
Jump to solution

I disagree with you about not setting permissions on resource pools.

In a managed service / hosting environment, it's not unusual for a department to purchase an amount of resources from the central pool, instead of buying their own server(s). So, you'd create a resource pool and set reservations and limits based on your SLA agreement, then grant that department's IT staff rights to the resource pool. They can then create, delete, reboot and manage their own VMs within that pool only.

I hope this information helps you. If it does, please consider awarding points with the 'Helpful' or 'Correct' buttons. If it doesn't help you, please ask for clarification!
0 Kudos
Texiwill
Leadership
Leadership
‎10-31-2007 07:18 AM
Jump to solution

Hello,

Some roles only apply to resource pools and some only apply to VMs, I mimic my resource pools as folders and set VM roles on the folders and resource roles on the pools. I had issues early on where I setup perms on resource pools and the did not work when logging in via the Web site yet did work when using the VIC. This could be a bug in the website but the solution was to put VM type roles only on VM type things (folders, VMs) and resource type roles on resource type things. I really like to keep these things separate as much as possible but the comment was based on my observations of what works with all the myriad ways to access ESX VMs.

Best regards,

Edward L. Haletky, author of the forthcoming 'VMWare ESX Server in the Enterprise: Planning and Securing Virtualization Servers', publishing January 2008, (c) 2008 Pearson Education. Available on Rough Cuts at http://safari.informit.com/9780132302074

--
Edward L. Haletky
vExpert XIV: 2009-2023,
VMTN Community Moderator
vSphere Upgrade Saga: https://www.astroarch.com/blogs
GitHub Repo: https://github.com/Texiwill
0 Kudos