Correct, without vc, you can't assign permissions at that level. You'll have to assign at the host level. With VC, you have more flexibility and can assign permissions at other levels.

-KjB

Yes, apparently, this works no longer in 3.5

-KjB

Hello,

If you need this functionality then I suggest you open a support case with your VMware Support Representative. That would be the proper way to get what you need back in. However, you may be able to use the Virtual Machine and Template View and apply the permissions to folders?

Best regards,

Edward L. Haletky

VMware Communities User Moderator

====

Author of the book 'VMWare ESX Server in the Enterprise: Planning and Securing Virtualization Servers', Copyright 2008 Pearson Education.

CIO Virtualization Blog: http://www.cio.com/blog/index/topic/168354

As well as the Virtualization Wiki at http://www.astroarch.com/wiki/index.php/Virtualization

Hi Texiwill,

Thanks for the suggestion. I'll raise this with VMware.

"you may be able to use the Virtual Machine and Template View and apply the permission to folders"

I'm not sure, but is that also only in Virtual Center? I can't see it in standalone ESX, and as far as I know standard ESX has no concept of templates or folders. Just virtual machines and resource pools.

Quoting from "Basic System Administration" for ESX 3.5 ---

Under "Assigning Access Permissions" (on page 275):

The objects that can have permissions assigned to them are:

• In VirtualCenter – Folders, datacenters, clusters, resource pools, hosts, virtual achines

• In ESX Server – Resource pools, the host, virtual machines

So either the function is "broken" in the new version, or the documentation is wrong. (VMware should fix one or the other - I would prefer that the missing function be restored.)

Stephen

I encountered the same thing in Update 2 and have opened an SR with VMware on the issue. More to come when I hear back from them - probably not until next week.

Apparently they did intentionally remove it, which makes me really mad. I did a search in the KB and returned an article that said that they removed it "by design" and that the feature "may" be restored in some "future" version of the software. That future version really needs to come very quickly.

> I did a search in the KB and returned an article that said that they removed it "by design"

So if you login as root, you can't change the permissions either? I would have to say, this is what MS does, they take features away without first making sure people AREN'T still utilizing them.. So I would agree you should be a little ticked, that features you were using are no longer available..

Only on the host - not on the pools or VMs. Guess they figured they could push VC a little bit better if they rolled back a few of the features that people did use and then push you to VC when you request it. I've also contacted my local reseller and expressed my disgust over the matter to them. I'm a small enough installation (don't spend enough $$ with them to begin with) that I'm not real optimistic that I'm actually going to be heard in halls of VMware on this issue, but I'll push all the buttons I can find to let them know how unhappy I am about this.

:smileymischief:

Hi all,

are there any news about this?

Any changes in the newest version?

BR

Chris

Can anyone please double-check if it works with the VI-Client from the VC (maybe with the trial) with direct connection to the ESX?

In my test environment I've the permissions tabs with the VC VI-Client.

BR

Chris

Any further information on this? Are VMware actually thinking it will be THIS that tips the scale for buying VC? I'm starting to strafe in the other direction if this is how they do marketing...

... and I take it all back. Thanks, and cheers VMware!

I realize this is an old thread, but it pops up frequently in my searches so I thought I'd update for the benefit of others who may be as novice as I am. The permissions thing was added back in to VI3.