Security Help!

teasley66 · ‎12-28-2007

I am running ESX 3.0.1 with 10 VMs running on the host machine. I use the VI Client to manage the host. I am totally lost in understanding the security model around ESX server. I have a need to give access to a few people to be able to use either the VI Client or the WebUI to do Shut Down and Start Up rights on just some of the 10 VMs running on my host machine. I have created Users for them and put those users in a Group. Can someone give me the proper scenario for accomplishing this or some good documentation that outlines this process??

RParker · ‎12-28-2007

I would setup a VC (Virtual Center Server) for your 1 host, because you can use the VC to authenticate against the domain. Even if you have only 1 host, eventually you will probably need a VC anyway, so that's the best way to give access.

This will become a hassle if you give individual access for each user on the host itself, you are better off using VC. Then you can simply add them to a resource pool and add permissions, even create a group for this purpose, so all you have to do is add a user to a group with permissions on the VC, that's it.

Otherwise you need to use the VI console, and add users and give them rights, and add them to the VM/Host anyway... so why not make it easier for you.

CiscoKid · ‎12-28-2007

If you have just the standard licensing agreement that does not include VirtualCenter you can certainly integrate a single host with Active Directory and then add those users locally to the ESX server as explained in this PDF .

All

Security Help!