VMware Cloud Community
Massimo1980
Contributor
Contributor
Jump to solution

Users and permissions

I'd like to create a custom user in ESXi, which could do only the following, without having full host administrative rights:

  • Connect to ESXi server

  • Open all the virtual machine consoles

  • Start and stop virtual machines

Specifically, he shouldn't be able to create, delete or modify virtual machines.

Is this possible without VirtualCenter? If yes, how can I do it?

Thanks

Tags (3)
Reply
0 Kudos
1 Solution

Accepted Solutions
Leafy911
Expert
Expert
Jump to solution

Hello

Connect to the ESXi server with Vi client using the root account

Create the user you want to give restricted acces to in the 'Users & Groups' tab

Click on 'Administration' and create a role with the permissions you want to allow for this user.

Click on 'Inventory' and in the left panel right click on the server and select 'Add Permission'

Add the user you created with the role you created

Done, now test by logging in with this new user id

>Useful privileges:

>All privileges > Virtual Machine > Interaction:

>Power On

>Power Off

>Reset

>Console Interaction

Regards

Leafy911

(Dont forget you recieve points when you award points)

Message was edited by: Leafy911

Regards Leafy911 (Dont forget you recieve points when you award points)

View solution in original post

Reply
0 Kudos
5 Replies
Leafy911
Expert
Expert
Jump to solution

Hello

Connect to the ESXi server with Vi client using the root account

Create the user you want to give restricted acces to in the 'Users & Groups' tab

Click on 'Administration' and create a role with the permissions you want to allow for this user.

Click on 'Inventory' and in the left panel right click on the server and select 'Add Permission'

Add the user you created with the role you created

Done, now test by logging in with this new user id

>Useful privileges:

>All privileges > Virtual Machine > Interaction:

>Power On

>Power Off

>Reset

>Console Interaction

Regards

Leafy911

(Dont forget you recieve points when you award points)

Message was edited by: Leafy911

Regards Leafy911 (Dont forget you recieve points when you award points)
Reply
0 Kudos
Massimo1980
Contributor
Contributor
Jump to solution

I'm logged in as root and I have created the new user, but when I click on "Administration" the "Role" submenu is greyed out.

Reply
0 Kudos
Leafy911
Expert
Expert
Jump to solution

Sounds like your still in the 'Inventory' view. You need to be in 'Administration' view first, see my attachment.

Regards

Leafy911

(Dont forget you recieve points when you award points)

Regards Leafy911 (Dont forget you recieve points when you award points)
Massimo1980
Contributor
Contributor
Jump to solution

Ok, now it works, thanks.

Reply
0 Kudos
Leafy911
Expert
Expert
Jump to solution

Glad to be of service :smileygrin:

Regards

Leafy911

(Dont forget you recieve points when you award points)

Regards Leafy911 (Dont forget you recieve points when you award points)
Reply
0 Kudos