I have group of workflow ,I want a particular user to execute a certain workflows only .
Is it possible in vCenter Orchetrator ?? If possible how ??
Permissions can be set on group level, not on user level.
To add/delete permissions for a given workflow using the vCO Swing Client:
1) Navigate to the target workflow
2) Press 'edit' button
3) Go to 'Permissions' tab
4) Press 'add access rights' or 'delete selected access rights' buttons (located in the top left corner)
5) Using the filter edit box, list/select the group you want to give/restrict permissions on this workflow
6) Check/uncheck the appropriate check box(es) for the 5 possible access rights. In your use case, the most interesting permission is 'Execute' (uncheck it to restrict execute permission).
7) Press 'Select' button to accept your selection.
😎 Press 'Save and close' button to exit from edit mode
The next time you login as a user that is member of this group, you should not be able to start a new workflow execution for this workflow.
Hope this helps,
I have a problem on setting permissions on a workflow.
By "Edit access rights" for the workflow, I correctly configured the workflow to only be viewable for a group of users. However, when I log into vCO client or web operator as an user from the group, I find myself still able to edit/execute the workflow.
Based on my understanding, I believe this is because this group is configured as the vCO admin group, so users from the group always have full permissions on the workflows no matter how the access rights have been configured on them.
So I thought of changing the vCO admin group for the vCenter Orchestrator server to another. But with this change, the user isn't able to log into vCO client/web operator any more as he's no longer in the vCO admin group.
This seems to be a paradox? Or am I missing anything? It will be great if you can offer some help, thanks in advance!
Never mind, I got the solution from another post.
To make a non-vcoadmin user able to log on to vCO client/web operator, all that needs to be done is to edit the access rights for the root element and
grant view privilege for the group that the non-vcoadmin user is in.