VMware Cloud Community
chadguiney
Contributor
Contributor
‎01-08-2020 05:19 AM
Jump to solution

User Permissions for network

I have a user who was getting an error that they did not have sufficient privileges to a certain network when adding a network card for a certain network. Looking at the permissions at the cluster level it shows he is Administrator for "This object and its children" Wouldn't that give him Administrator access to everything including the networks defined in that cluster?

0 Kudos
1 Solution

Accepted Solutions
scott28tt
VMware Employee
VMware Employee
‎01-08-2020 06:48 AM
Jump to solution

Networks are not child objects of a cluster:

vSphere Managed Inventory Objects


-------------------------------------------------------------------------------------------------------------------------------------------------------------

Although I am a VMware employee I contribute to VMware Communities voluntarily (ie. not in any official capacity)
VMware Training & Certification blog

View solution in original post

0 Kudos
3 Replies
Alex_Romeo
Leadership
Leadership
‎01-08-2020 05:29 AM
Jump to solution

Hi,

VMware Knowledge Base

To modify virtual machine network settings, you require these permissions:

  • Network > Assign Network
  • Virtual Machine > Configuration > Modify device settings
  • Virtual Machine > Configuration > Settings

To enable these permissions:

  1. Connect vSphere Client to vCenter Server.
  2. Click Home.
  3. Click Roles.
  4. To create a new user role, right-click on a blank area and select Add.
  5. Enter a name, For example, VM Network Admin.
  6. Expand Network and select Assign network.
  7. Expand Virtual Machine > Configuration, select Modify device settings and Settings.
  8. Click OK.
  9. Add permission for this user at the datacenter level and assign the role to this user.

ARomeo

Blog: https://www.aleadmin.it/
0 Kudos
chadguiney
Contributor
Contributor
‎01-08-2020 06:42 AM
Jump to solution

Thanks for the reply ARomeo. Looking closer at this it looks like the user has "Virtual machine user (sample)" at the Data center level but "Administrator" Role at the cluster level and "This object and its children" under the "Defined in" column. So I am correct in assuming the permissions at the Data center level are overriding his permissions at the cluster level for Network settings? I figured since he was Administrator at the cluster level he would be Administrator for the network settings at that cluster.

0 Kudos
scott28tt
VMware Employee
VMware Employee
‎01-08-2020 06:48 AM
Jump to solution

Networks are not child objects of a cluster:

vSphere Managed Inventory Objects


-------------------------------------------------------------------------------------------------------------------------------------------------------------

Although I am a VMware employee I contribute to VMware Communities voluntarily (ie. not in any official capacity)
VMware Training & Certification blog
0 Kudos