Re: Permissions for Update Manager

Ascendancer · ‎07-14-2019

Hello together,

i recently applied a nice little permission concept for a larger vCenter Installation.

We have multiple units all over the world, and they get admin rights on the Folders wherein there Cluster/Host/VMs/Datastore/Network Objects are located. We in the HQ have those rights on the vCenter Object. (I´n not diving into lesser permissions here, but they are also in place).

One Admin now wants to update his hosts by himself and demands Update Manager rights (create Baselines etc.).

Since i cannot find the answer on the web here's the question:

Do i have to grant him rights to update manager on the vCenter Server object in vCenter (i strongly suspect so), which would defeat our permission concept or can it be done just for his Infrastructure.

I gave a test user the same rights and update manager is not working like he described it. He has full admin role on his Cluster/Host/VMs/Datastore/Network Objects.

Your help is appreciated

Ascendancer · ‎07-14-2019

i forgot:

vCenter 6.7 U1

jburen · ‎07-15-2019

See Update Manager Privileges . Afaik these privileges can be configured for a role but must be applied at the root level. I'm not sure though about the Manage Patches and Upgrades privileges. Could be that these can be applied at a lower level.

Consider giving Kudos if you think my response helped you in any way.

Ascendancer · ‎07-15-2019

Thanks jburen

However, i cannot find any documentation on which permissions must be set on vCenter level to work. I did some searching already, but cannot find anything. Any hints anybody?

I want to avoid making a VMware support ticket for this, that would be a bit over the top.

All

Permissions for Update Manager