krishnaprasad
Hot Shot
Hot Shot

We can create a local user in ESXi and assign it only for accessing sfcb (CIM).

  1. Create a local user in ESXi (Using esxcli system account add)
  2. Add permission only for sfcbd by editing /etc/security/access.conf
    1. +:cimuser:sfcb

  3.   Now a remote client can access VMware CIM classes using this local user account. However ssh and other root  permissions will not be available for this user.


I hope this is what we were looking for ? . However note that /etc/security/access.conf is recreated on every boot and hence whatever modifications done to this file manually may not be persistent (need to check though).


Thanks,

Krishnaprasad

Reply
0 Kudos