VirtuallyWright
Contributor
Contributor

As ISTAustria explained, adding the read-only role for the user on the host where the server currently resides, they are then able to get web console access (if you have set Console interaction privilege at a VM folder level). But as mentioned they then can see more than they should. 

Hope that helps. I'm hoping that VMware will fix this in the next release or have a better workaround