VMware Cloud Community
GunSoftEx
Contributor
Contributor
‎01-16-2015 02:05 AM

VCenter full personalized localOs accounts with patch ability in VCenter 5.5

Hello

for our litte PCI - Environment work this fine

Center localOs Accounts with patch VCenter 5.5

| = or

shell root | ssh root ->vcenter-server

useradd | usermod -g users -G wheel -d /home/user -m -s /bin/bash user

mkdir /home/user

chmod -c u=rwx,g=rx,o=rx  /home/user

For easy and full command list as an administrator: 

shell root vcenter -> echo $PATH -> /sbin:/usr/sbin:/usr/local/sbin:/usr/local/bin:/usr/bin:/bin:/usr/X11R6/bin:/usr/games:/usr/lib/mit/bin:/usr/lib/mit/sbin:/usr/java/jre-vmware/bin:/opt/vmware/bin

Save this:

vi /root .bashrc PATH=/sbin:/usr/sbin:/usr/local/sbin:/usr/local/bin:/usr/bin:/bin:/usr/X11R6/bin:/usr/games:/usr/lib/mit/bin:/usr/lib/mit/sbin:/usr/java/jre-vmware/bin:/opt/vmware/bin

Copy for the Admin (user)

cp /root/.bashrc /home/user

Sudo for admins

sudo visudo -f /etc/sudoers

user1 ALL = NOPASSWD: ALL

user2 ALL = NOPASSWD: ALL

user3 ALL = NOPASSWD: ALL

Change the Password Policy here for your requirements

Example:

vi /etc/pam.d/common-password

password        requisite       pam_cracklib.so dcredit=1 ucredit=1 lcredit=1 ocredit=1 minlen=7 difok=1/2 retry=6

password        required        pam_pwhistory.so enforce_for_root remember=4 retry=6

password        required        pam_unix2.so    use_authtok

Don't forget grant the admin rights in the VCenter

https://VCenter_IP:9443/vsphere-client/#

Access rights for all user in VCenter Webui and patching https://VCenter_IP:5480

shell root

vi /etc/pam.d/vami-sfcb      

auth       required     pam_succeed_if.so uid eq 0  -> uid >= 0

Greetings

0 Kudos
0 Replies