VMware Cloud Community
ph2013
Enthusiast
Enthusiast
‎11-21-2017 06:32 AM

Are vrealize operations privileges in vCenter required?

I created a new vRealize Operations 6.6.1 instance and added a vCenter.    I logged in to the vCenter and saw new Role privileges available under Global including "vrealize operations read only role".   In vrealize operations, I provided Read only permissions to an AD group but did NOT apply any permissions for them directly in the vcenter itself so they currently can access vRealize for troubleshooting, etc. but cannot access the vCenter via vSphere or Web Client.  This is what I hoped to achieve but now I want to determine what the benefit would be for assigning the new vrealize operations privileges to AD groups in vCenter since the privileges do not appear to be required.

0 Kudos
2 Replies
sxnxr
Commander
Commander
‎11-21-2017 06:42 AM

If you add a user or group within vcenter to the vrops read only you dont need to add users directly into vrops.

That user can then login to vrops and get read only permissions in vrops without the need to create vrops users or groups. I think when they log in to vrops they use the drop down box and pick vcenter user or something like that

I am pretty sure that is how it works

0 Kudos
MichaelRyom
Hot Shot
Hot Shot
‎12-04-2017 01:22 PM

Hi ph2013

Have a look at the requirement of vRops role in vCenter. Still think these apply

https://communities.vmware.com/people/cferber/blog/2015/11/19/minimum-vcenter-permissions-required-f...

Blogging at https://MichaelRyom.dk
0 Kudos