I'm just trying to setup a vcops and I'm a little bit confuse about the vcenter permission requirements.
First, the wizard asks me an OPTIONAL information about hosting vCenter Server (vcenter that hosts the vcops appliance????) ...why the appliance wants to know this information?
Then the wizard asks the information about the vcenter to monitor: "Registration User" and "Collector User (optional)"...what are the differences? Which are the minimum permission? I see in the admin guide that the user for collecting information could be an read-only user at root vcenter inventory...but nothing abou the Registration/Collector user.
Thank you.
Registration user and collector user are different, in that registration user need reg/unreg extension, license priv's, etc. Whereas the collector needs read+storage view:views+global:health.
These roles/perms are described in the release notes and what the specific priv req's are needed for each role.
If you don't specify a collector user, the registration user will be used for collection in addition to registration. Hence the "optional".
Registration user and collector user are different, in that registration user need reg/unreg extension, license priv's, etc. Whereas the collector needs read+storage view:views+global:health.
These roles/perms are described in the release notes and what the specific priv req's are needed for each role.
If you don't specify a collector user, the registration user will be used for collection in addition to registration. Hence the "optional".
fyi, I just set this up.
For the registration user I have:
Extension > ALL
Global > Licenses
The collector user has Read-only everywhere.
Ben
As my previous post indicates , read-only everywhere is not sufficient for the collector user. You're missing storage view:views and global:health. Without these perms, disk space metric won't collect and vCenter/vSphere health won't be collected. As a result, the risk/efficiency badges won't have enough information to fully populate.
Please refer to the vC Ops release notes, as these perms are all clearly stated there.
Thanks Mark,
I create a new role (copy of read only) for the collector and added
Storage Views > View and now I am seeing the storage metrics you mentioned.
Ben