Anyone figure this out on 5.5? We have people that need access to Dell's OMSA interface to be able to troubleshoot things like failed HDDs and do not want them to be full root admins, since 5.5 this seems to be an impossible task.
We can create a local user in ESXi and assign it only for accessing sfcb (CIM).
3. Now a remote client can access VMware CIM classes using this local user account. However ssh and other root permissions will not be available for this user.
I hope this is what we were looking for ? . However note that /etc/security/access.conf is recreated on every boot and hence whatever modifications done to this file manually may not be persistent (need to check though).