1 Reply Latest reply on Jun 19, 2018 7:36 AM by pauljmcconnon

    vRops Reports and Permissions

    AhhhOK Lurker

      vCenter Adapter is connecting to vCenter using an account that has Admin Role in vCenter.

       

      Reports run as users created by vCenter Authentication Fail.  After looking at permissions, I do not understand why you cannot modify the users created by logging into vRops via vCenter authentication?  I was ok with my vCenter Admins being admins in vRops but see that there is a built in Power User role that may be better to use.  However there are limitations to the accounts that get created by logging in with vCenter authentication. The account gets created but I can't add the account to any vRops groups or assign roles.  By default it is a member of the Everyone group but that is it.

       

      On the flip side, my local accounts can run reports but get no data in the report even though they can see the data when I click on the view and choose the vSphere World.   The local account can see the Virtual Machines and their details.

       

      Any info on why they don't allow you to modify the vCenter accounts may help me understand the reasoning.

      And what do I need to do to get local accounts to be able to see the data in the reports?

       

      Thanks

        • 1. Re: vRops Reports and Permissions
          pauljmcconnon Lurker
          VMware Employees

          Hi

           

          Not sure what version of vROps you are running but maybe this helps:

           

          A vCenter Server user is a read-only principal in vRealize Operations Manager, which means that you cannot change the role, group, or objects associated with the role invRealize Operations Manager. Instead, you must change them in the vCenter Server instance. The role applied to the root folder applies to all of the objects in vCenter Server to which a user has privileges. vRealize Operations Manager does not apply individual roles on objects. For example, if a user has the PowerUser role to access the vCenter Serverroot folder, but has read-only access to a virtual machine, vRealize Operations Manager applies the PowerUser role to the user to access the virtual machine.

           

          Source: vCenter Server Users in vRealize Operations Manager

           

          As to the problem with local users, when you run the report in the "Select an object" drop down are you selecting the vSphere World under Hosts and Clusters or from another selection? i.e vSphere World under Networking.