Manualshelf

Users Guide

ManualsBrandsDell ManualsAnalyticsOpenManage Integration for VMware vCenter Version 3.2
118119120121122123124125126127
Security Roles and Permissions
The OpenManage Integration for VMware vCenter stores user credentials in an encrypted format. It does not provide any passwords to
client applications to avoid any improper requests that could lead to issues. The Backup Database are fully encrypted using custom
security phrases, and therefore the data cannot be misused.
By default, users in the Administrators group have all the privileges. Administrators can use all the functions of the OpenManage
Integration for VMware vCenter within VMware vSphere Client or Web Client. If you want a user with necessary privileges to manage the
product, then create a role with necessary privileges, assign the role to a user, register a vCenter server using the user, and include both
the Dell roles.
Data Integrity
Communication between the OpenManage Integration for VMware vCenter , Administration Console, and vCenter is accomplished using
SSL/HTTPS. The OpenManage Integration for VMware vCenter generates an SSL certificate used for trusted communication between
vCenter and the appliance. It also verifies and trusts the vCenter server's certificate before communication and the OpenManage
Integration for VMware vCenter registration. OpenManage Integration for VMware vCenter Console tab (in VMware vCenter) uses
security procedures to avoid improper requests while the keys are transferred back and forth from the Administration Console and back-
end services. This type of security causes cross-site request forgeries to fail.
A secure Administration Console session has a five minutes idle timeout, and the session is only valid in the current browser window
and/or tab. If the user tries to open the session in a new window or tab, a security error is created that asks for a valid session. This action
also prevents the user from clicking any malicious URL that could try to attack the Administration Console session.
Figure 2. Error Message
Access Control Authentication, Authorization, and
Roles
The OpenManage Integration for VMware vCenter uses the web Client's current user session and the stored administration credentials for
the OpenManage Integration to perform vCenter operations. The OpenManage Integration for VMware vCenter uses the vCenter server's
built-in roles and privileges model to authorize user actions with the OpenManage Integration and the vCenter managed objects (hosts
and clusters). Access Roles on the VMware vCenter Home page.
Dell Operational Role
Contains the privileges/groups to accomplish appliance and vCenter server tasks including firmware updates, hardware inventory,
restarting a host, placing a host in maintenance mode, or creating a vCenter Server task.
This role contains the following privilege groups:
Table 12. Privilege groups
Group Name Description
Privilege Group — Dell.Configuration Perform Host-Related Tasks, Perform vCenter-Related Tasks,
Configure SelLog, Configure ConnectionProfile, Configure
ClearLed, Firmware Update
Security Roles and Permissions 125