Specifications

ManualsBrandsESX ManualsComputer equipmentQE450.2

261

262

263

264

265

266

267

268

269

270

Basic System Administration

266 VMware, Inc.

AnychangesyoumaketotheWindowsdomainarereflectedinVirtualCenter.

BecauseyoucannotdirectlymanageusersinVirtualCenter,theuserinterface

doesn’tprovideauserlistforyoutoreview.Youseethesechangesonlywhenyou

selectuserstoconfigurepermissions.

 Directaccessusers–UsersauthorizedtoworkdirectlyonanESXServerhostare

thoseaddedtotheinternaluserlistbydefaultwhenESXServerisinstalledorby

asystemadministratorafterinstallation.

IfyoulogintoanESXServerhostasrootusingtheVIClient,

youcanperforma

varietyofmanagementactivitiesfortheseusers,suchaschangingpasswords,

groupmemberships,permissions,andsoforth.Youcanalsoaddandremove

users.

EvenifthelistsmaintainedbyanESXServerhostandVirtualCenterappeartohave

commonusers(forinstance,ausercalled

devuser),theseusersshouldbetreatedas

separateuserswhohavethesamename.TheattributesofdevuserinVirtualCenter,

includingpermissions,passwords,andsoforth,areseparatefromtheattributesof

devuserontheESXServerhost.IfyoulogintoVirtualCenterasdevuser,youmighthave

permission

toviewanddeletefilesfromadatastore.IfyoulogintoanESXServerhost

asdevuser,youmightnot.

UsersandgroupsintheVMwareInfrastructureenvironmentarecreatedusingthe

followingmethods:

 WhentheVIClientisconnectedtoaVirtualCenterServersystem,usersand

groupsaredefinedthroughthestandardmethodsforWindowsdomainsorActive

Directory.YoudonotcreateusersandgroupsforaccesstotheVirtualCenterServer

throughtheVIClient.

 WhentheVIClientisconnectedtoanESXServerhost,usersandgroupsare

definedthroughtheUsersandGroupstab.

EachESXServerhosthastwodefaultusers:

 Therootuserhasfulladministrativeprivileges.Administratorsusethisloginand

itsassociatedpasswordtologintoahostthroughtheVIClient.Rootusershavea

completerangeofcontrolactivitiesonthespecifichostthattheyareloggedonto,

includingmanipulatingpermissions,creatinggroupsand

users,workingwith

events,andsoforth.

WARNINGSeetheAuthenticationandUserManagementchapteroftheESXServer3

ConfigurationGuideorESXServer3iConfigurationGuideforinformationaboutrootusers

andyourESXServerbeforeyoumakeanychangestotherootuser.Mistakesherecan

haveseriousaccessconsequences.