Specifications

ManualsBrandsESX ManualsComputer equipmentQE450.2

261

262

263

264

265

266

267

268

269

270

VMware, Inc. 267

Chapter 17 Managing Users, Groups, Permissions, and Roles

 ThevpxuseruserisaVirtualCenterentitywithrootrightsontheESXServerhost,

allowingittomanageactivitiesforthathost.Thevpxuseriscreatedatthetimethat

anESXServerhostisattachedtoVirtualCenter.ItisnotpresentontheESX Server

hostunlessthehostis

beingmanagedthroughVirtualCenter .

ForinformationoncreatingusersandgroupsforusewithVirtualCenterServer,see

Microsoftdocumentation.

ForinformationoncreatingusersandgroupforusewithESXServer,seetheSecurity

sectionoftheESXServer3ConfigurationGuideorESXServer3iConfigurationGuide.

Groups

Youcanefficientlymanagesomeuserattributesbycreatinggroups.Agroupisasetof

usersthatyouwanttomanagethroughacommonsetofrulesandpermissions.When

youassignpermissionstoagroup,theyareinheritedbyallusersinthegroup.Using

groupscansignificantlyreduce

thetimeittakestosetupyourpermissionsmodel.

ThegrouplistsinVirtualCenterandanESXServerhostaredrawnfromthesame

sourcesastheuserlists.IfyouareworkingthroughVirtualCenter,thegrouplistis

calledfromtheWindowsdomain.Ifyouareloggedonto

anESXServerhostdirectly,

thegrouplistiscalledfromatablemaintainedbythehost.

TheVirtualCenterServergrantsaccesstoeachinventoryobjectbyassigningarolewith

definedprivilegesandauserorgrouptoeachobject.Rolesareadefinedsetofaccess

privileges.

Individualpermissions

areassignedthroughtheVirtualCenterServerortheESX

Serverhostbypairingauserandaroleandassigningthispairtoaninventoryobject.

Permissions

InVMwareInfrastructure,apermissionisdefinedasanaccessrolethatconsistsofa

userandtheuser’sassignedroleforanobject,suchasavirtualmachineorESXServer

host.Permissionsgrantuserstherighttoperformspecificactivitiesandmanage

specificobjectsonaspecifichostor,

ifusersareworkingfromVirtualCenter,all

VirtualCenter‐managedobjects.Forexample,toconfigurememoryforanESXServer

host,youmusthavehostconfigurationpermissions.

CAUTIONDonotchangevpxuseranddonotchangeitspermissions.Ifyoudoso,you

mightexperienceproblemsworkingwiththeESXServerhostthroughVirtualCenter.