Specifications
Basic System Administration
270 VMware, Inc.
Allrolespermittheusertoscheduletasksbydefault.Userscanscheduleonlytasks
theyhavepermissiontoperformatthetimethetasksarecreated.Usetherole‐editing
facilitiesintheVIClienttocreateprivilegesetsthatmatchyouruserneeds.Ifyouuse
theVIClient
connectedtoVirtualCentertomanageyourhosts,youhaveadditional
rolestochoosefromVirtualCenter.TherolesyoucreatedirectlyonanESXServerhost
arenotaccessiblewithinVirtualCenter.Youcanworkwiththeserolesonlyifyoulog
intothehostdirectlyfromtheVIClient.
There
areseveralactivitiesyoucanperformwithroles.
Theactivityoptionswithrolesaredescribedinthefollowingsections:
“CreatingRoles”onpage 271
“CloningRoles”onpage 272
ResourcePool
Administrator
sample Performactionsondatastores,hosts,virtualmachines,
resources,andalarms.
Providesresourcedelegationandisassignedto
resourcepoolinventoryobjects.Thisincludes:
Allprivilegesforfolder,virtualmachine,alarms,
andscheduledtaskprivilegesgroups.
Selectedprivilegesforglobalitems,datastore,
resource,andpermissionsprivilegesgroups.
Noprivilegesfordatacenter,network,host,
sessions,orperformanceprivilegesgroups.
Datacenter
Administrator
sample Performactionsonglobalitems,folders,datacenters,
datastores,hosts,virtualmachines,resources,and
alarms.
Setupdatacenters,butwithlimitedabilitytointeract
withvirtualmachines.Thisincludes:
Allprivilegesforfolder,datacenter,datastore,
network,resource,alarms,andscheduledtask
privilegesgroups.
Selectedprivilegesforglobalitems,host,and
virtualmachineprivilegesgroups.
Noprivilegesforsession,performance,and
permissionprivilegesgroups.
VirtualMachine
Administrator
sample Performactionsonglobalitems,folders,datacenters,
datastores,hosts,virtualmachines,resources,alarms,
andsessions.Thisincludes:
Allprivilegesforallprivilegegroups,except
permissions.
Table 17-1. Default Roles (Continued)
Role Role Type Description User Capabilities