2.0
Table Of Contents
- vCenter Chargeback Manager User’s Guide
- Contents
- About the User's Guide
- Introduction to vCenter Chargeback Manager
- Configuring Administration Settings
- Authenticating and Managing Users, Roles, and Permissions
- Resource Based Authorization in vCenter Chargeback Manager
- Permissions Defined in vCenter Chargeback Manager
- Managing Roles
- Managing Users
- vCenter Chargeback Manager User Authentication
- Managing Chargeback Hierarchies
- Creating a Chargeback Hierarchy
- Managing a Chargeback Hierarchy
- View a Chargeback Hierarchy
- Add a vCenter Chargeback Manager Entity
- Add a vCenter Server Entity
- Rename a Chargeback Hierarchy or a Chargeback Entity
- Delete an Entity from the Hierarchy
- Delete a Chargeback Hierarchy
- Assign Attributes
- Move Entities Within a Hierarchy
- Allocate Computing Resource Units for a Chargeback Entity
- Share Virtual Machine Cost
- Backdate a Chargeback Hierarchy
- View Properties of a vCenter Server Entity
- Managing and Configuring vCenter Chargeback Manager Cost Elements
- Generating Reports
- Monitoring System Health
- Administration Utilities
- Index
2 Select the role that you want to delete, and click Delete.
A dialog box confirming the action is displayed.
3 Click OK.
Managing Users
When the application is installed, a user with the Super User role is created. The user name and password for
this user are provided during the installation.
This is the only user that exists in a freshly installed vCenter Chargeback Manager instance. You can create
more users in the application. To create and manage users in vCenter Chargeback Manager, you must have
either the Super User role or the Administrator role. Before you start creating users and assigning them roles
on various resources, you must understand the relationship between users, roles, and resources.
In vCenter Chargeback Manager, a super user, that is a user with the Super User role, has access to all the users
and resources created in the application. This user has complete access in the application.
An administrator, that is a user with the Administrator role, has access only to the users that he has created.
An administrator cannot access the users created by a super user or by another administrator. Also, an
administrator can access only the following resources:
n
Resources on which he is given access privileges by a super user.
n
Resources created by him.
n
Resources created by the users that he has created.
All other users can only see the super user and the users that have been created by the administrator or super
user who created them. For example, consider the following scenario. We have a super user S1, two
administrators A1 and A2, and six users U1, U2, U3, U4, U5, and U6. The super user S1 has created the two
administrators and the user U1. The administrator A1 has created the users U2 and U3. The administrator A2
has created the user U4, U5, and U6.
Now, S1 can access all the users. A1 can see S1 and has complete access on U2 and U3. A1 cannot see or access
any other user. Similarly, A2 can see S1 and has complete access on U4, U5, and U6. A2 cannot see or access
any other user.
The user U1 can see only S1. This user cannot see the administrators and the users created by the administrators.
The users U2 and U3 can see S1, A1, and each other. They cannot see the users U1, U4, U5, and U6, and the
administrator A2.
Similarly, the users U4, U5, and U6 can see S1, A2, and each other. They cannot see the users U1, U2, and U3,
and the administrator A1.
Also, a user, other than an administrator or super user, can access only the resources on which he has been
given access and the resources created by him. If the user is an LDAP user and has no roles assigned to him,
then the role assigned to the LDAP group to which he belongs is considered.
vCenter Chargeback Manager User’s Guide
44 VMware, Inc.