Manualshelf

Installation guide

ManualsBrandsVMware ManualsComputer equipmentVCENTER SERVER 4.0 - UPGRADE GUIDE UPDATE 1
41424344454647484950
Upgrading Datastore and Network
Permissions 7
In previous releases of vCenter Server, datastores and networks inherited access permissions from the
datacenter. In vCenter Server 4.0 and higher, they have their own set of privileges that control access to them.
This might require you to manually assign privileges, depending on the access level you require.
In vCenter Server 4.x, users are initially granted the No Access role on all new managed objects, including
datastores and networks. This means, by default, users cannot view or perform operations on them. All existing
objects in vCenter Server maintain their permissions after the upgrade. To determine whether to assign
permissions to existing datastores and networks, the upgrade process uses the datacenter's Read-only
privilege.
n
If the Read-only privilege is nonpropagating (not inherited by child objects), VMware assumes access
privileges should not be assigned to datastores and networks. In such cases, you must update your roles
to include the new datastore and network privileges desired. This is required for users to view and perform
operations on these objects.
n
If the Read-only privilege is propagating (inherited by child objects), VMware assumes access privileges
should be assigned to datastores and networks so users can view them and perform basic operations that
require access. In such cases, the default minimum privileges are automatically assigned during the
upgrade process.
After the upgrade process, if your roles require users to have additional privileges, for example, the ability
to delete a datastore or network, you need to update your permission roles.
Table 7-1 lists the privileges assigned to datastores and networks before the upgrade to vCenter 4.1 and after
the upgrade to vCenter 4.1, and the action required by administrators to enable access.
Table 7-1. Datastore and Network Permission Requirements
Object Before Upgrade Privilege After Upgrade Privilege Action Required to Enable Access
Datastore Nonpropagating Read-only No Access Assign access privileges for datastores or
datastore folders.
Propagating Read-only Allocate Space None.
Network Nonpropagating Read-only No Access Assign access privileges for networks or
network folders.
Propagating Read-only Assign Network None.
NOTE The Read-only propagating permission on a datacenter, as well as all other permissions you have set,
will continue to work as expected after the upgrade.
VMware, Inc.
49