6.5
Table Of Contents
- vSphere Command-Line Interface Concepts and Examples
- Contents
- About This Book
- vSphere CLI Command Overviews
- Introduction
- List of Available Host Management Commands
- Targets and Protocols for vCLI Host Management Commands
- Supported Platforms for vCLI Commands
- Commands with an esxcfg Prefix
- ESXCLI Commands Available on Different ESXi Hosts
- Trust Relationship Requirement for ESXCLI Commands
- Using ESXCLI Output
- Connection Options for vCLI Host Management Commands
- Connection Options for DCLI Commands
- vCLI Host Management Commands and Lockdown Mode
- Managing Hosts
- Managing Files
- Managing Storage
- Introduction to Storage
- Examining LUNs
- Detach a Device and Remove a LUN
- Reattach a Device
- Working with Permanent Device Loss
- Managing Paths
- Managing Path Policies
- Scheduling Queues for Virtual Machine I/O
- Managing NFS/NAS Datastores
- Monitor and Manage FibreChannel SAN Storage
- Monitoring and Managing Virtual SAN Storage
- Monitoring vSphere Flash Read Cache
- Monitoring and Managing Virtual Volumes
- Migrating Virtual Machines with svmotion
- Configuring FCoE Adapters
- Scanning Storage Adapters
- Retrieving SMART Information
- Managing iSCSI Storage
- iSCSI Storage Overview
- Protecting an iSCSI SAN
- Command Syntax for esxcli iscsi and vicfg-iscsi
- iSCSI Storage Setup with ESXCLI
- iSCSI Storage Setup with vicfg-iscsi
- Listing and Setting iSCSI Options
- Listing and Setting iSCSI Parameters
- Enabling iSCSI Authentication
- Set Up Ports for iSCSI Multipathing
- Managing iSCSI Sessions
- Managing Third-Party Storage Arrays
- Managing Users
- Managing Virtual Machines
- Managing vSphere Networking
- Introduction to vSphere Networking
- Retrieving Basic Networking Information
- Troubleshoot a Networking Setup
- Setting Up vSphere Networking with vSphere Standard Switches
- Setting Up Virtual Switches and Associating a Switch with a Network Interface
- Retrieving Information About Virtual Switches
- Adding and Deleting Virtual Switches
- Checking, Adding, and Removing Port Groups
- Managing Uplinks and Port Groups
- Setting the Port Group VLAN ID
- Managing Uplink Adapters
- Adding and Modifying VMkernel Network Interfaces
- Managing VMkernel Network Interfaces with ESXCLI
- Add and Configure an IPv4 VMkernel Network Interface with ESXCLI
- Add and Configure an IPv6 VMkernel Network Interface with ESXCLI
- Managing VMkernel Network Interfaces with vicfg-vmknic
- Add and Configure an IPv4 VMkernel Network Interface with vicfg-vmknic
- Add and Configure an IPv6 VMkernel Network Interface with vicfg-vmknic
- Setting Up vSphere Networking with vSphere Distributed Switch
- Managing Standard Networking Services in the vSphere Environment
- Setting the DNS Configuration
- Manage an NTP Server
- Manage the IP Gateway
- Setting Up IPsec
- Manage the ESXi Firewall
- Monitor VXLAN
- Monitoring ESXi Hosts
- Index
Managing Users 7
An ESXi system grants access to its resources when a known user with appropriate permissions logs on to
the system with a password that matches the one stored for that user.
You can use the vSphere SDK for all user management tasks. You cannot create ESXi users by using the
vSphere Web Client.
You can use the vicfg-user command to create, modify, delete, and list local direct access users on an ESXi
host. You cannot run this command against a vCenter Server system.
I Starting with vSphere 5.1, you can no longer manage groups with vicfg-user.
This chapter includes the following topics:
n
“Users in the vSphere Environment,” on page 117
n
“vicfg-user Command Syntax,” on page 118
n
“Managing Users with vicfg-user,” on page 118
n
“Assigning Permissions with ESXCLI,” on page 120
Users in the vSphere Environment
Users and roles control who has access to vSphere components and what actions each user can perform.
User management is discussed in detail in the vSphere Security documentation.
I You cannot use vicfg-user to create roles. You can manage system-dened roles.
vCenter Server and ESXi systems authenticate a user with a combination of user name, password, and
permissions. Servers and hosts maintain lists of authorized users and the permissions assigned to each user.
Privileges dene basic individual rights that are required to perform actions and retrieve information. ESXi
and vCenter Server use sets of privileges, or roles, to control which users can access particular vSphere
objects. ESXi and vCenter Server provide a set of pre-established roles.
The privileges and roles assigned on an ESXi host are separate from the privileges and roles assigned on a
vCenter Server system. When you manage a host by using a vCenter Server system, only the privileges and
roles assigned through the vCenter Server system are available. You cannot create ESXi users by using the
vSphere Web Client.
VMware, Inc.
117