6.5
Table Of Contents
- vSphere Command-Line Interface Concepts and Examples
- Contents
- About This Book
- vSphere CLI Command Overviews
- Introduction
- List of Available Host Management Commands
- Targets and Protocols for vCLI Host Management Commands
- Supported Platforms for vCLI Commands
- Commands with an esxcfg Prefix
- ESXCLI Commands Available on Different ESXi Hosts
- Trust Relationship Requirement for ESXCLI Commands
- Using ESXCLI Output
- Connection Options for vCLI Host Management Commands
- Connection Options for DCLI Commands
- vCLI Host Management Commands and Lockdown Mode
- Managing Hosts
- Managing Files
- Managing Storage
- Introduction to Storage
- Examining LUNs
- Detach a Device and Remove a LUN
- Reattach a Device
- Working with Permanent Device Loss
- Managing Paths
- Managing Path Policies
- Scheduling Queues for Virtual Machine I/O
- Managing NFS/NAS Datastores
- Monitor and Manage FibreChannel SAN Storage
- Monitoring and Managing Virtual SAN Storage
- Monitoring vSphere Flash Read Cache
- Monitoring and Managing Virtual Volumes
- Migrating Virtual Machines with svmotion
- Configuring FCoE Adapters
- Scanning Storage Adapters
- Retrieving SMART Information
- Managing iSCSI Storage
- iSCSI Storage Overview
- Protecting an iSCSI SAN
- Command Syntax for esxcli iscsi and vicfg-iscsi
- iSCSI Storage Setup with ESXCLI
- iSCSI Storage Setup with vicfg-iscsi
- Listing and Setting iSCSI Options
- Listing and Setting iSCSI Parameters
- Enabling iSCSI Authentication
- Set Up Ports for iSCSI Multipathing
- Managing iSCSI Sessions
- Managing Third-Party Storage Arrays
- Managing Users
- Managing Virtual Machines
- Managing vSphere Networking
- Introduction to vSphere Networking
- Retrieving Basic Networking Information
- Troubleshoot a Networking Setup
- Setting Up vSphere Networking with vSphere Standard Switches
- Setting Up Virtual Switches and Associating a Switch with a Network Interface
- Retrieving Information About Virtual Switches
- Adding and Deleting Virtual Switches
- Checking, Adding, and Removing Port Groups
- Managing Uplinks and Port Groups
- Setting the Port Group VLAN ID
- Managing Uplink Adapters
- Adding and Modifying VMkernel Network Interfaces
- Managing VMkernel Network Interfaces with ESXCLI
- Add and Configure an IPv4 VMkernel Network Interface with ESXCLI
- Add and Configure an IPv6 VMkernel Network Interface with ESXCLI
- Managing VMkernel Network Interfaces with vicfg-vmknic
- Add and Configure an IPv4 VMkernel Network Interface with vicfg-vmknic
- Add and Configure an IPv6 VMkernel Network Interface with vicfg-vmknic
- Setting Up vSphere Networking with vSphere Distributed Switch
- Managing Standard Networking Services in the vSphere Environment
- Setting the DNS Configuration
- Manage an NTP Server
- Manage the IP Gateway
- Setting Up IPsec
- Manage the ESXi Firewall
- Monitor VXLAN
- Monitoring ESXi Hosts
- Index
You can manage users dened on the vCenter Server system and users dened on individual hosts
separately.
n
Manage users dened on ESXi with the vSphere Web Services SDK or vicfg-user.
n
Manage vCenter Server users with the vSphere Web Client or the vSphere Web Services SDK.
I You cannot use the vicfg-user command to modify users created with the vSphere Client in
vSphere 6.0 or earlier.
Even if the user lists of a host and a vCenter Server system appear to have common users, for example, a
user called devuser, these users are separate users with the same name. The aributes of devuser in
vCenter Server, including permissions, passwords, and so forth, are separate from the aributes of devuser
on the ESXi host. If you log in to vCenter Server as devuser, you might have permission to view and delete
les from a datastore. If you log in to an ESXi host as devuser, you might not have these permissions.
Users authorized to work directly on an ESXi host are added to the internal user list when ESXi is installed
or can be added by a system administrator after installation. You can use vicfg-user to add users, remove
users, change passwords, and congure permissions.
C See the Authentication and User Management chapter of vSphere Security for information about
root users before you make any changes to the default users. Mistakes regarding root users can have serious
access consequences.
Each ESXi host has several default users.
n
The root user has full administrative privileges. Root users can control all aspects of the host that they
are logged on to. Root users can manipulate permissions, create users on ESXi hosts, work with events,
and so on.
n
The vpxuser user is a vCenter Server entity with root rights on the ESXi host, allowing it to manage
activities for that host. The system creates vpxuser when an ESXi host is aached to vCenter Server.
vpxuser is not present on the ESXi host unless the host is being managed through vCenter Server.
n
Other users might be dened by the system, depending on the networking setup and other factors.
Example: Create, Modify, and Delete Users
The following example scenario illustrates some of the tasks that you can perform. Specify one of the
options listed in “Connection Options for vCLI Host Management Commands,” on page 19 in place of
<conn_options>.
1 List the existing users.
vicfg-user <conn_options> -e user -o list
The list displays all users that are predened by the system and all users that were added later.
I The command lists a maximum of 100 users.
2 Add a new user, specifying a login ID and password.
vicfg-user <conn_options> -e user -o add -l user27 -p 27_password
The command creates the user. By default, the command autogenerates a UID for the user.
3 List the users again to verify that the new user was added and a UID was generated.
vicfg-user <conn_options> -e user -o list
USERS
-------------------
Principal -: root
Chapter 7 Managing Users
VMware, Inc. 119