1.0
Table Of Contents
- VMware vFabric Data Director Administrator and User Guide
- Contents
- About VMware vFabric Data Director
- Updated Information
- VMware vFabric Data Director and vFabric Postgres Overview
- Managing Data Director Resources
- Managing Users and Roles
- Managing Organizations
- Managing Database Groups
- Managing Database Templates
- Managing Databases
- Cloning Databases
- Managing Database Entities
- Safeguarding Data
- Monitoring the Data Director Environment
- Managing Licenses
- Reconfiguring Data Director Networks
- Change the vCenter IP Address
- Reconfigure the Web Console Network Mapping or Network Adapter
- Reconfigure the vCenter Network Mapping
- Reconfigure the vCenter Network Adapter Settings
- Reconfigure the DB Name Service Network or DB Name Service Network Adapter
- Reconfigure the Internal Network or Internal Network Adapter Mapping
- Verify Network Settings in Data Director
- Data Director Troubleshooting
- Index
Roles apply only to the organization in which they are created. For example, an organization administrator
creates a database administrator role that includes permission to add and remove database users, start and
stop databases, and perform backups for a specific database in that organization. Users that are granted the
database administrator role in that organization can perform database administrator tasks only within that
organization.
Organization administrators usually manage role and permission assignments for their organizations.
However, any user that has the permission to grant and revoke permissions on an object can grant all
permissions on that object to any user or any role. Organization administrators can also grant permissions
directly to users.
Each user's login account is unique in the system. Managing access, roles, and permissions for each user is
based on their user login account. The organization administrator can grant users access to one or more
organizations. Within those organizations, each user can be granted multiple roles and permissions.
Users who cannot view or access certain objects or cannot perform certain operations were not granted the
permissions to do so.
The following figure illustrates the scope of users and roles in Data Director.
Figure 3-1. Scope of users and roles in Data Director
User Namespace
Bob
role domain
System
(user) Alliance
DBG DBGDBGDBG
role domain role domain
(user) Benefits
DBAdmin
SysAdmin
DBAdmin
Organization
Organization
In the figure, user Bob is logged in to Data Director and has been granted access to the system and to the
organization Alliance. Bob is also granted the SysAdmin role at the system level, and the DBAdmin role in the
organization Alliance. Bob's SysAdmin role applies to the system level. The SysAdmin role does not propagate
to any organizations. The role DBAdmin in organization Alliance and the role DBAdmin in organization
Benefits are separate roles that apply only within their organizations. Bob has the DBAdmin role in the Alliance
organization but does not have access to the Benefits organization.
Authenticating Users
User authentication is based on user login and password.
User login accounts and credentials are unique in Data Director. This enables managing credentials, roles,
permissions, and privileges for each user based on the user login account.
Create users and passwords in the following ways.
n
A system or organization administrator creates the user account and assigns a password.
n
A user registers for a Data Director account and specifies a password as part of the registration request.
VMware vFabric Data Director Administrator and User Guide
26 VMware, Inc.