2.7
Table Of Contents
- VMware vFabric Data Director Administrator and User Guide
- Contents
- About VMware vFabric Data Director Administrator and User Guide
- VMware vFabric Data Director Overview
- Managing Data Director Resources
- Resource Management Overview
- Resource Bundles and Resource Pools
- Storage Resources and Data Director
- System Resource Bundle
- Resource Assignment
- vSphere Resource Pools and Data Director
- Viewing Resource Information
- Create the System Resource Pool
- Create the System Resource Bundle
- Monitor Resource Usage
- Create a Resource Pool
- Create a Resource Bundle
- Assign a Resource Bundle to an Organization
- Perform Advanced Cluster Configuration
- Managing Users and Roles
- User Management Overview
- Authenticating Users
- Role-Based Access Control
- Predefined Roles
- Privileges
- Propagation of Permissions and Roles
- Organization Privileges and Permissions
- Add Users to Your Organization
- Add Roles to an Organization
- Grant a Permission to a User
- Modify Organization Security Settings
- About vCenter Single Sign-On
- Register vFabric Data Director with the vCenter Single Sign-On Service
- Import vCenter Single Sign-On Service Users
- Remove vCenter Single Sign-On Registration Before Uninstalling vFabric Data Director
- Building DBVMs and Base DB Templates
- Database Virtual Machine OVA Files
- Deploy a DBVM OVA File
- Disk Configuration for DBVMs and DB Templates
- Build an Oracle, SQL Server, or Empty Base DBVM
- Build a MySQL Base DBVM
- Build an Oracle and SUSE Linux Base DBVM
- Build an Oracle DBVM with a Custom Linux Operating System
- Requirements for the Kickstart File
- Build a Base DBVM with a Custom Operating System
- Create and Validate a Base DB Template
- Database Update Configuration
- Configure a vFabric Postgres Update Chain
- Update an Oracle Database
- Identify Existing Target DBVM
- Create a Base Database VM from an Existing Template
- Apply a Patch to the Base Database Virtual Machine
- Convert a Base DBVM into a Base DB Template
- Validate a Base DB Template
- Assign a Base DB Template to a Resource Bundle
- Enable a Base DB Template
- Configure an Oracle Update Chain
- Update a Database
- Managing Organizations
- IP Whitelists
- Managing Database Groups
- Managing Database Templates
- Managing Databases
- Database Lifecycle
- Requirements for Creating Databases
- Database Creation
- Using Tags
- Managing the Organization Catalog
- Batch Operations and Scheduled Tasks
- Updating Databases
- Database Administration
- Cloning Databases
- Managing Database Entities
- Safeguarding Data
- Backup Strategies
- Backup Types
- Backup Template Settings
- Preconfigured Backup Templates
- Select a Database Backup Template
- Schedule Regular Database Backups
- Create a Database Snapshot
- Recover a Database from Backup
- Import Backups
- Recover a Database from Last State
- Use VMware Data Recovery to Back Up Data Director
- Database End of Life and Backups
- Perform Point-in-time Recovery of Management Server Database
- Add Pre-Action and Post-Action Scripts to the DBVM for Selected Agents
- High Availability and Replication
- Monitoring the Data Director Environment
- Managing Licenses
- IP Pool Management
- VMware vCloud Director Integration
- Reconfiguring Data Director Networks
- Change the vCenter IP Address
- Reconfigure the Web Console Network Mapping or Network Adapter
- Reconfigure the vCenter Network Mapping
- Reconfigure the vCenter Network Adapter Settings
- Reconfigure the DB Name Service Network or DB Name Service Network Adapter
- Reconfigure the Internal Network or Internal Network Adapter Mapping
- Verify Network Settings in Data Director
- Reconfigure the Database Access Network Used by a Database Group
- Modify IP Pool Settings
- Managing SSL Keys and Certificates
- Regenerate Management Server Key and Certificate
- Import Management Server Key and Certificate
- Edit Management Server Certificate
- Regenerate DB Name Server Key and Certificate
- Import DB Name Server Key and Certificate
- Edit DB Name Server Certificate
- Regenerate DBVM Key and Certificate
- Import DBVM Key and Certificate
- Edit DBVM Certificate
- Data Director Troubleshooting
- vCenter Server Stops Responding
- Disk Usage Exceeds Acceptable Levels
- Resource Bundles Become Unusable Because DRS Is Disabled
- Missing Resource Pool
- Troubleshooting for SSL Communication
- Database Cannot Be Connected Using the JDBC Connection String
- Unable to Import or Login Users of the Single Sign-On Service
- Index
Propagation of Permissions and Roles
How permissions and roles propagate through an organization depends on where and on what types of objects
they are granted. Understanding how permissions and roles propagate can help you to assign them to users
appropriately.
Permission and role propagation stops at the organization boundary. Permissions granted within an
organization propagate only within that organization. Permissions granted at the system level do not
propagate to organizations.
Permissions (and their associated privileges) that apply to an organization are inherited by that organization's
database groups and databases. Users or roles can have permissions on specific database groups, and those
permissions propagate to databases within the database groups.
Roles apply only to the organization in which they are defined. If a role is defined at the system level, it applies
only to the system and is not visible to organizations. If a role is defined within an organization, it applies only
to that organization and is not visible to the system or to other organizations.
You can grant permissions and roles on objects within an organization, such as on a database group, on a
database, or on a template. For example, granting the Start/Stop Database permission on a database group
means that the user or role has the Start/Stop Database permission on all databases within that database group.
If a user is granted the Start/Stop Database permission on a database group, that user can start and stop any
databases within that database group. However, permissions that apply only to certain types of objects do not
propagate to other objects. For example, granting the database group permission Create Database on a database
is meaningless.
Organization Privileges and Permissions
Organization administrators grant privileges and permissions to users and roles in their organizations. Those
privileges and permissions propagate to database groups, base DB templates, and databases in the
organization.
You can grant the following types of privileges and permissions to users and roles on organizations.
n
User and permission management, such as manage roles and registration and grant/revoke permissions.
n
Organization management, such as manage organization settings, database configuration and backup
templates, and import databases.
n
Database group management, such as manage database groups, create databases, and import backups.
n
Database management, such as edit database information, resource, and backup settings, modify database
users, upgrade databases.
n
Database operations, such as enable/disable databases, delete databases, start and stop databases, and
restart databases.
n
Database backup and recovery, such as create and delete snapshots, create and delete external backups,
clone databases, and recover databases.
n
Templates, such as use templates.
n
View and monitor, such as viewing reports and monitoring resource usage.
VMware vFabric Data Director Administrator and User Guide
38 VMware, Inc.