Difference between revisions of "VCP5"

Jump to navigation Jump to search

VCP5 (view source)

Revision as of 11:41, 11 January 2012

1,541 bytes added ,  11:41, 11 January 2012
→‎Secure vCenter Server and ESXi: First Pass
Line 77: Line 77:


== Secure vCenter Server and ESXi ==
== Secure vCenter Server and ESXi ==
{|cellpadding="4" cellspacing="0" border="1"
|- style="background-color:#bbddff;"
! Role                  !! Type  !! ESX / VC !! Description
|-
| '''No Access'''      || System || ESX & VC || No view or do.  Can be used to stop permissions propagating.
|-
| '''Read Only'''      || System || ESX & VC || View all except Console, no do.
|-
| '''Administrator'''  || System || ESX & VC || Full rights
|-
| '''VM User'''        || Sample || VC only  || VM start/stop, console, insert media (CD)
|-
| '''VM Power User'''  || Sample || VC only  || As user plus hardware and snapshot operations
|-
| '''Resource Pool Admin''' || Sample || VC Only || Akin to an OU admin, full rights for child objects
Cannot create new VM's without additional VM and datastore privileges.
|-
| '''Datastore Consumer''' || Sample || VC Only || Allows creation of VMDK's or snapshots in datastore (additional VM privileges to action)
|-
| '''Network Consumer''' || Sample || VC Only || Allows assignment of VM's to networks (additional VM privileges to action)
|}
'''vCentre Access'''
* Disabled logged in users use access as next validation period (default is 24hrs)
'''ESXi Firewall'''
* New for v5
* Rule set XML files found in <code>/etc/vmware/firewall/</code>
* Should be edited via GUI
'''ESXi and Active Directory'''
* ESX FQDN must match AD domain
* ESX and AD should be synced to same time
* ESX's DNS must be able to resolve the AD domain
* Add to OU container using domain name format
** <code> sandfordit.local/SiliconOU1/MondeoOU2 </code>
== Identify vSphere Architecture and Solutions ==
== Identify vSphere Architecture and Solutions ==


Retrieved from ‘https://vwiki.co.uk/index.php?title=Special:MobileDiff/1610

Navigation menu