Assign User Global Permissions
In this blog, I will assign user global permission to FQDN active directory administrator user account to access VMware vCenter instead of [email protected] account.
1- Log in with your VMware vSphere Client, typing vCenter username and password.
2- Select the menu tab and click on administrator option.
3- On your left-hand side under Access Control, select Global Permission and click the + icon.
4- From the Domain drop-down box, select an active directory domain (xpertstec.local).
5- From the User/Group option, type administrator and then select administrator.
6- Select Administrator under role.
7- Choose Propagate to children checkbox and then click OK.
8- Now you can see FQDN successfully added, so select [email protected] and then click Logout.
9- Type local domain username, password and then click login.
10- Login with the active directory domain administrator account.
How to assign user read only permissions
I already created Active Directory account user name Jamil to assign permissions on vSphere objects using this same account. Here I will set read-only permission for the user name Jamil. Or you can allow Jamil users to perform basic tasks such as powering on or rebooting a virtual machine.
1- Login with your VMware vSphere Client, select the menu tab, and click on the administrator option.
2- On your left-hand side under Access Control, select Global Permission and click the + icon.
3- From the Domain drop-down box, select an active directory domain (xpertstec.local).
4- From the User/Group option, type a user name (for example Jamil) the one you want to give read-only permission
5- Select Read-only under role.
6- Choose Propagate to children checkbox and then click OK.
7- Now you can see the Read-only user successfully added, so select [email protected] and then click Logout.
8- Type local domain username, password and then click login.
9- Login with the read only account, and you can check the VM menu hidden
For more details please visit VMware
Leave a Reply
You must be logged in to post a comment.