Start a Conversation

Unsolved

1 Rookie

 • 

27 Posts

2078

April 18th, 2022 15:00

VxRail User Privileges

If you have a large IT group, your team probably has a variety of roles. Some might need to perform maintenance or upgrades of your VxRail; they’ll need to use the VxRail plug-in menus or the API for those tasks. Others might just need to do basic vSphere tasks like starting and stopping virtual machines; you might want to restrict that group from seeing VxRail menus. You can use the standard vSphere Role and Privilege features to provide your team the access they need.

When a VxRail is installed, two special privileges are added to the vCenter Server that manages it:

Dell_DougM_0-1650318726029.png

These privileges allow access to the VxRail plug-in menus and the VxRail API. You need both for full functionality--the ‘View’ privilege alone does not grant viewing-only privilege, as you might think. Roles without these privileges hide the VxRail plug-in menus from the user and prohibit the use of the API.

These privileges are added to two roles during installation: Administrator, and VMware HCIA Management. The Administrator role, of course, needs no introduction. VMware HCIA Management is a more limited role that is used by the VxRail Manager (via the management user credential) to issue a query or perform a task on the vCenter Server.

You can add more users to Administrator or VMware HCIA Management to provide your team with VxRail access, or you can create your own role with the VxRail privileges. If you create your own, apply it at the Global or vCenter Server level for complete effectiveness. Applying the VxRail privileges at the Data Center, Cluster, or a lower level will limit the functionality.

Dell_DougM_1-1650318774899.png

 

Dell_DougM_2-1650318800624.png

 

I often discuss VxRail privileges in my VxRail Administration classes. If you haven’t attended one, you’re missing out!

#IWork4Dell

 

 

No Responses!
No Events found!

Top