Creating and assigning a role with privileges to create and manage virtual machine to a Domain or Local User/Group
search cancel

Creating and assigning a role with privileges to create and manage virtual machine to a Domain or Local User/Group

book

Article ID: 316586

calendar_today

Updated On:

Products

VMware vCenter Server

Issue/Introduction

This article provides steps to create and assign a role with privileges to create and manage virtual machine to a Domain or Local User/Group.

Environment

VMware vCenter Server 5.5.x
VMware vCenter Server 6.0.x
VMware vCenter Server 6.7.x
VMware vCenter Server 7.0.x
VMware vCenter Server 6.5.x

Resolution

To create a role and assign the necessary privileges:
  1. Open a vSphere Client connection to the vCenter Server.
  2. Click Home > Administration > Roles > Add Role.
  3. Give the new role a name, then select these Privileges:
  • Datastore
    • Allocate space
    • Browse datastore
  • Global
    • Cancel task
  • Network
    • Assign network
  • Resource
    • Assign virtual machine to resource pool
  • Scheduled task
    • Create tasks
    • Modify task
    • Remove task
    • Run task
  • Virtual machine
    • Change Configuration
      • Acquire disk lease
      • Add existing disk
      • Add new disk
      • Add or remove device
      • Advanced configuration
      • Change CPU count
      • Change Memory
      • Change Settings
      • Change resource
      • Modify device settings
      • Remove disk
      • Rename
      • Reset guest information
      • Upgrade virtual machine compatibility
    • Edit Inventory
      • Create from existing
      • Create new
      • Move
      • Register
      • Remove
      • Unregister
    • Interaction
      • Answer question
      • Configure CD media
      • Configure floppy media
      • Connect devices
      • Console interaction
      • Guest operating system management by VIX API
      • Install VMware Tools
      • Power off
      • Power on
      • Reset Suspend
    • Snapshot management
      • Create snapshot
      • Remove snapshot
      • Rename snapshot
      • Revert to snapshot
 
  1. Add the permission at the highest level and set to propagate the permissions.

    Alternatively, set specific levels within vCenter Server:
    1. Click the Inventory object, then click the Permissions tab.
    2. Click on the plus (+) sign to Add Permissions.
    3. Under User, select the domain the user is located in

      Note: Leaving the Domain entry as (server) shows the vCenter Server's local Windows accounts.
       
    4. Find the user and assigned the newly created Role
    5. Deselect Propagate to Child Objects.


Additional Information


ロールの作成およびドメインまたはローカル ユーザー/グループへの仮想マシンの作成および管理権限の割り当て
创建角色并将虚拟机创建和管理特权分配给域或本地用户/组

Powered by Wolken Software