Книга: Mastering VMware® Infrastructure3
Chapter 8: Configuring and Managing Virtual Infrastructure Access Controls
Chapter 8: Configuring and Managing Virtual Infrastructure Access Controls
Manage and maintain ESX Server permissions. Grant permissions to an ESX Server host with caution. Ideally, the number of individuals who have the ability to connect directly to an ESX Server host should be minimized.
Master It A group of administrators needs the ability to connect directly to an ESX Server host to perform management tasks.
Solution Create Service Console user accounts for each administrator who requires direct access.
Manage and maintain VirtualCenter permissions. The VirtualCenter permissions model builds off Windows-based user accounts and provides a great degree of flexibility, thus allowing virtual infrastructure administrators to maintain the principle of least privilege.
Master It Domain administrators from a Windows Active Directory domain should not be able to manage the virtual infrastructure.
Solution Create a new group in Active Directory and assign the new group the Administrator role at the Hosts & Clusters level in VirtualCenter. Remove the local Administrators group permission.
Master It Users with Windows-based groups need varying levels of access to the VirtualCenter inventory.
Solution Assign the Windows group to the appropriate VirtualCenter roles and assign the permission at the appropriate VirtualCenter inventory object.
Master It A default VirtualCenter role provides too much permission for a new user who needs access to VirtualCenter objects.
Solution Create a custom VirtualCenter role and assign the appropriate privileges.
Manage virtual machines using the web console. The web console utility is solely for the management of virtual machines. It is a great tool for allowing virtual machine administrators management capabilities without using the full VI Client. Like the VI Client, however, the web console is an excellent means for connecting to a virtual machine when traditional in-band management tools are not available.
Master It You need to access a virtual machine but the corporate firewall does not permit traffic on nonstandard ports.
Solution Use the web access utility to connect to VirtualCenter and establish a remote console session.
Master It You need to send a Windows administrator a link that will provide access to a virtual machine console. The administrator wants to establish this link as an Internet Explorer favorite.
Solution Generate a remote console URL by connecting to the web access utility of VirtualCenter.
- Chapter 1: Introducing VMware Infrastructure 3
- Chapter 2: Planning and Installing ESX Server
- Chapter 3: Creating and Managing Virtual Networks
- Chapter 4: Creating and Managing Storage Devices
- Chapter 5: Installing and Configuring VirtualCenter 2.0
- Chapter 6: Creating and Managing Virtual Machines
- Chapter 7: Migrating and Importing Virtual Machines
- Chapter 8: Configuring and Managing Virtual Infrastructure Access Controls
- Chapter 9: Managing and Monitoring Resource Access
- Chapter 10: High Availability and Business Continuity
- Chapter 11: Monitoring Virtual Infrastructure Performance
- Chapter 12: Securing a Virtual Infrastructure
- Chapter 13: Configuring and Managing ESXi
- Managing Permissions
- Chapter 8 Configuring and Managing Virtual Infrastructure Access Controls
- Mastering VMware® Infrastructure3
- Практическая работа 53. Запуск Access. Работа с объектами базы данных
- Разработка приложений баз данных InterBase на Borland Delphi
- Open Source Insight and Discussion
- Introduction to Microprocessors and Microcontrollers
- Chapter 5. Preparations
- Chapter 6. Traversing of tables and chains
- Chapter 7. The state machine
- Chapter 8. Saving and restoring large rule-sets
- Chapter 9. How a rule is built