Archive for March, 2012
I’m just back from VMware Champions Bootcamp in Bali, Indonesia and feeling in debt to everyone especially to my Boss for giving me a chances to attended it. This event actually targeted for the South Asia region such as Indonesia, Malaysia, Thailand, Singapore, Vietnam and etc. There were so many interesting topics that have been covered by the speakers (Phil Ballow, Irwan Rahabok) such as vSphere 5 introduction, View Desktop Virtualization and Tech Deep Dive, vCenter Operation Manager 5 and last but not least the Team Building session on the final day of the Bootcamp.No comments
So, you want to create another superuser for some reason in your ESXi host?. Not a problem. Just follow my steps as I’ve listed down below. Frankly, this is not supported configuration by VMware and some may against this but let’s forget other people’s opinion.
Before that, please bear in mind by following this method you will let your new user having the same permission as a root.
- Create new user with default UID from ESXi shell or SSH #userdel -g root -s /bin/sh -M abby
- Modify UID for user “abby” from xxx to 0 #vi /etc/passwd (u cannot do this via client)
- Set password for user “abby” #passwd abby
- Assign proper permission to user “abby” #vim-cmd vimsvc/auth/entity_permission_add vim.Folder:ha-folder-root ‘abby’ false Admin true
- Put user “abby” under group “root” - Login vi-client as abby -> Local user n group -> root property -> add user abby to group
- No need reboot and it’s persistent
As you can see, this user now have the same ability as root when login to DCUI, ESXi shell and client.
This is how I assign role to user James via command line:
- ESXi 5
- Existing user - for testing purpose I create user by using #useradd & passwd commands
parameter: vim-cmd vimsvc/auth/entity_permission_add entity ‘user’ isGroup RoleName Propagate
#vim-cmd vimsvc/auth/entity_permission_add vim.Folder:ha-folder-root ‘James’ false Admin true
You can check your valid entity with #vim-cmd vimsvc/auth/permissions
entity = ‘vim.Folder:ha-folder-root’,
principal = “vpxuser”,
group = false,
roleId = -1,
propagate = true,
Please refer this KB for detailsNo comments