VMware vSphere

 View Only
  • 1.  Disabling Root on ESXi

    Posted Nov 30, 2018 02:40 PM

    For security reasons we'd like to disable root or at least change the role.

    Is there anything I need to do or look out for?

    This is what I have done so far...

    1. I have already created another account and assigned it to the administrator role.
    2. I enabled active directory authentication.
    3. I removed and re-added my esxi hosts using the new local admin account.

    TIA

    Troy



  • 2.  RE: Disabling Root on ESXi

    Posted Nov 30, 2018 03:07 PM


  • 3.  RE: Disabling Root on ESXi

    Posted Nov 30, 2018 03:07 PM

    It is not recommended to delete the root user.

    But you can assign another role to the root account. For example, "read-only" oder "no access". But first you should have assigned the administrator role on root level to another user.

    You can also configure lockdown mode for your ESXi hosts, so that only specific users can login via shell or dcui. This prevents the root account from being used for external logins.