VMware vSphere

 View Only

  • 1.  Non-Root User Unable to Browse Data Store for ISO File

    Posted 2 days ago

    I have a group named "Vcenter Users", which contains non-root users. I would like this group to be able to mount ISO files in a NFS datastore from the create VM wizard.

    I created a role name "Use CD Images" with the following privileges

    I added a the permission to the "CDImages" (NFS datastore), granting the "Vcenter Users" the "Use CD Images" role.

    However, when I go through the VM creation wizard and use the browse feature to select the ISO, I get a loading screen with a spinning circle the never displays the files/folders

    I can however browse the Datastore outside the wizard:


    -------------------------------------------


  • 2.  RE: Non-Root User Unable to Browse Data Store for ISO File

    Posted 2 days ago

    Where did you apply the security group? It needs to be applied directly to the datastore. None of your sceenshots show it if was applied on the datastore itself. 



    ------------------------------
    Rodney Barnhardt
    vExpertPro
    ------------------------------

    Original Message


  • 3.  RE: Non-Root User Unable to Browse Data Store for ISO File

    Posted 2 days ago

    It's applied to the datastore named "CDImages".  It's in the second screenshot. 

    -------------------------------------------

    Original Message


  • 4.  RE: Non-Root User Unable to Browse Data Store for ISO File

    Broadcom Employee
    Posted 2 days ago
    Edited by Fouad Sethna 2 days ago

    Do "vCenter-Users" have Virtual machine > Configuration > Change Settings  permissions?

    or Virtual machine > Interaction > Configure CD media / Connect Devices?

    -------------------------------------------

    Original Message


  • 5.  RE: Non-Root User Unable to Browse Data Store for ISO File

    Posted 2 days ago

    For that I have another role "Virtual machine & vApp creators" defined with the privileges mentioned:

    Here's the full list of privileges:
    Alarms

    Create alarm
    Modify alarm
    Remove alarm

Permissions

    Modify permission

Datastore

    Allocate space

Folder

    Create folder
    Delete folder
    Move folder
    Rename folder

Global

    Cancel task
    Log event
    Set custom attribute

vSphere Tagging

    Assign or Unassign vSphere Tag on Object

Resource

    Assign vApp to resource pool
    Assign virtual machine to resource pool
    Create resource pool
    Migrate powered off virtual machine
    Migrate powered on virtual machine
    Modify resource pool
    Move resource pool
    Query vMotion
    Remove resource pool
    Rename resource pool

Scheduled task

    Create tasks
    Modify task
    Remove task
    Run task

vApp

    Add virtual machine
    Assign resource pool
    Assign vApp
    Clone
    Create
    Delete
    Export
    Import
    Move
    Power off
    Power on
    Rename
    Suspend
    Unregister
    View OVF environment
    vApp application configuration
    vApp instance configuration
    vApp managedBy configuration
    vApp resource configuration

Virtual machine

    Change Configuration
        Acquire disk lease
        Add existing disk
        Add new disk
        Add or remove device
        Advanced configuration
        Change CPU count
        Change Memory
        Change Settings
        Change resource
        Configure Raw device
        Extend virtual disk
        Modify device settings
        Remove disk
        Rename
        Reset guest information
        Upgrade virtual machine compatibility
    Edit Inventory
        Create from existing
        Create new
        Move
        Register
        Remove
        Unregister
    Interaction
        Answer question
        Configure CD media
        Configure floppy media
        Connect devices
        Console interaction
        Install VMware Tools
        Power off
        Power on
        Reset
        Suspend
    Provisioning
        Allow disk access
        Allow read-only disk access
        Allow virtual machine download
        Allow virtual machine files upload
        Clone template
        Clone virtual machine
        Create template from virtual machine
        Customize guest
        Deploy template
        Mark as template
        Mark as virtual machine
        Modify customization specification
        Read customization specifications
    Snapshot management
        Create snapshot
        Remove snapshot
        Rename snapshot
        Revert to snapshot
    The permissions for the Virtual machine & vApp creators role are added to for "Vcenter Users" to both the resource pool and the VM and Template folder in the datacenter:
     
    It's not assigned to the Datastore.
    -------------------------------------------

    Original Message