Configure and Administer Role Based Access Control on NSX Manager

 

Configure Modify or Delete user accounts on NSX Manager

 
Step 1. Log into the vSphere Web Client and navigate to Networking & Security -> NSX Managers and double click on the NSX Manager in which you would like to manage user accounts. From there, select the Manage -> Users tab.
 
1
 
Step 2. To add a new user, click the + sign. Specify a vCenter user or vCenter group then hit Next
 
2
 

Configure Modify or Delete user roles on NSX Manager

 
Step 3. Specify the Role that you would like for this user account, then hit Finish. I have copied and pasted the descriptions from the GUI below.
 
Auditor: Users in this role can only view system settings and auditing, events and reporting information and will not be able to make any configuration change.
 
Security Administrator: Users in this role can configure security compliance policies in addition to viewing the reporting and auditing information in the system.
 
NSX Administrator: Users in this role can perform all tasks related to deployment and administration of this NSX Manager instance.
 
Enterprise Administrator: Users in this role can perform all tasks related to deployment and configuration of NSX products and administration of this NSX Manager instance.
 
3
 
Step 4. To edit a user role, simply highlight the user account and click the pencil icon show below, and make any required changes.
 
4
 
Step 5. To delete a user account, highlight the user and click the Red X icon show below.
 
5
 

Enable or Disable user accounts

 
Step 6. To disable a user account, highlight the user and click the Red Circle icon show below.
 
6
 
Step 7. Finally, to enable a user account, highlight the user, then click the Green Check icon shown below.
 
7
 

7 Comments

  1. mokhtar -  June 7, 2015 - 1:34 am 147

    Dear Sean ,

    i have one Quotation here ,
    after lookup serivce confiuration i can log in into NSX manager by
    Vcenter administrator ??

    BR

    Reply
    • Sean Whitney -  June 8, 2015 - 9:31 am 149

      Hi Mokhtar,

      After you configure the lookup service configuration, you can add a role with your domain user and log into NSX manager, yes.

      Thanks,
      Sean

      Reply
  2. Rajeev -  February 13, 2016 - 4:14 am 406

    Hi Sean

    I could not get the exact difference between NSX Administrator & Enterprise Administrator role.
    Could you please explain the difference with an example ?

    Reply
  3. Rajeev -  March 14, 2016 - 3:15 am 441

    Hi Sean

    For NSX Edge Gateway devcies , it uses the same password for basic & privilege modes.
    Is there any way we can have separate password for basic & privilege modes.

    For NSX Manager I know it is possible. Is it possible for Edge & Controller VM.

    Reply
  4. Arunabha Ghosh -  March 12, 2018 - 5:44 am 635

    Hi! Sean the step 7 i believe it is to enable the disabled user instead rename.

    Reply
    • Sean Whitney -  March 23, 2018 - 2:02 pm 636

      Thanks, Arunabha. Fixed it.

      Reply

Leave A Comment

Your email address will not be published. Required fields are marked (required):

Sean Whitney

SPONSORS

Back to Top