Configure and Administer Role Based Access Control on NSX Manager
Configure Modify or Delete user accounts on NSX Manager
Step 1. Log into the vSphere Web Client and navigate to Networking & Security -> NSX Managers and double click on the NSX Manager in which you would like to manage user accounts. From there, select the Manage -> Users tab.
Step 2. To add a new user, click the + sign. Specify a vCenter user or vCenter group then hit Next
Configure Modify or Delete user roles on NSX Manager
Step 3. Specify the Role that you would like for this user account, then hit Finish. I have copied and pasted the descriptions from the GUI below.
Auditor: Users in this role can only view system settings and auditing, events and reporting information and will not be able to make any configuration change.
Security Administrator: Users in this role can configure security compliance policies in addition to viewing the reporting and auditing information in the system.
NSX Administrator: Users in this role can perform all tasks related to deployment and administration of this NSX Manager instance.
Enterprise Administrator: Users in this role can perform all tasks related to deployment and configuration of NSX products and administration of this NSX Manager instance.
Step 4. To edit a user role, simply highlight the user account and click the pencil icon show below, and make any required changes.
Step 5. To delete a user account, highlight the user and click the Red X icon show below.
Enable or Disable user accounts
Step 6. To disable a user account, highlight the user and click the Red Circle icon show below.
Step 7. Finally, to enable a user account, highlight the user, then click the Green Check icon shown below.
7 Comments
Dear Sean ,
i have one Quotation here ,
after lookup serivce confiuration i can log in into NSX manager by
Vcenter administrator ??
BR
Hi Mokhtar,
After you configure the lookup service configuration, you can add a role with your domain user and log into NSX manager, yes.
Thanks,
Sean
Hi Sean
I could not get the exact difference between NSX Administrator & Enterprise Administrator role.
Could you please explain the difference with an example ?
Hi Rajeev,
The Enterprise administrator has permissions to NSX operations and security while the NSX admin is NSX operations only. More information here:
https://pubs.vmware.com/NSX-6/index.jsp?topic=%2Fcom.vmware.nsx.admin.doc%2FGUID-79F9067D-2F29-45DA-85C7-09EFC31549EA.html
Thanks,
Sean
Hi Sean
For NSX Edge Gateway devcies , it uses the same password for basic & privilege modes.
Is there any way we can have separate password for basic & privilege modes.
For NSX Manager I know it is possible. Is it possible for Edge & Controller VM.
Hi! Sean the step 7 i believe it is to enable the disabled user instead rename.
Thanks, Arunabha. Fixed it.