Virtualization Manager uses a set of credentials created in the appliance, in the Orion Web Console, and your VMs to issue commands and monitor data. These credentials must match to provide communication between VMAN and all VMs (VMware and Hyper-V) and VCenter.
To properly install your products and monitor VMs, you need to set up the following accounts and permissions:
|Account Type||Account Permissions|
|VMAN account||To enable VMAN communication with your virtual environment, create your VMAN account using the same credentials for vCenter for VMware and Hyper-V. See instructions below for creating an appliance account.|
|Orion Platform administrator account|| |
You need an Orion Platform account that matches credentials with your VMware or Hyper-V installation. Without matching credentials, you will encounter communication and configuration issues.
If you lose access to the admin account, you can read this article Recover an Orion Web Console admin password.
We recommend having your VMware VMs managed by the VCenter. When integrating with VMan, use the VCenter account credentials. All metrics will pull through the VCenter into VMAN for VCenter and all managed VMs.
The VMware user account needs the following permissions:
|Hyper-V||The Hyper-V account used for data collection must have the Enable Account and Remote Enable permissions. For more information about enabling account privileges in WMI, see Configuring Distributed Component Object Model and User Account Control.|
You can use an existing account if it matches the virtual environment and Orion Web Console accounts.
If the account does not match, create a new account matching that information.
A list of user accounts displays.
Click Add to create a new account, using the credentials currently used for your VMs. For the Role, select Admin.
This account must match the virtual environment and Orion Web Console accounts.
With the account connections between VMs and the Orion Platform completed, create and manage account permissions for administrators and users as needed for your environment. For example, you may want to limit feature access for network administrators and general IT staff.
Each user or group account can have different privileges applied to it, such as the ability to modify alert definitions or delete snapshots.
You need administrator access to the server to install and integrate VMAN.
Select the views to display for VM data in the Orion Web Console. Typically, you do not need to hide VM views from users. These options only affect seeing VM data in the Orion Web Console.
The available options include view names, default, and none. If you select none, the view is hidden from the user.
Select an option to allow or disallow users from VM management tools and functions. These permissions provide native tool features through the Orion Web Console.
For example, general IT staff should not have the capability to delete snapshots or VMs. For those user accounts, select Disallow for Snapshot Management and Delete virtual machines and datastore files.