Submit a ticketCall us

Get a crash course on Network Monitoring delivered right to your inbox
This free 7-day email course provides a primer to the philosophy, theory, and fundamental concepts involved in IT monitoring. Lessons will explain not only how to perform various monitoring tasks, but why and when you should use them. Sign up now.

Home > Success Center > Virtualization Manager (VMAN) > Virtualization Manager (VMAN) Getting Started Guide > Deploy Virtualization Manager > Configure VMAN and VM account permissions

Configure VMAN and VM account permissions

Created by Lori Krell_ret, last modified by Melanie Boyd on Nov 21, 2016

Views: 165 Votes: 0 Revisions: 3
VMAN_GS_Home.png

Virtualization Manager uses a set of credentials created in the appliance, in the Orion Web Console, and your VMs to issue commands and monitor data. These credentials must match to provide communication between VMAN and all VMs (VMware and Hyper-V) and VCenter.

Configure VM permissions

To properly install your products and monitor VMs, you need to set up the following accounts and permissions:

Account Type Account Permissions
VMAN account To enable VMAN communication with your virtual environment, create your VMAN account using the same credentials for vCenter for VMware and Hyper-V. See instructions below for creating an appliance account.
Orion Platform administrator account

You need an Orion Platform account that matches credentials with your VMware or Hyper-V installation. Without matching credentials, you will encounter communication and configuration issues.

If you lose access to the admin account, you can read this article Recover an Orion Web Console admin password.

VMware

VCenter

We recommend having your VMware VMs managed by the VCenter. When integrating with VMan, use the VCenter account credentials. All metrics will pull through the VCenter into VMAN for VCenter and all managed VMs.

The VMware user account needs the following permissions:

  • For data collection, at least Read-Only permissions for the host and VMs you want to monitor
  • For data store collection, the Browse Datastore permission
Hyper-V The Hyper-V account used for data collection must have the Enable Account and Remote Enable permissions. For more information about enabling account privileges in WMI, see Configuring Distributed Component Object Model and User Account Control.

Create a VMAN appliance account

You can use an existing account if it matches the virtual environment and Orion Web Console accounts.

If the account does not match, create a new account matching that information.

  1. Log in to the VMAN appliance.
  2. Click Setup and expand Advanced Setup.
  3. Click Users.

    A list of user accounts displays.

  4. Click Add to create a new account, using the credentials currently used for your VMs. For the Role, select Admin.

    This account must match the virtual environment and Orion Web Console accounts.

  5. Click Save.

Configure Orion Web Console account permissions

With the account connections between VMs and the Orion Platform completed, create and manage account permissions for administrators and users as needed for your environment. For example, you may want to limit feature access for network administrators and general IT staff.

Each user or group account can have different privileges applied to it, such as the ability to modify alert definitions or delete snapshots.

You need administrator access to the server to install and integrate VMAN.

  1. Click Settings > All Settings.
  2. Click Manage Accounts in the User Accounts section.
  3. Select an existing user account, and click Edit.
  4. Modify account information, login options, and tasks as needed.
  5. To restrict users access to Orion Web Console features, expand the Virtual Infrastructure Monitor Settings.
  6. Select the views to display for VM data in the Orion Web Console. Typically, you do not need to hide VM views from users. These options only affect seeing VM data in the Orion Web Console.

    The available options include view names, default, and none. If you select none, the view is hidden from the user.

    File:Success_Center/Reusable_content_-_InfoDev/VMAN_GSG/Configure_VMAN_and_VM_account_permissions/vim-account-permissions.png

  7. Select an option to allow or disallow users from VM management tools and functions. These permissions provide native tool features through the Orion Web Console.

    For example, general IT staff should not have the capability to delete snapshots or VMs. For those user accounts, select Disallow for Snapshot Management and Delete virtual machines and datastore files.

    File:Success_Center/Reusable_content_-_InfoDev/VMAN_GSG/Configure_VMAN_and_VM_account_permissions/vim-account-permissions2.png

  8. Click Submit.

Learn more...

To install and integrate:

 
Last modified
17:21, 21 Nov 2016

Tags

Classifications

Public