The Administrator role does not have permission to access a virtual machine's CD/DVD-ROM device
search cancel

The Administrator role does not have permission to access a virtual machine's CD/DVD-ROM device

book

Article ID: 309623

calendar_today

Updated On:

Products

VMware vCenter Server

Issue/Introduction

Symptoms:
  • The Administrator role does not have permission to access a virtual machine's CD/DVD-ROM device
  • You cannot connect to a virtual machine's CD/DVD-ROM device with the Administrator role
  • Connection to CD/DVD-ROM fails
  • Cannot mount a Datastore ISO File
  • If you try to connect to the CD/DVD-ROM, you see the error:

    Permission to perform this operation was denied.

  • The Browse Datastore option is greyed out


Environment

VMware vCenter Server 4.0.x
VMware VirtualCenter 2.5.x
VMware vCenter Server 4.1.x

Resolution

You must modify the permissions of the local VirtualCenter user to have full administrative privileges to a particular virtual machine and allow access to virtual machine's CD/ DVD-ROM.
To modify the permissions:

  1. Log in to the VirtualCenter Server through VMware Infrastructure (VI) Client as Administrator or as a user with full Administrator privileges.
  2. Navigate to the Roles screen:
    • For vCenter Server 4.x, click Home > Administration > Roles.
    • For VirtualCenter 2.x, click Administration > Roles tab.
  3. Right-click on the Read-Only role and choose Clone.
  4. Rename the clone to Browse.
  5. Edit the Browse role and select Datastore > Browse datastore in the Datastore item.
  6. Navigate to the Hosts and Clusters screen:
    • For vCenter Server 4.x, click Home > Inventory > Hosts and Clusters.
    • For VirtualCenter 2.x, click Inventory (dropdown) > Hosts and Clusters.
  7. Select the virtual machine you want to modify and click on Permissions tab.
  8. Right-click and choose Add Permissions. Select the Read-Only role, assign the user to that role, and do not propagate.
  9. Right-click on the Datacenter and choose Add Permissions.
  10. Select the newly created Browse role, do not propagate, and assign the user to this role.
  11. Right-click on the virtual machine and choose Add Permissions.
  12. Select the Virtual Machine Administrator role, and assign the user to this role.

    Notes    :

    • You should see the following list permissions selected by default under Virtual machine > Interaction:

      • Answer question
      • Configure CD media
      • Configure floppy media
      • Console interaction
      • Device connection
      • Power Off
      • Power On
      • Reset
      • Suspend
      • VMware Tools install

    • For vCenter Server 4.1:

      • Click Home > Datastores.
      • Click the datastore and then click the Permissions tab.
      • Right-click and choose Add Permissions.
      • Add the user and assign read only permissions
When you log in to VirtualCenter with VI Client, you see only the particular virtual machine under Hosts and Clusters and Datacenter and can access the CD/DVD-ROM device.


Additional Information

For more information on required permissions to perform specific tasks, see the Permissions section of the Basic System Administration Guide for your version of ESX.


Powered by Wolken Software