vmware probe discovers vm's that the user has no access
Article ID: 93067
Updated On:
Products
DX Unified Infrastructure Management (Nimsoft / UIM)
Issue/Introduction
Do not want all the VM's in the VCenter discovered by the VMWare probe.
To achieve this a folder was created in VCenter where the user defined in the probe has no access and the VM's that do not want discovered are placed in this folder.
This works partially as the VM's are not seen in the VMWare probe config but they are still discovered and populated in USM
Environment
UIM 8.51 +
VMWare probe all versions
VMWare probe all versions
Cause
- Even though the user has no access to the folder it can still see the vm's in the datastore.
- This is seen in the VMWare Managed Object Browser (MOB)
- On a computer that can access the sphere web client please browse to
- http://servername/mob
- login as the user configured in the probe
- now browse as follows
- Content (content) - rootFolder (group-d1) - childEntity (datacenter-xx) - datastore (datastore-xx)
- scroll down and you will see all the VM's this user has access to in the datastore
- On a computer that can access the sphere web client please browse to
Resolution
- Create a resource pool in VCenter and add the VM's to it
- Define the No Access Permission on this Resource Pool for the probe user
With this in effect the user cannot see the VM's in MOB and they are not discovered by the VMWare probe
Feedback
Yes
No
Powered by
