Tutorials, VMware

3 Mins Read

How to Add a User and Assign Various Permissions to Access Data Center objects?


This lab aims to help you create users and assign them various permissions to access data center objects.


  • Knowledge of Users, Groups, Roles, and Permissions
  • Basic understanding of vCenter Datastore Object and their Administration
  • Access of vCenter through vSphere Web Client

Revolutionize Your Data Center with VMware

  • Understand new features
  • Best practices available
  • Instructor led courses
Learn more

Lab Overview

After completing this lab, you can add users and assign various permissions and roles to create and modify objects. You will be able:

  1. To grant “cloudthat-admin” users to root-level global permissions
  2. To create “ctdemo-users1″ and assign READ ONLY permission to him so he can’t delete Data Centres.

Step-by-Step Lab Guide

  1. Open vCenter using vSphere Client. Open vCenter Inventory and review your Hosts and Datacenter.
  2. Click on Inventory and Go to Administration and Click on Users and Groups.
  3. Create “cloudthat-admin,” User under “vclass.local” domain and click ADD.
  4. Under Users and Groups, Verify that the “cloudthat-admin” user is created successfully.
  5. To assign root-level global permission to cloudthat-admin User, click on vCenter (sa-vcsa.vclass.local), go to the Permissions tab, and click ADD.
  6. Select domain name vclass.local , User = cloudthat-admin, and Role = Administrator. Make sure to have global scope for underlying child objects of the inventory.
  7. Ensure assignment of the Administrator Role to “cloudthat-admin,” User within your vCenter.
  8. Logout from the current User and log in to the vCenter using the “cloudthat-admin” user account.
  9. Now, as an Administrator–cloudthat-admin User, you can create Data Centre – cloudthat-UK under the vCenter.
  10. Follow the Steps 2 to 8 to add ctdemo-users1 and change the permission to READ ONLY.
  11. Cross verify ctdemo-user1 is created and assigned READ ONLY role by the administrator.
  12. Logout from the current User and log in to vCenter using the ctdemo-user1user account and try to delete CloudThat-UK data center. You will find that the Delete option is disabled for ctdemo-user1. (Delete option is Grayed-out.)

Get your new hires billable within 1-60 days. Experience our Capability Development Framework today.

  • Cloud Training
  • Customized Training
  • Experiential Learning
Read More

WRITTEN BY Rahulkumar Shrimali



    Click to Comment

Get The Most Out Of Us

Our support doesn't end here. We have monthly newsletters, study guides, practice questions, and more to assist you in upgrading your cloud career. Subscribe to get them all!