VMware 4.1 has some “great” security “features” when you upgrade

Published On: 2010-11-04By:

So after I upgraded from VMware’s vSphere 4.0 to 4.1 I ran across an awesome “feature”.  Apparently for security purposes VMware’s vSphere decided that after the upgrade no one can log into the server except for root, and the vpxuser (the account that the vCenter server uses to log into the hosts).  Given that root can’t log into the server remotly that presents with a little bit or a problem as without going to the data center (or using a remote KVM of some sort) you have no access to the physical console.

Fixing this is actually a rather easy fix.  Log into the server’s console as root, then edit the /etc/security/access.conf and add a new line for each user that needs access.

Now if you have several users that need access to the physical hosts, then create a group in unix, and add this group to the access.conf file.  Each new line should look something like…

+:UserName|GroupName:ALL

In the case of my account the line looks something like this.

+:dcherry:ALL

If you wanted to use a group, then the line is similar.

+:groupname:ALL

Have fun fixing this little one if you’ve got a lot of VMware hosts to fix.

Denny


Contact the Author | Contact DCAC

Video

Globally Recognized Expertise

As Microsoft MVP’s and Partners as well as VMware experts, we are summoned by companies all over the world to fine-tune and problem-solve the most difficult architecture, infrastructure and network challenges.

And sometimes we’re asked to share what we did, at events like Microsoft’s PASS Summit 2015.

Awards & Certifications

Microsoft Partner       Insights Sccess Award    Technology Headlines Award    Golden Bridge Gold Award    CIO Review Top 20 Azure Solutions Providers    VMWare Partner
Microsoft Certified Master    Microsoft MVP
Share via