VMware 4.1 has some “great” security “features” when you upgrade

So after I upgraded from VMware’s vSphere 4.0 to 4.1 I ran across an awesome “feature”.  Apparently for security purposes VMware’s vSphere decided that after the upgrade no one can log into the server except for root, and the vpxuser (the account that the vCenter server uses to log into the hosts).  Given that root can’t log into the server remotly that presents with a little bit or a problem as without going to the data center (or using a remote KVM of some sort) you have no access to the physical console.

Fixing this is actually a rather easy fix.  Log into the server’s console as root, then edit the /etc/security/access.conf and add a new line for each user that needs access.

Now if you have several users that need access to the physical hosts, then create a group in unix, and add this group to the access.conf file.  Each new line should look something like…

+:UserName|GroupName:ALL

In the case of my account the line looks something like this.

+:dcherry:ALL

If you wanted to use a group, then the line is similar.

+:groupname:ALL

Have fun fixing this little one if you’ve got a lot of VMware hosts to fix.

Denny

Share

Share on facebook
Share on twitter
Share on linkedin

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Trust DCAC with your data

Your data systems may be treading water today, but are they prepared for the next phase of your business growth?