Server Administrator grants read-only access to users logged in with User privileges, read and write
access to users logged in with Power User privileges, and read, write, and administrator access to users
logged in with Administrator and Elevated Administrator privileges.
Table 3. Privileges Required To Manage Server Administrator Services
Service User Privilege Level Required
View Manage
Instrumentation User, Power User, Administrator,
Elevated Administrator
Power User, Administrator,
Elevated Administrator
Remote Access User, Power User, Administrator,
Elevated Administrator
Administrator, Elevated
Administrator
Storage Management User, Power User, Administrator,
Elevated Administrator
Administrator, Elevated
Administrator
Authentication
The Server Administrator authentication scheme ensures that the correct access types are assigned to the
correct user privileges. Additionally, when the command line interface (CLI) is invoked, the Server
Administrator authentication scheme validates the context within which the current process is running.
This authentication scheme ensures that all Server Administrator functions, whether accessed through
the Server Administrator home page or CLI, are properly authenticated.
Microsoft Windows Authentication
On supported Microsoft Windows operating systems, Server Administrator uses Integrated Windows
Authentication (formerly called NTLM) to authenticate. This authentication system allows Server
Administrator security to be incorporated in an overall security scheme for your network.
Red Hat Enterprise Linux And SUSE Linux Enterprise Server Authentication
On supported Red Hat Enterprise Linux and SUSE Linux Enterprise Server operating systems, Server
Administrator uses various authentication methods based on the Pluggable Authentication Modules
(PAM) library. Users can log in to Server Administrator either locally or remotely using different account
management protocols, such as LDAP, NIS, Kerberos, and Winbind.
VMware ESXi Server 5.X Authentication
ESXi Server authenticates users accessing ESXi hosts using the vSphere/VI Client or Software
Development Kit (SDK). The default installation of ESXi uses a local password database for authentication.
ESXi authentication transactions with Server Administrator are also direct interactions with the vmware-
hostd process. To make sure that authentication works efficiently for your site, perform basic tasks such
as setting up users, groups, permissions, and roles, configuring user attributes, adding your own
certificates, and determining whether you want to use SSL.
NOTE: On systems running VMware ESXi Server 5.0 operating system, to login to Server
Administrator, all users require Administrator privileges. For information on assigning roles, see the
VMware documentation.
14