Another interesting case in customizing vROps. I received a question from a customer who wanted to permit vROps project management feature access for a specific group of users in the Active Directory. All other vROps dashboards, views, features etc. should be disabled or not visible. To achieve this, you need to create a custom role for the group with specific permission within vROps.
Permit Project Management access only
In order to permit Project Management access to a specific group, a custom role must be created first.
Create custom role
- Log in to the vROps user interface (UI) as the admin user and navigate to Administration -> Access Control and select the Roles tab.
- Click the green plus sign to add a new custom role.
- Enter a name and a description. Click OK to create the new role.
- In the left-bottom, click the pencil icon next to Permissions.
- Configure the following Administration permissions:
- Login Interactively
- Login Interactively
- Configure the following Content permissions:
- Alert Definition Management: Create, Delete, Edit, Read
- Views Management: Render
- Configure the following Environment permissions:
- Inventory trees: VMware Adapter – vSphere Hosts and Clusters
- Projects Management
- View Dashboard Home Page
- View Environment Home Page
- Click Update to save the settings.
Import group from AD
- Switch to the User Groups tab, next to the Roles
- Import a group from the Active Directory and assign the custom role created earlier.
- Check “Assign this role to the group” option and assign it to the vCenter Server object on the right pane.
- Click Finish.
Test access
Log in as a member of the imported AD group and check if the Projects Management tab is displayed. All other vROps features should be disabled and/or not visible.
Cheers!
– Marek.Z