ESXi and vCenter 6 Security and Permission Model

Managing Permissions with VMware's Role Based Access Controls and Domain Users and Groups | taught by Larry Karnis

Course description

Understand and using the Permission Model in both ESXi 6 and vCenter 6 is critical to ensuring that your environment remains safe and secure. In this course we will look at the Role Based Access Control permission model in both ESXi and vCenter to see how it works and how we can use it and customize it to meet our security and access requirements.

In this course you will:

  • Learn about Privileges and Permissions
  • Review the Stock Roles provided by VMware and their purpose and uses
  • See how to add users to your vSphere environment and how to assign them to the correct role at the correct branch of the inventory
  • See how vCenter handles multiple, conflicting permission assignments
  • Learn the purpose and use of the No Access role
  • Learn how to review, customize and clone existing Roles
  • Learn how to identify active permission assignments on an inventory object and how to change them

By the end of this course you will understand the common permission model used by both ESXi and vCenter 6, how to review, create and update permissions and how to manage permissions effectively.

Larry Karnis
Larry Karnis
VMware Certified Professional - Author, Consultant, Lecturer

Get VMware vSphere & View Training... for less!

Q: What do you do if you need to learn VMware but can't afford the $4,000 - $6,000 charged for authorized VMware vSphere training? 

A: Enroll in my equivalent VMware vSphere 6.5 and Horizon View video-on-demand training... for less.

Many name is Larry Karnis - and I create courses that will help you start your career as a VMware vSphere 6.5 administrator, and help you build you knowledge and skill in vSphere 6.5 advanced features and capabilities. 

With Video-On-Demand training, I can provide more insight and detail, without the time constraints that a normal instructor led training class would impose. My goals are to:

  • Give you a better training experience than classroom training
  • Help you learn more than you can learn in a 5 day class
  • Give you the opportunity to learn at your own pace
  • Provide you to supporting books and hands-on lab rentals

At price points that you (or your boss) will appreciate.

Run This Class At Your Office

ESXLab maintains a pool of high-scoring, experienced instructors who would be glad to lead this event at your place of work. If you have 5 or more people and would like to run live instructor led (distance or on-site) training, please contact me for a quote.

About Me

I am an Information Technology consultant / trainer with over 30 years of experience in system administration, networking, security, infrastructure and security.

I worked for 10 years as a UNIX programmer / consultant before moving to Linux in 1995. I started working with VMware products in 2001 and decided to focus exclusively on VMware in 2004. I earned my first VMware Certified Professional (VCP) designation on ESX 2.0 in 2004 (VCP #: 993). I have also earned VCP in ESX 3, and in vSphere 4 and 5.

My VMware Work Experience

  • I have been providing VMware consulting and training for more than 14 years. I have lead literally hundreds of classes and taught thousands of people how to use VMware. I teach both introductory and advanced VMware classes.
  • I worked for VMware as a senior contract VMware Certified Instructor (VCI) and consultant for almost 5 years. One of my regular duties was to help mentor new VCI's - helping them prepare for and successfully deliver vSphere classes.
  • After leaving VMware, I launched my own training business focused on VMware virtualization in 2008. In 2013, VMware called me back to help them ramp up support services for the upcoming vSphere 5.1 product launch.
  • Prior to VMware, I worked as a contract consultant / trainer for RedHat (I hold RHCE, RHCI and RHCX), Global Knowledge, Learning Tree and many other training and consulting companies.

I hold a Bachelor of Science degree (majoring in Computer Science with a minor in Math) from the University of Toronto, Canada. 

I also hold numerous industry certifications including VMware Certified Professional on VMware Infrastructure 2 & 3 and vSphere 4 & 5 (ret.), VMware Certified Instructor (ret.), RedHat Certified Engineer (RHCE), RedHat Certified Instructor (RHCI) and RedHat Certified Examiner (RHCX) as well as certifications from LPI, HP, SCO and others.

I hope to see you in one of my VMware classes very soon... If you have questions, please contact me directly.

And... please link to me on LinkedIn -



Larry Karnis

For more information or for questions about this course, please contact:

Larry Karnis
President, ESXLab

+1 (905) 451-9488 x100
Mobile+1 (416) 890-8191
ESXLab VMware vSphere and View Training

Course Curriculum

ESXi and vCenter 6 Security and Permission Model
ESXi and vCenter 6 Security and Permission Model FREE TRIAL
Security and Permission Model - Overview FREE TRIAL
Project Plan FREE TRIAL
Privileges and Roles FREE TRIAL
Permissions and Stock Roles
Overview of Stock Roles
Permissions are Based on Users and Groups
Assigning Permissions
How ESXi / vCenter Determines Permissions
Assigning Users and Groups to a Role
Local, Domain and Single Sign On Domain Based Users and Groups
Reviewing Users / Groups Assigned to a Role
Working With Roles
How to Edit a Role
Permission Examples - Scenario 1
Permission Examples - Scenario 2
Permission Examples - Scenario 3
vCenter Server Users and Groups
The Purpose of the No Access Role
Checking Active Permissions on an Inventory Item
Viewing vCenter's Base Permissions
Permissions - Best Practices
Local ESXi 6 Users
Viewing ESXi 6 Permissions
Permissions - Best Practices
Permissions - Lab FREE TRIAL
Permissions - Review and Questions FREE TRIAL
Show Content