Authorization Model
Mapping to the
vCenter
Single Sign-On Domain
vCenter
Single Sign-On
DomainThe three-level authorization model of
vCenter Server
maps to local roles and to
vCenter
Single Sign-On
groups, depending on how the user authenticated. This model
allows consistent security control regardless of operational context. The authorization levels map to
group and role.
Authorization Level
| vCenter
Single Sign-On Group
| vCenter Server Local Role |
|---|---|---|
operator
| SystemConfiguration.Administrators
| operator
|
administrator
| SystemConfiguration.Administrators
| admin
|
superAdministrator
| SystemConfiguration.BashShellAdministrators
| superAdmin
|
When a super administrator adds user accounts, the
options available include a choice of the role to assign to the new user.