What are possible valid uses for the default No Access role in vCenter? (Choose two.)
A.
Restrict usage on a object for a member of a group assigned full permissions to the object
B.
Restrict access to sensitive VMs for helpdesk staff
C.
Restrict ESX Admins from managing specific hosts directly
D.
Restrict administrators from managing hosts via vCenter
not sure D is a correct answer i would go more for A.
http://pubs.vmware.com/vsphere-4-esx-vcenter/index.jsp?topic=/com.vmware.vsphere.dcadmin.doc_41/vsp_dc_admin_guide/managing_users_groups_roles_and_permissions/r_default_roles_for_esx_esxi_and_vcenter_server.html
I agree with A and B.
C is WRONG! Permission apply in vCenter will only aply when logged in to vCenter, it won’t affect permissions when logged in directly to the host! So if you disable access to host in vCenter, can still login directly to the host! Try it!
No Access
Cannot view or change the assigned object.
vSphere Client tabs associated with an object appear without content.
Can be used to revoke permissions that would otherwise be propagated to an object from a parent object.
Available in ESXi and vCenter Server.
Looks like correct answer is A and B
Access Role is available on ESXi and vCenter Server.
I think “D” is wrong..
“C” is wrong.
B-is correct and
A-we can restrict a group by editing role options.
A & B is correct answers.
I think A & D are correct. If I have a group of administrators and I dont want them to access a particular host in vCenter, I can assign them the No Access role similar to the member of a group as in answer A.
Note that it says “Administrators” and not ESX Admins.
The more I think about this, the more I have to say “B & C” are wrong choices. By definition, No Access still allows you to see the VM… “vSphere Client tabs associated with an object appear without content”
So this would qualify
“D” Restrict administrators from managing hosts via vCenter
and disqualify
“B” Restrict access to sensitive VMs for helpdesk staff
IMHO AD is correct answer
http://pubs.vmware.com/vsphere-50/index.jsp?topic=%2Fcom.vmware.vsphere.storage.doc_50%2FGUID-8AE88758-20C1-4873-99C7-181EF9ACFA70.html
Restrict Usage vs Restrict Access. Not the same thing!? VMware you are cunts!
darren you killed me :))
rigth answer is B and D.
not A, if A statement was “Restrict Access…” then there will have been three possible answers..
Agree with the tricky usage of the word “usage” rather than “access”.
“Access” would have made A right.
I just can’t figure out why C is not correct. It looks a lot like D.
D is not correct in that ESX Admins refers to local esxi users – like root.
Might be handy:
http://www.virtuallyghetto.com/2013/12/why-is-there-no-access-vsphere-role.html
Another bogus ‘word game’. The difference is:
“Restrict usage” vs. “Restrict access” vs. “Restrict…from managing”.
This in no way tests anyone on their capability of administering and supporting vSphere.