HPE Community
Server Management - Systems Insight Manager
1752793 Members
6169 Online
108789 Solutions
New Discussion

Discovering ESXi 4.1 in SIM 6.3 without using 'root' credentials

 
Server Messaging Suppor
Occasional Advisor

‎07-26-2011 09:20 AM

‎07-26-2011 09:20 AM

Discovering ESXi 4.1 in SIM 6.3 without using 'root' credentials

I am trying to find out what needs to happen to get our ESXi hosts into SIM. Previously we only needed a non-admin, read-only account on the hosts to get SIM to discover and monitor out hosts prior to ESXi 4.1. The ESXi hosts that were discovered when they were a earlier version are still in SIM but won't update and cannot be re-discovered either. I have went round and round with HP and VMware support with no definitive answers on what credentials are needed to discover a ESXi 4.1 host in SIM 6.3. If it worked before, why does it not now? If 'root' is needed no matter what now, please direct me to the documentation stating why now and not then.

 

Thanks!

0 Kudos
Reply
1 REPLY 1
Brad Cunningham
Trusted Contributor

‎07-26-2011 03:10 PM

‎07-26-2011 03:10 PM

Re: Discovering ESXi 4.1 in SIM 6.3 without using 'root' credentials

I have done this using a user that is part of the root group but have the password file set to nologin

 

This account is just used for WBEM authentication

 

I have used this procedure in a blog and it has worked for me with 4.1i using HP's image

 

Since the ESXi 4.1 release an error "Authorization failed" is now returned. Here's a work-around, how to use a user which is not root. Note: In any case, using the root-user will still work!

- In the vSphere client select the ESXi host, open "Local Users&Groups" tab
- Add a new user with the following or similar details:
User: nagios, UID: 1001, Name: Nagios User, Password: Test-12345, Add to group root
It is necessary that the password contains at least one capital letter, at least one lower case letter and at least a number. The password has also a minimal and maximum length. If the password is not good, you'll get an error message. And yes, unfortunately it is necessary to add the new user to the group 'root'. The other groups won't work. But that doesn't mean that the new user now has root rights. SSH is per default disabled in ESXi servers and even it it were enabled, the following entry was added into the /etc/passwd file:

/etc/passwd:
nagios:x:1001:0:nagios user:/home/nagios:/sbin/nologin

 

 

 

Regards

brad

Reply
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.