VMware GSX Server 2.5.2Features | Documentation | Knowledge Base | Discussion Forums Access to a virtual machine is based on the permissions granted to a user with regards to the virtual machine's configuration file (.vmx on a Windows host, .cfg on a Linux host). Different permissions give the user different types of access to a virtual machine. In addition, the virtual machine must be registered before you can connect to it remotely. To register a virtual machine, see Registering the Configuration Files for Virtual Machines. A virtual machine runs with the permissions of the user that connects to it. The first connected user necessarily has Read & Execute and Write permissions for a virtual machine on a Windows host, and read, write and execute (r, w and x) permissions for a virtual machine on a Linux host. The name of this user appears in the VMware Management Interface and in the Connected Users dialog box, which you access in the VMware Remote Console by choosing Settings > Connected Users. If another user connects to the virtual machine with Read permission only, that user has the capabilities allowed by the Read permission; for instance, on a Windows host, the user cannot save changes to the virtual machine's configuration file or change the power state of the virtual machine (power it on or off, suspend, resume or reset it). Since only one user can connect through the local console, only a user with Read & Execute and Write permissions can launch a virtual machine from a local console on a Windows host; only a user with read, write and execute (r, w and x) permissions can launch a virtual machine from a local console on a Linux host. No one else can connect to this virtual machine, regardless of his or her permissions. When an administrator grants Read & Execute and Write permissions (Windows hosts) or read, write and execute (r, w and x) permissions (Linux hosts) to a user for a particular virtual machine, the administrator should make sure that the user has permission to access all of the files that the virtual machine uses while running, specifically the virtual disk (.vmdk file), nvram and log file. One way to ensure this is to keep these files together in the same directory with the virtual machine's configuration file (when you configure a new virtual machine, all the files are created in the same directory) and assign permissions to all of the files at the same time. |
