What are possible valid uses for the default No Access role in vCenter? (Choose two

What are possible valid uses for the default No Access role in vCenter? (Choose two.)

A.
Restrict usage on a object for a member of a group assigned full permissions to the object

B.
Restrict access to sensitive VMs for helpdesk staff

C.
Restrict ESX Admins from managing specific hosts directly

D.
Restrict administrators from managing hosts via vCenter

15 Comments on “What are possible valid uses for the default No Access role in vCenter? (Choose two

  1. Tony says:

    C is WRONG! Permission apply in vCenter will only aply when logged in to vCenter, it won’t affect permissions when logged in directly to the host! So if you disable access to host in vCenter, can still login directly to the host! Try it!

  2. Raj says:

    No Access

    Cannot view or change the assigned object.

    vSphere Client tabs associated with an object appear without content.

    Can be used to revoke permissions that would otherwise be propagated to an object from a parent object.

    Available in ESXi and vCenter Server.

    Looks like correct answer is A and B

  3. rajen says:

    Access Role is available on ESXi and vCenter Server.
    I think “D” is wrong..
    “C” is wrong.

    B-is correct and
    A-we can restrict a group by editing role options.

    A & B is correct answers.

  4. Raju says:

    I think A & D are correct. If I have a group of administrators and I dont want them to access a particular host in vCenter, I can assign them the No Access role similar to the member of a group as in answer A.
    Note that it says “Administrators” and not ESX Admins.

  5. Raju says:

    The more I think about this, the more I have to say “B & C” are wrong choices. By definition, No Access still allows you to see the VM… “vSphere Client tabs associated with an object appear without content”

    So this would qualify
    “D” Restrict administrators from managing hosts via vCenter

    and disqualify
    “B” Restrict access to sensitive VMs for helpdesk staff

  6. alvacalva says:

    rigth answer is B and D.

    not A, if A statement was “Restrict Access…” then there will have been three possible answers..

  7. rjoseph says:

    Agree with the tricky usage of the word “usage” rather than “access”.

    “Access” would have made A right.

    I just can’t figure out why C is not correct. It looks a lot like D.

  8. Rich says:

    Another bogus ‘word game’. The difference is:
    “Restrict usage” vs. “Restrict access” vs. “Restrict…from managing”.

    This in no way tests anyone on their capability of administering and supporting vSphere.


Leave a Reply

Your email address will not be published. Required fields are marked *