How to Create a Delegated Administrator User Role / To create a Delegated Administrator user role Page 1



Similar documents
6422: Implementing and Managing Windows Server 2008 Hyper-V (3 Days)

Implementing and Managing Windows Server 2008 Hyper-V

Implementing and Managing Microsoft Server Virtualization

Tool Tip. SyAM Management Utilities and Non-Admin Domain Users

10215A Implementing and Managing Microsoft Server Virtualization

Outline SSS Microsoft Windows Server 2008 Hyper-V Virtualization

Moving the Web Security Log Database

Moving the TRITON Reporting Databases

Course Syllabus. Implementing and Managing Windows Server 2008 Hyper-V. Key Data. Audience. At Course Completion. Prerequisites

Step by step guide for installing highly available System Centre 2012 Virtual Machine Manager Management server:

SELF SERVICE RESET PASSWORD MANAGEMENT BACKUP GUIDE

Administration Guide for the System Center Cloud Services Process Pack

SPHOL205: Introduction to Backup & Restore in SharePoint Hands-On Lab. Lab Manual

MS-10215: Implementing and Managing Microsoft Server Virtualization. Course Objectives. Required Exam(s) Price. Duration. Methods of Delivery

Implementing and Managing Microsoft Server Virtualization

How to protect, restore and recover SQL 2005 and SQL 2008 Databases

Technical Bulletin. SQL Express Backup Utility

ActiveImage Protector 3.5 for Hyper-V with SHR. User Guide - Back up Hyper-V Server 2012 R2 host and

Hyperoo 2.0 A (Very) Quick Start

Microsoft Corporation. Project Server 2010 Installation Guide

Protecting SQL Server Databases Software Pursuits, Inc.

How to Copy A SQL Database SQL Server Express (Making a History Company)

Implementing a SAS Metadata Server Configuration for Use with SAS Enterprise Guide

Course 6331A: Deploying and Managing Microsoft System Center Virtual Machine Manager

M6422A Implementing and Managing Windows Server 2008 Hyper-V

Implementing and Managing Microsoft Server Virtualization

TECHNICAL NOTES. Technical Notes P/N REV 01

Provisioning Server Service Template

Index C, D. Background Intelligent Transfer Service (BITS), 174, 191

LT Auditor Windows Assessment SP1 Installation & Configuration Guide

Backing Up CNG SAFE Version 6.0

Course Outline: Course 6331: Deploying and Managing Microsoft System Center Virtual Machine Manager Learning Method: Instructor-led Classroom Learning

How to Back Up and Restore an ACT! Database Answer ID 19211

Create, Link, or Edit a GPO with Active Directory Users and Computers

In addition to their professional experience, students who attend this training should have technical knowledge in the following areas.

Installing and Configuring Login PI

Specops Command. Installation Guide

Deploying and Managing Microsoft System Center Virtual Machine Manager

S/MIME on Good for Enterprise MS Online Certificate Status Protocol. Installation and Configuration Notes. Updated: October 08, 2014

BackupAssist v6 quickstart guide

HELP DOCUMENTATION E-SSOM BACKUP AND RESTORE GUIDE

BACKUP & RESTORE (FILE SYSTEM)

Instructions for Configuring a SAS Metadata Server for Use with JMP Clinical

Introduction. There are several bits of information that must be moved:

Configuration Guide. Remote Backups How-To Guide. Overview

NETFORT LANGUARDIAN INSTALLING LANGUARDIAN ON MICROSOFT HYPER V

HELP DOCUMENTATION E-SSOM BACKUP AND RESTORE GUIDE

Team Foundation Server 2010, Visual Studio Ultimate 2010, Team Build 2010, & Lab Management Beta 2 Installation Guide

Getting started with 2c8 plugin for Microsoft Sharepoint Server 2010

KEYWORDS InteractX, database, SQL Server, SQL Server Express, backup, maintenance.

Installing LearningBay Enterprise Part 2

Backing Up and Restoring Microsoft Exchange Server Cloud Attached Storage. August 2012 Version 3.2

MIGRATING TO AVALANCHE 5.0 WITH MS SQL SERVER

Backup and Restore with 3 rd Party Applications

HOW TO SILENTLY INSTALL CLOUD LINK REMOTELY WITHOUT SUPERVISION

Quick Start - Virtual Server idataagent (Microsoft/Hyper-V)

Administrator s Plus. Backup Process. A Get Started Guide

SQL Tuning and Maintenance for the Altiris Deployment Server express database.

ILTA HAND 6B. Upgrading and Deploying. Windows Server In the Legal Environment

Microsoft Windows Server 2008: MS-6422 Implementing and Managing Hyper V Virtualization 6422

Application Note - JDSU PathTrak Video Monitoring System Data Backup and Restore Process

SonicWALL CDP 5.0 Microsoft Exchange InfoStore Backup and Restore

Laptop Backup - User Guide (Windows)

Provisioning Hyper-V virtual machines for a test environment

EVault for Data Protection Manager. Course 301 Server Protection with DPM File and System State

Installing Windows Server Update Services (WSUS) on Windows Server 2012 R2 Essentials

Support Document: Microsoft SQL Server - LiveVault 7.6X

Using and Contributing Virtual Machines to VM Depot

Database Backup and Restore Instructions. Version 6.5. Instructions

VERITAS Backup Exec TM 10.0 for Windows Servers

FaxCore 2007 Application-Database Backup & Restore Guide :: Microsoft SQL 2005 Edition

ecopy ShareScan 5.0 SQL installs guide

Synthetic Monitoring Scripting Framework. User Guide

Integrating Eaton PRO Management Pack for Microsoft System Center Virtual Machine Manager 2008 v1.0 Page 2

Windows 10 and Enterprise Mobility

Migrating Trend Micro Mobile Security for Enterprise (TMMS) 8.0 to TMMS 9.0

MS-6422A - Implement and Manage Microsoft Windows Server Hyper-V

Hyperoo 2 User Guide. Hyperoo 2 User Guide

Virtualizing your Datacenter

How to Backup and FTP your SQL database using E2.

How To Upgrade Your Microsoft SQL Server for Accounting CS Version

Contents Introduction... 3 Introduction to Active Directory Services... 4 Installing and Configuring Active Directory Services...

SPHOL207: Database Snapshots with SharePoint 2013

Synchronizer Installation

BackupAssist v6 quickstart guide

Backup Assistant. User Guide. NEC NEC Unified Solutions, Inc. March 2008 NDA-30282, Revision 6

How to Configure Microsoft System Operation Manager to Monitor Active Directory, Group Policy and Exchange Changes Using NetWrix Active Directory

SQL Server Setup for Assistant/Pro applications Compliance Information Systems

Team Foundation Server 2012 Installation Guide

STATISTICA VERSION 9 STATISTICA ENTERPRISE INSTALLATION INSTRUCTIONS FOR USE WITH TERMINAL SERVER

EMC ViPR Controller Add-in for Microsoft System Center Virtual Machine Manager

Advanced Service Design

/ Preparing to Manage a VMware Environment Page 1

NovaBACKUP xsp Version 15.0 Upgrade Guide

TECHNICAL NOTE. The following information is provided as a service to our users, customers, and distributors.

Table of Contents. CHAPTER 1 About This Guide CHAPTER 2 Introduction CHAPTER 3 Database Backup and Restoration... 15

Deep Freeze and Microsoft System Center Configuration Manager 2012 Integration

NSi Mobile Installation Guide. Version 6.2

Transcription:

Managing user roles in SCVMM

How to Create a Delegated Administrator User Role... 2 To create a Delegated Administrator user role... 2 Managing User Roles... 3 Backing Up and Restoring the VMM Database... 4 To back up the VMM database... 4 To restore the VMM database on the same computer... 4 To restore the VMM database on a different computer... 5 How to Create a Delegated Administrator User Role... 6 To create a Delegated Administrator user role... 6 How to Create a Self-Service User Role... 6 To create a self-service user role... 7 How to Modify a User Role... 9 How to Remove a User Role... 9 How to Create a Delegated Administrator User Role / To create a Delegated Administrator user role Page 1

How to Create a Delegated Administrator User Role The delegated administrator user role grants users administrator permissions within a defined scope. To create a Delegated Administrator user role 1. In the VMM Administrator Console, in User Roles view, click New User Role in the Actions pane. 2. Complete the New User Role Wizard. Wizard Page General Add Members Select Scope Action Type a User role name and Description, and then select Delegated Administrator in the User Role Profile list. Click Add and then type the names of the Active Directory users or groups you want to add to this role. Select the host groups and library servers that you want to enable members of the user role to manage. Summary Review the user role settings. To change settings, click Previous. To create the User Role, click Create. Use the View Script button to display the Windows PowerShell - Virtual Machine Manager cmdlets that will perform the operation. All administrative tasks in Virtual Machine Manager can be performed at the command line or scripted. How to Create a Delegated Administrator User Role / To create a Delegated Administrator user role Page 2

Managing User Roles With System Center Virtual Machine Manager (VMM) 2008 and VMM 2008 R2, you manage the administrative permissions your users have by creating user roles. The profile of the user role determines what actions a user can perform. The scope of the user role determines which objects the users are able to manage. There are three user roles: User Role Administrator Permissions Able to perform all actions in the VMM Administrator Console. Members of this user role can create new Delegated Administrator and Self-Service user roles. Only members of the Administrator user role can add additional members. The Administrator user role is created when you install VMM. By default, the user who performs the VMM installation is added to the Administrator user role and all accounts in the local Administrators security group are also automatically added. Delegated Administrator Self-Service User Able to perform most actions in the VMM Administrator Console, but only within the scope defined in the role. Members of this user role can create new Delegated Administrator and Self-Service user roles but cannot modify VMM settings. Able to use the VMM Self-Service Portal to perform tasks on their virtual machines as defined in the user role. Members of this user role cannot create new user roles. Important In VMM 2008 R2, VMM preserves changes made to role definitions or role memberships in the root scope of the Hyper-V authorization store. All changes to any other scope are overwritten every half hour by the VMM user role refresher. This differs from user role processing in VMM 2008. In VMM 2008, VMM determines access to virtual machines, hosts, and resources based solely on the rights and permissions associated with VMM user roles. VMM 2008 does not make any changes to Hyper-V role definitions and role memberships; it simply ignores the Hyper- V authorization store while the hosts and virtual machines are under its management. For more information about user roles and scopes, see Role-Based Security in VMM (http://go.microsoft.com/fwlink/?linkid=119337). Managing User Roles / To create a Delegated Administrator user role Page 3

Backing Up and Restoring the VMM Database The Virtual Machine Manager (VMM) database is a SQL Server database that contains all VMM configuration information. It is important to back up the VMM database regularly as part of a comprehensive backup plan for protecting all VMM data, including data on hosts, virtual machines, and library servers. Besides using the tools provided in VMM, you can also use SQL Server Management Studio to back up and restore the VMM database. To back up the VMM database 1. In Administration view, click General, and then, in the Actions pane, click Back up Virtual Machine Manager. 2. In the Virtual Machine Manager Backup dialog box, type the path for a destination folder for the backup file. The folder must not be a root directory and must be accessible to the SQL Server. You can follow the status of the backup in Jobs view. Use the following procedures to perform data recovery and reassociate managed computers in your VMM environment. Which procedure you use depends on whether you are restoring to the same physical computer or to a different computer. To restore the VMM database on the same computer 1. To restore the VMM database, on the computer you are restoring the VMM database to, run the SCVMMrecover.exe tool from the command line. The scvmmrecover.exe tool is located on the system drive on the following path: \Program Files\Microsoft System Center Virtual Machine Manager 2008 R2\bin\scvmmrecover.exe. 2. On the VMM database computer, open a command-prompt window with elevated privileges, and then run the SCVMMrecover.exe tool using the following syntax, SCVMMRecover [-Path <location>] [-Confirm]. 3. If the physical computer that you are restoring the VMM database on has the same System Identification Number (SID) as the computer it was on before, you must perform the following steps: a. In the VMM Administrator Console, in Hosts view, do the following: Remove any hosts that were removed from VMM since the last backup was created. For more information, see How to Remove a Host (http://go.microsoft.com/fwlink/?linkid=121827). If a host has been removed from VMM after the last backup was created, it will have a status of Needs Attention in Hosts view, and any virtual machines on that host will have a status of Host Not Responding in Virtual Machines view. Add back any hosts that were added since the last update. For more information, see Adding Hosts. b. In the VMM Administrator Console, in Virtual Machines view, remove any virtual machines that were removed from VMM since the last backup was created. For more Backing Up and Restoring the VMM Database / To back up the VMM database Page 4

information, see How to Remove a Virtual Machine (http://go.microsoft.com/fwlink/?linkid=121825). If a host is present but has a virtual machine that was removed since the last backup, the virtual machine will have a status of Missing in Virtual Machines view. To restore the VMM database on a different computer 1. To restore the VMM database, on the computer you are restoring the VMM database to, run the scvmmrecover.exe tool from the command line. The scvmmrecover.exe tool is located system drive on the following path: \Program Files\Microsoft System Center Virtual Machine Manager 2008 R2\bin\scvmmrecover.exe. 2. On the VMM database computer, open a Command Prompt window with elevated privileges, and then run the scvmmrecover.exe tool using the following syntax, SCVMMRecover [-Path <location>] [-Confirm]. 3. If the physical computer that you are restoring the VMM database on is different from the original computer and has a different System Identification Number (SID), you must perform the following steps: a. In the VMM Administrator Console, in Administration view, do the following: i. Click Managed Computers, and, in the results pane, identify any managed computers with a status of Access Denied. ii. Click a managed computer with a status of Access Denied, and then, in the Actions pane, click Reassociate. b. In the VMM Administrator Console, in Hosts view, do the following: Remove any hosts that were removed from VMM since the last backup was created. For more information, see How to Remove a Host (http://go.microsoft.com/fwlink/?linkid=121827). If a host has been removed from VMM after the last backup was created, it will have a status of Needs Attention in Hosts view and Access Denied in Managed Computers, and any virtual machines on that host will have a status of Host Not Responding in Virtual Machines view. Add back any hosts that were added since the last update. For more information, see Adding Hosts. c. In the VMM Administrator Console, in Virtual Machines view, remove any virtual machines that were removed from VMM since the last backup was created. For more information, see How to Remove a Virtual Machine (http://go.microsoft.com/fwlink/?linkid=121825). If a host is present but has a virtual machine that was removed since the last backup, the virtual machine will have a status of Missing in Virtual Machines view. Backing Up and Restoring the VMM Database / To restore the VMM database on a different computer Page 5

How to Create a Delegated Administrator User Role The delegated administrator user role grants users administrator permissions within a defined scope. To create a Delegated Administrator user role 1. In the VMM Administrator Console, in User Roles view, click New User Role in the Actions pane. 2. Complete the New User Role Wizard. Wizard Page General Add Members Select Scope Action Type a User role name and Description, and then select Delegated Administrator in the User Role Profile list. Click Add and then type the names of the Active Directory users or groups you want to add to this role. Select the host groups and library servers that you want to enable members of the user role to manage. Summary Review the user role settings. To change settings, click Previous. To create the User Role, click Create. Use the View Script button to display the Windows PowerShell - Virtual Machine Manager cmdlets that will perform the operation. All administrative tasks in Virtual Machine Manager can be performed at the command line or scripted. How to Create a Self-Service User Role The self-service user role grants users permissions to create, operate, manage, store, create checkpoints for, and connect to their own virtual machines through the Virtual Machine Manager Self-Service Portal. For more information about creating and managing self-service user roles, see Role-Based Security in VMM (http://go.microsoft.com/fwlink/?linkid=145061). How to Create a Delegated Administrator User Role / To create a Delegated Administrator user role Page 6

To create a self-service user role 1. In the VMM Administrator Console, in User Roles view, click New User Role in the Actions pane. 2. Complete the New User Role Wizard. Wizard Page Action General Add Members Type a User role name and Description, then select Self Service User in the Profile list. Click Add and then type the names of the users or groups you want to add to this role. Select Scope Select the host groups on which users will deploy their virtual machines. Virtual Machine Permissions Virtual Machine Creation Settings Select the actions that you want to allow the members of this group to perform on virtual machines. You can select All actions, or grant a set of actions by selecting one or more of the following: Start Stop Pause and resume Checkpoint Allows the user to create and remove checkpoints, and to restore their virtual machines to a previous checkpoint. For more information, see About Checkpoints (http://go.microsoft.com/fwlink/?linkid=162783). Remove Allows the user to remove virtual machines, deleting the configuration files. Local Administrator Allows the user to set the local administrator password when creating a virtual machine so that the user has administrator rights and permissions on the virtual machine. Remote connection Allows the user to remotely control the virtual machine. Shut down You can allow the members of the self-service user group to create virtual machines, assign virtual machine templates for the self-service users to use, and optionally set a virtual machine quota to limit the number of virtual machines the users can deploy at one time. If you select Allow users to create new virtual machines, you must specify a template that users will use to create their virtual machines. To add templates: 1. Click Add. The Select a Template dialog box displays the templates that are available in the Virtual Machine Manager library. 2. To add a template, select the template and click OK. For information about creating templates, see Working with Virtual Machine Templates (http://go.microsoft.com/fwlink/?linkid=163002). To set a virtual machine quota: 1. Select Set quota for deployed virtual machines. How to Create a Self-Service User Role / To create a self-service user role Page 7

2. In Maximum quota points allowed for this user role, specify how many quota points the users in this role will be allowed. This will allow each user in this user role to create virtual machines until they have reached this quota. To limit the user role as a group to the maximum quota points, select the Share quota across user role members check box. This will allow the group to create virtual machines until the group has reached the quota, regardless of how many points each individual has deployed. The virtual machine template determines the number of quota points assigned to each virtual machine that is created from it. Library Settings You can grant members of the self-service user group access to a library share. If you allow the self-service users to store their virtual machines on a library share, the stored virtual machines do not count against any virtual machine quota that you set when allowing self-service users to create a virtual machine. The virtual machines are stored on the path that you specify on an existing library share. The self-service users do not know the physical location of their stored virtual machines. For information about adding library servers and shares, see Adding File-Based Resources to the Library (http://go.microsoft.com/fwlink/?linkid=162788). If you select Allow users to store virtual machines in a library, you need to specify where to store the virtual machines. Additionally, you can allow users to attach ISO images to their virtual machines by selecting a Library path that contains ISO images. 1. Select the library server and share from the Select the library server and library share that will store users virtual machines and available ISOs list. 2. To specify a path for the virtual machines on the selected library server, click Browse by the Library path field, and then navigate to the folder where you want to store the virtual machines. To allow users to attach ISO images to their virtual machines, select the folder containing the ISO images the users should have access to. The Select Destination Folder dialog box shows only folders within designated library shares. For information about adding shares to a library server, see How to Add Library Shares (http://go.microsoft.com/fwlink/?linkid=162801). Summary Review the User Role settings. To change settings, click Previous. To create the User Role, click Create. Use the View Script button to display the Windows PowerShell - Virtual Machine Manager cmdlets that will perform the operation. All administrative tasks in Virtual Machine Manager can be performed at the command line or scripted. How to Create a Self-Service User Role / To create a self-service user role Page 8

How to Modify a User Role 1. From the User Roles view in the VMM Administrator Console, select the user role you want to modify. 2. In the Actions page, click Properties. The User Role Properties open. Modify the settings as needed. 3. On the General tab, you can modify the user role name and description. 4. On the Members tab, you can add members to or remove members from the user group. 5. On the Scope tab, select which host groups or library servers the members of the user role can manage. For more information, see How to Set the Scope for a User Role. 6. For self-service user roles, you can modify the following properties: On the VM Permissions tab, determine which actions users can take on their virtual machines. For more information, see How to Grant Virtual Machine Permissions for Self-Service Users. On the Create VM tab, optionally enable the self-service users to create their own virtual machines. For more information, see How to Enable Self-Service Users to Create Virtual Machines. On the Store VM tab, optionally allow users to store their virtual machines when they are not in use. You can allow users to attach ISO images to their virtual machines by specifying a library path that contains ISO images. For more information, see How to Enable Self-Service Users to Store Virtual Machines. How to Remove a User Role To delete a user role, remove the role from its group. 1. From the User Roles view in the VMM Administrator Console, select the user role you want to remove. The Administrator user role cannot be removed. 2. In the Actions pane, click Remove. 3. Verify that you want to remove the user role. How to Modify a User Role / To create a self-service user role Page 9

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information