Hello,
I’m involved on a View design and I came with something security/management wise with view. We have a requirement that we need to share the view servers with multiple “admins” but those admins cannot manipulate or see in any way other admins pools or base images (Delegation of Desktop Pools).
So I’m creating folders inside view and in vSphere folders and resource pools for them and assigning permissions to those directly for the admins.
If I login to vSphere or view with a scoped account it only sees that whatever folder they have permissions to … so far perfect…
The problem is when they are going to create a new desktop pool they can see and use everybody base images, everybody folders and everybody resource pools… which is what I’m trying to avoid…
I believe this is because the way view connects to vCenter using a specific account that can see everything on vCenter.
Is there a way to configure view administrator to let the inventory admin to only see whatever they have been scoped to on vCenter?
I’m missing something or is not possible?
Thanks