VMware Solutions Discussions

cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

VMware Solutions Discussions

Ask a Question

cDOT - VSC vs. System Manager

renem
NetApp
‎2013-05-17 05:45 AM
3,076 Views

Hi volks,

I am here at a customer to implement the VSC with a cDOT System bellow. The customer has here two different department.

One for the whole vSphere environment and one for the storage environment. Of course both department knows the vsc-user

and the password to access the storage system. 

After reading a lot of documentation it is not a good idea to give the vsc-user only access to the vserver management IP address

due to a lot of restrictions in the VSC like 

• NFS path checking 

• Reports on space that is shared by volumes using data deduplication 

• EMS logging 

• Storage-side log collections for the nSANity Diagnostic and Configuration Data Collector program 

Unfortunately the vsc-user must have access to the cluster management IP. 

AND here begins the problem.

If the vsc-user has access to the cluster management IP, even it is read only, all the vSphere guys can install the System Manager

(ok - if they have the .exe) , can login into the cluster, can read and watch all the stuff and can ask tons of stupid questions !

Everyone have experience with this problem, or have a solution, even it is only a workaround ?

Regards,

Rene

0 Kudos
1 REPLY 1

wehrli
NetApp
‎2013-05-24 09:22 AM
3,076 Views

have the same issue..

there is the possibility to restrict the ip-access list with -firewall policy- on the cluster, but then system manager can be installed on allowed IP and it works again. so maybe there is no way to allow ontapi for the vsc-user using vsc-plugin, but not for the system-manager (application / user blocking).

regards

thomas

0 Kudos
Announcements
All Community Forums
Public