Determine how you will configure VMware Smart Assurance passwords. You can do any or all of the following:
-
Allow the host operating system to validate users. This method provides the highest level of security and is easy to manage because it relies on the security implementation that is already in place. There are two variations: Any valid user can access one of the VMware Smart Assurance levels (All, Monitor, Ping), or specific users can access a specific VMware Smart Assurance security level. Defining specific access requires more maintenance because you must list the user names in the configuration files (serverConnect.conf and clientConnect.conf). The VMware Smart Assurance System Administration Guide defines methods to configure and to secure access for these files.
-
Specify unique passwords for individual users. Consider this method only when there are very few users because it requires a high level of maintenance.
Note:This is less secure than permitting the host to validate users. Plan on using the VMware Smart Assurance password encryption mechanism. The VMware Smart Assurance System Administration Guide provides information on using this encryption mechanism.
-
Specify a common user name with a common password. This method is the least secure, but very easy to maintain. The VMware Smart Assurance System Administration Guide provides information on using this.
Note:You can combine these methods, for example, you could restrict administration (All) capabilities to specific users validated by the operating system. In addition, you could provide Monitor level abilities to a general VMware Smart Assurance user named, Monitor.