Manage users to control who is authorized to log in to ESXi.

In vSphere 5.1 and later, ESXi user management has the following caveats.

  • he users created when you connect directly to an ESXi host are not the same as the vCenter Server users. When the host is managed by vCenter Server, vCenter Server ignores users created directly on the host.

  • You cannot create ESXi users with the vSphere Web Client. You must log directly into the host with the vSphere Client to create ESXi users.

  • ESXi 5.1 and later does not support local groups. However, Active Directory groups are supported.

To prevent anonymous users such as root from accessing the host with the Direct Console User Interface (DCUI) or ESXi Shell, remove the user's administrator privileges on the root folder of the host. This applies to both local users and Active Directory users and groups.