Secure the vCenter Server Administrator role and assign it only to certain users.

Protect the vCenter Server administrator user from regular use by relying on user accounts associated with specific individuals.


  • Create a user account to manage vCenter Server and assign full vCenter Server administrator privileges to the user. See Managing Permissions for vCenter Components.
  • Remove vCenter Server administrator privileges from the local operating system administrator.


  1. Log in to the vCenter Server system as the vCenter Server administrator you created (for example, vi-admin).
  2. Grant full administrator privileges to the minimum number of individuals required.
  3. Log out as the vCenter Server administrator.

What to do next

Protect the vCenter Server administrator account password. For example, create a password with two halves, each half of which is known to only one person, or lock a printout of the password in a safe.