Manage users to control who is authorized to log in to ESXi.

Users and roles control who has access to the ESXi host components and what actions each user can perform.

In vSphere 5.1 and later, ESXi user management has the following caveats .

  • The users created when you connect directly to an ESXi host are not the same as the vCenter Server users. When the host is managed by vCenter Server, vCenter Server ignores users created directly on the host.

  • You cannot create ESXi users by using the vSphere Web Client. You must log in to the host directly with the VMware Host Client to create ESXi users .

  • ESXi 5.1 and later does not support local groups. However, Active Directory groups are supported.

To prevent anonymous users, such as root, from accessing the host with the Direct Console User Interface (DCUI) or ESXi Shell, remove the user's administrator privileges on the root folder of the host. This applies to both local users and Active Directory users and groups.