If there is a catastrophic failure, the DCUI.Access advanced option allows you to exit lockdown mode when you cannot access the host from vCenter Server. You add users to the list by editing the Advanced Settings for the host from the vSphere Web Client.
Note: Users in the DCUI.Access list can change lockdown mode settings regardless of their privileges. The ability to change lockdown modes can impact the security of your host. For service accounts that need direct access to the host, consider adding users to the Exception Users list instead. Exception users can only perform tasks for which they have privileges. See
Specify Lockdown Mode Exception Users.