Host configuration privileges control the ability to configure hosts.

You can set this privilege at different levels in the hierarchy. For example, if you set a privilege at the folder level, you can propagate the privilege to one or more objects within the folder. The object listed in the Required On column must have the privilege set, either directly or inherited.

Table 1. Host Configuration Privileges
Privilege Name in the vSphere Client Description Required On Privilege Name in the API
  • Configuration
    • Advanced Settings

Allows setting advanced host configuration options.

Hosts

Host.Config.AdvancedConfig
  • Configuration
    • Authentication Store

Allows configuring Active Directory authentication stores.

Hosts

Host.Config.AuthenticationStore
  • Configuration
    • Change PciPassthru settings

Allows changes to PciPassthru settings for a host.

Hosts

Host.Config.PciPassthru
  • Configuration
    • Change SNMP settings

Allows changes to SNMP settings for a host.

Hosts

Host.Config.Snmp
  • Configuration
    • Change date and time settings

Allows changes to date and time settings on the host.

Hosts

Host.Config.DateTime
  • Configuration
    • Change settings

Allows setting of lockdown mode on ESXi hosts.

Hosts

Host.Config.Settings
  • Configuration
    • Connection

Allows changes to the connection status of a host (connected or disconnected).

Hosts

Host.Config.Connection
  • Configuration
    • Firmware

Allows updates to the ESXi host's firmware.

Hosts

Host.Config.Firmware
  • Configuration
    • GuestStore settings
Allows changes to the GuestStore. GuestStore repository Host.Config.GuestStore
  • Configuration
    • Hyperthreading

Allows activating and deactivting hyperthreading in a host CPU scheduler.

Hosts

Host.Config.HyperThreading
  • Configuration
    • Image configuration

Allows changes to the image associated with a host.

Host.Config.Image
  • Configuration
    • Maintenance

Allows putting the host in and out of maintenance mode and shutting down and restarting the host.

Hosts

Host.Config.Maintenance
  • Configuration
    • Memory configuration

Allows modifications to the host configuration.

Hosts

Host.Config.Memory
  • Configuration
    • NVDIMM
Allows reading and configuring Non-Volatile DIMMs.

Hosts

Host.Config.Nvdimm
  • Configuration
    • Network configuration

Allows configuration of network, firewall, and vMotion network.

Hosts

Host.Config.Network
  • Configuration
    • Power

Allows configuration of host power management settings.

Hosts

Host.Config.Power
  • Configuration
    • ProductLocker settings
Allows configuration of the ESXi productlocker folder.

Hosts

Host.Config.ProductLocker
  • Configuration
    • Quarantine
Allows putting a host into Quarantine mode.

Hosts

Host.Config.Quarantine
  • Configuration
    • Query patch

Allows querying for installable patches and installing patches on the host.

Hosts

Host.Config.Patch
  • Configuration
    • Security profile and firewall

Allows configuration of Internet services, such as SSH, Telnet, SNMP, and of the host firewall.

Hosts

Host.Config.NetService
  • Configuration
    • Storage partition configuration

Allows VMFS datastore and diagnostic partition management. Users with this privilege can scan for new storage devices and manage iSCSI.

Hosts

Host.Config.Storage
  • Configuration
    • System Management

Allows extensions to manipulate the file system on the host.

Hosts

Host.Config.SystemManagement
  • Configuration
    • System resources

Allows updates to the configuration of the system resource hierarchy.

Hosts

Host.Config.Resources
  • Configuration
    • Virtual machine autostart configuration

Allows changes to the auto-start and auto-stop order of virtual machines on a single host.

Hosts

Host.Config.AutoStart