Assigning Permissions with ESXCLI
Starting with vSphere 6.0, a set of ESXCLI commands allows you to:
You can list, remove, and set permissions for a user or group, as shown in the following example.
esxcli system permission list
The system displays permission information. The second column indicates whether the information is for a user or group.
Principal Is Group Role
ABCDEFGH\esx^admins true Admin
dcui false Admin
root false Admin
vpxuser false Admin
test1 false ReadOnly
Set permissions for a user or group. Specify the ID of the user or group, and set the --group option to true to indicate a group. Specify one of three roles, Admin, ReadOnly and NoAccess.
excli system permission set --id test1 -r ReadOnly
esxcli permission remove --id test1
You can manage accounts with the following commands:
esxcli system account add
esxcli system account set
esxcli system account list
esxcli system account remove