locked
self-service users can mount iso but cannot unmount RRS feed

  • Question

  • I have 3 tenant groups that can mount iso files to vms located in their clouds (via App Controller 2012 SP1) from a library share but cannot unmount them.  Actions granted to them are:  Deploy, Deploy (from template only), local administrator, remote connection, shut down, start, and stop. 

    The library share was originally shared on the server to everyone as read, adminstrators as full control.

    Wednesday, January 8, 2014 2:32 PM

Answers

  • Ok this is not a great solution IMHO.  I believe this functionality needs to be split out.

    The solution for me was granting Deploy (from template), local admin, remote connection, remove, shut down, start, and stop.  Deploy allows mounting of the iso and remove allows unmounting.  Remove also allows vms to be deleted if they are off!!!  I can see the thinking here...self-service tenants with the capability to deploy new vms should also be able to remove them (within their tenant group and fabric space).  However, one size does NOT fit all.  These functions need to be split out for additional fine grain control. 

    ex:  I would love to allow certain application personnel to mount ISOs but NOT to delete vms. 

    • Marked as answer by JasonJohnson9 Wednesday, January 8, 2014 9:36 PM
    Wednesday, January 8, 2014 9:36 PM