Latest Posts



Translate

Total Pageviews

Wednesday, 3 December 2014

vCLI and Lockdown Mode

For additional security, an administrator can place one or more hosts managed by a vCenter Server system in lockdown mode. Lockdown mode affects login privileges for the ESXi host.
The root user can always log in directly to the ESXi host's direct console to disable lockdown mode. If the direct console is disabled, the administrator on the vCenter Server system can disable lockdown mode. If the host is not managed by a vCenter Server system or if the host is unreachable, you must reinstall ESXi.
You can use the vSphere Client or vCLI commands that support the --vihost option. The following commands cannot run against vCenter Server systems and are therefore not available in lockdown mode:
The vSphere Security documentation discusses lockdown mode in detail.
Info taken from VMware Documentation