Both vCenter Server and ESX/ESXi hosts use the same structured security model to grant users the ability to manage portions of the virtual infrastructure. This model consists of users, groups, roles, privileges, and permissions, as shown in Figure 9.1.
The items that differ between the non–vCenter Server environment and the vCenter Server environment are predominantly in the following two areas:
The location of the user and group objects created
The level of granularity of the roles and privileges available in each environment
For environments that don't have vCenter Server, or where the administrator chooses to have users authenticate directly to the ESX/ESXi hosts to perform management ...