Chapter 11. User Management

All XenServer installations come with a single predefined user, root. Because root is by definition a highly privileged user and provides access to services within the only privileged domain in a XenServer environment, it’s very common for administrators to wish additional users be defined. In this chapter, we’ll cover the concepts of Roles Based Authentication Controls (RBAC) and how they are used to provide granular user rights without granting everyone “root” access.

Enabling Roles Based Authentication


A multiuser administration environment is desired.


XenServer has a rich roles-based administration environment suitable for most data center operations.


After installation, the root user is the only user that exists for a XenServer. Regardless of other authentication methods, the root user account will always have access to XenServer via SSH, through XenCenter, or through other administration tools built on the Xen API. This is because root uses local authentication on a XenServer, not via any outside or third-party, user-based authentication.

Because the creation of additional user space accounts will result in their deletion ...

Get XenServer Administration Handbook now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.