Chapter 11. User Management

All XenServer installations come with a single predefined user, root. Because root is by definition a highly privileged user and provides access to services within the only privileged domain in a XenServer environment, it’s very common for administrators to wish additional users be defined. In this chapter, we’ll cover the concepts of Roles Based Authentication Controls (RBAC) and how they are used to provide granular user rights without granting everyone “root” access.

Enabling Roles Based Authentication

Problem

A multiuser administration environment is desired.

Solution

XenServer has a rich roles-based administration environment suitable for most data center operations.

Discussion

After installation, the root user is the only user that exists for a XenServer. Regardless of other authentication methods, the root user account will always have access to XenServer via SSH, through XenCenter, or through other administration tools built on the Xen API. This is because root uses local authentication on a XenServer, not via any outside or third-party, user-based authentication.

Because the creation of additional user space accounts will result in their deletion ...

Get XenServer Administration Handbook now with the O’Reilly learning platform.

O’Reilly members experience live online training, plus books, videos, and digital content from nearly 200 publishers.