- Getting Started with XenCenter
- Exploring the XenCenter Workspace
- About XenServer Licensing
- Getting Help
- Managing Servers
- Managing Pools
- Managing Storage
- Creating VMs
- Configuring VMs
- Managing VMs
- Importing and Exporting VMs
- VM Snapshots
- XenServer vApps
- Protecting VMs and vApps
- Access Control (AD & RBAC)
- Workload Balancing Overview
- Monitoring System Performance
- Updates and Upgrades
- Troubleshooting
This content has been machine translated dynamically.
Dieser Inhalt ist eine maschinelle Übersetzung, die dynamisch erstellt wurde. (Haftungsausschluss)
Cet article a été traduit automatiquement de manière dynamique. (Clause de non responsabilité)
Este artículo lo ha traducido una máquina de forma dinámica. (Aviso legal)
This content has been machine translated dynamically.
This content has been machine translated dynamically.
This content has been machine translated dynamically.
This article has been machine translated.
Deze artikel is machinaal vertaald. (Haftungsausschluss)
Ce article a été traduit automatiquement. (Clause de non responsabilité)
Este artículo ha sido traducido automáticamente. (Aviso legal)
この記事は機械翻訳されています.
이 기사는 기계 번역되었습니다.
Este artigo foi traduzido automaticamente.
这篇文章已经过机器翻译.
Translation failed!
Calculating RBAC roles
When I log in, how does XenServer compute the roles for the session?
- The Active Directory server authenticates the subject. During authentication, Active Directory also determines if the subject belongs to any other containing groups in Active Directory.
- XenServer then verifies which roles have been assigned to (a) the subject and (b) to any Active Directory groups to which it is a member.
- XenServer applies the highest level of permissions to the subject. Because subjects can be members of multiple Active Directory groups, they will inherit all of the permissions of the associated roles.
In this illustration, since Subject 2 (Group 2) is the Pool Operator and User 1 is a member of Group 2, when Subject 3 (User 1) tries to log in, he or she inherits both Subject 3 (VM Operator) and Group 2 (Pool Operator) roles. Since the Pool Operator role is higher, the resulting role for Subject 3 (User 1) is Pool Operator and not VM Operator.