Create read-only user in VMware vCenter 6.7

by Daniel Pham
Published: Updated:

In this article, I will guide you to create read-only user in VMware vCenter 6.7. Currently, many companies use VMware ESXi as their internal virtualization platform.

The need to create a user with read-only rights in vCenter will usually be used to monitor the system.

Create user monitor on vCenter

Why do you need to do this, if you want to monitor your company’s VMware system; You don’t want to use vCenter’s admin user to monitor, right?

You need a user who only has read-only rights in vCenter, not admin rights.

Create user monitor in vCenter

To create a user for monitoring, on vCenter, go to menu Administrator -> Users and Groups.

At the Users tab,  you create a new user, for example in the demo I named it monitor.

Create read-only user in VMware vCenter 6.7
Create user monitor in vCenter.

Create a group for user monitor

Next step, you need to create a group for user monitor. If you do not do this step, you may encounter the error below.

Unable to login because you do not have permission on any vCenter Server systems connected to this client

The cause of the above error is because the user monitor does not belong to any system group in vCenter.

To create a new group, also at the Users and Groups menu, switch to the Groups tab and click create a new group (for example, I named it MonitorVcenter).

Then, you add user monitor to this group.

Create read-only user in VMware vCenter 6.7
Create a group for user monitor.

Assign read-only permission to user monitor

Now comes the step of assigning read-only rights to the monitor user. You need this user to only have the right to read information from vCenter and not have the right to operate the system on vCenter.

At the Administrator menu, scroll to the top of the Global Permissions section. Then, press the plus button (+) and add a user monitor with Read-only permission as shown below.

Create read-only user in VMware vCenter 6.7
Assign read-only permission to user monitor.

Now, you can open your browser and try to login to vCenter with the read-only user monitor you just created above. You will want to make sure that this user cannot do anything on the system, including console access to the virtual machine.


Actually, creating a read-only user in vCenter is not too difficult. However, in cases where it is necessary to use it (such as a monitor), you will also have to know how to create a read-only user. For those who rarely work with VMware ESXi, you may have a little difficulty doing it.

0 0 votes
Article Rating

You may also like

Notify of
Inline Feedbacks
View all comments

DevOps Lite is a personal blog specializing in technology with main topics about DevOps, DevSecOps, SRE and System Administrator. Articles are shared for free and contributed to the community.



Subscribe my Newsletter for new blog posts. Stay updated from your inbox!

© 2021-2024 – All rights reserved.

Please write sources “” when using articles from this website.

This website uses cookies to improve your experience. We'll assume you're ok with this, but you can opt-out if you wish. Accept Read More

Would love your thoughts, please comment.x

Adblock Detected

Please support us by disabling your AdBlocker extension from your browsers for our website.