⁠Chapter 5. Lab 5 - Managing Multi-Level Administrators

This lab introduces you to Red Hat Enterprise Virtualization's multi-level administration system. Multi-level administration presents a hierarchy of permissions that can be configured to provide finely grained levels of permissions as required by your enterprise. You have already been partially introduced to this system when you granted permissions to users on virtual machines and data centers in the Power User Portal chapter.

Permissions enable users to perform actions on objects, where objects are either individual objects or container objects. Any permissions that apply to a container object also apply to all members of that container. For example, when a host administrator role is applied to a user on a specific host, the user will have permissions to perform any of the available host operations, but on the assigned host only. However, if a host administrator role is applied on a data center to a user, the user will gain permissions to perform host operations on all hosts within the cluster of the data center. If there are additional host clusters in the data center, the user will not be able to make changes to the hosts.

This lab assumes that you have successfully completed the basic labs. You should have correctly installed and configured Red Hat Enterprise Virtualization, and have several user accounts in the IdM, AD, or RHDS domain.