上QQ阅读APP看书,第一时间看更新
Run As accounts in VMM
Run As accounts are very useful additions to enterprise environments. These accounts are used to store credentials that allow you to delegate tasks to other administrators and self-service users without exposing sensitive credentials.
By using Windows Data Protection API ( DPAPI), VMM provides OS-level data protection when storing and retrieving the Run As account.
There are several different categories of Run As accounts:
- Host computer: This is used to provide access to Hyper-V and VMware ESXi hosts
- BMC: This is used to communicate with BMC on the host computer,
for out-of-band management or power optimization - Network device: This is used to connect to network load balancers
- Profile: This is to be used for service creation in the OS and application profiles as well as SQL and host profiles
- External: This is to be used for external systems such as System Center
Operations Manager
Only administrators or delegated administrators can create and manage Run As accounts.
During the installation of the VMM management server, you will be requested to use distributed key management ( DKM) to store encryption keys in Active Directory Domain Services ( AD DS).