Enable or Disable Lockdown Mode
This section describes how to enable or disable Lockdown mode either from the DCUI or from the vSphere web client.
Note |
Once Lockdown mode is enabled, and if root or administrator@vsphere.local or any other use is not part of the Exception user list, SSH to that ESX is not allowed. Similarly, if the host has been removed from the vCenter for some reason, adding the host back to vCenter is not allowed. |
Enable or Disable Lockdown Mode from the DCUI:
Procedure
Step 1 |
Log directly in to the ESXi host. |
Step 2 |
Open the Direct Console User Interface (DCUI) on the host. |
Step 3 |
Press F2 for Initial Setup. |
Step 4 |
Press Enter to toggle the Configure Lockdown Mode setting. |
Step 5 |
Browse to the host in the vSphere Web Client inventory. |
Enable or Disable Lockdown Mode from the vSphere Web Client:
Procedure
Step 1 |
Browse to the host in the vSphere Web Client inventory. |
Step 2 |
Click the Manage tab and click Settings. |
Step 3 |
Under System, select Security Profile. |
Step 4 |
In the Lockdown Mode panel, click Edit. |
Step 5 |
Click Exception Users and select +Add user to add hxuser (all lowercase). |
Step 6 |
Click Lockdown Mode and select one of the Lockdown mode options. |