Host Access Manager Update Lockdown Exceptions

Host Access Manager Update Lockdown Exceptions

Update the list of users which are exceptions for lockdown mode.

Usually these are user accounts used by third party solutions and external applications which need to continue to function in lockdown mode. It is not advised to add user accounts used by human operators, because this will compromise the purpose of lockdown mode.

Both local and domain users are supported. The format for domain accounts is "DOMAIN\login".

When this API is called when the host is in lockdown mode, the behaviour is as follows:

  • if a user is removed from the exceptions list, then the permissions of that user are removed.
  • if a user is added to the exceptions list, then the permissions of that user are restored.

Required privileges: Global.Settings

Request
URI
POST
https://{vcenter-host}/sdk/vim25/{release}/HostAccessManager/{moId}/UpdateLockdownExceptions
COPY
Path Parameters
string
moId
Required

The unique identifier for the managed object to which the method attaches; the serialized managed object reference for a request has the form moType/moId, in this case HostAccessManager/{moId}.

string
release
Required

The vSphere release schema. The current specification covers vSphere 8.0.3.0 APIs.


Request Body
UpdateLockdownExceptionsRequestType of type(s) application/json
Required
{
    "users": [
        "string"
    ]
}
array of string
users
Optional

the new list of lockdown mode exceptions.

Authentication
This operation uses the following authentication methods.
Responses
204

No Content

Operation doesn't return any data structure

500

AuthMinimumAdminPermission: if the user invoking the operation is not present in the new list of exceptions.

UserNotFound: if one of the specified users is not found.

Returns VimFault of type(s) application/json
This response body class contains all of the following: MethodFault
{
    "_typeName": "string",
    "faultCause": "MethodFault Object",
    "faultMessage": [
        {
            "_typeName": "string",
            "key": "string",
            "arg": [
                {
                    "_typeName": "string",
                    "key": "string",
                    "value": {
                        "_typeName": "string"
                    }
                }
            ],
            "message": "string"
        }
    ]
}