|Service Console - Sudoers (Super Users)|
Sudo can be used to remove the necessity of using the 'root' user for commands requiring super user privileges. It will also then log what commands each user has ran in /var/log/secure. To set this up you needs to do the following:
1. Login to the ESX server as 'root' at the console.
2. Create a group called 'esxadmins':
3. Edit the group file and add the required users (see active directory authentication for users):
4. Add the new 'esxadmins' group to the sudoers file:
5. Test it
Login as the unprivileged user and run a command that requires super user:
Change to the root user without knowing the root password:
NOTE: You will have to enter your unprivileged user password when prompted.