A new Flexera Community experience is coming on November 25th. Click here for more information.
Hi Flexera team,
Physical host information can be viewed on the "Inventory Device Properties" screen of Flexera one, as shown in the attachment.
When installing Flexera one only in a specific partition in an environment provided by a private cloud, is it possible to set this information (IP address, domain name, etc.) so that it cannot be viewed from the management screen?
Please advise.
Thanks much in advance,
Joan
Oct 30, 2023 07:33 PM
I think that you can hide this information from the users with a given custom role by using the Disallow/Deny options available:
Please refer to Creating a Role for detailed documentation.
Thanks,
Nov 06, 2023 05:23 AM
Hello @JohnSorensenDK , happy to chat again with you!
I am wondering if @JoanTSW does not face a slightly different issue: a user can see a specific VMs, but should have no right on the host (that is linked to an unauthorized corporate unit for instance)...
If you create a role (Like John suggests) that gives access to inventory (not what john suggests) but is focused on specific corporate units, locations or cost center that the VMs belong to but not the host, he will not be able to see the host details. However, by design, the user will still see the host's name in the VM row in all inventory screen...
Hope it helps,
Nicolas
Nov 09, 2023 12:20 PM - edited Nov 09, 2023 12:23 PM
Hi @JohnSorensenDK and @nrousseau1 thanks for your input replies.
So understood that by design, the user will still see the host's name in the VM row in all inventory screen.
However the user needs to consider a different perspective.
The user uses the Virtual Machine provided by other vendor.
They want to use Flexera Agent on the VM, but the vendor doesn't want to provide them about physical host information.
The vendor said "Try to use ESX query and check the output file. The file include physical host IP address and ESX license key. We cannot provide the output file to you due to security and compliance risk "
Therefore they would like to make it possible to not obtain information, rather than making it impossible to refer to it.
Is there a better way to achieve this? Kindly advise.
Thanks much in advance,
Joan
Nov 13, 2023 01:01 PM
I think there's no out-of-the-box option to hide this data during inventory.
Depending on which party collects the inventory, you could try to manipulate the resulting inventory files with a script to remove unwanted information.
Nov 14, 2023 01:12 AM
Hello @JoanTSW , I get your point, that's tricky indeed, as Markward says, obfuscating the data upstream would be the solution.
Is this an on premises installation? By tweaking the Computer.xml step (in Managesoft reader or writer), you can certainly modify Host names and IP Addresses.
If this is a cloud implementation, the data needs to be changed before it is uploaded to the cloud batch processing server. This means changing the way the data is called in the vCenter integration (more complex as the files where the PowerShell (?) script are contained are compiled), the reader logic must be changed or the NDIs generated must be parsed and modified before they are uploaded. This is less simple than modifying the reader.
I can help on this.
Best regards,
Nicolas
Nov 16, 2023 11:02 AM