VCENTER-000005 - Privilege re-assignment must be checked after the vCenter Server restarts.


During a restart of vCenter Server, if the user or user group that is assigned Administrator role on the root folder could not be verified as a valid user/group during the restart, the user/group's permission as Administrator will be removed. In its place, vCenter Server defaults the Administrator role to the local Windows administrators group, to act as a new vCenter Server Administrator. This default administrative assignment must be rectified by re-establishing a legitimate vCenter Server account with an Administrator role.

NOTE: Please review the benchmark to ensure target compliance.


As a Windows Administrator, log in to the vCenter Server and restore a legitimate administrator account per site-specific user/group/role requirements.

Supportive Information

The following resource is also helpful.

This security hardening control applies to the following category of controls within NIST 800-53: Configuration Management.This control applies to the following type of system VMware.