TL-DR: See below for details on these commands

Create a local user in the NSX Manager’s CLI, then use the API to grant CLI privileges to that user.

Here’s how using a linux machine:
ssh admin@[nsxmanagerIP]
user vrops-readonly password plaintext notrealpassword
user vrops-readonly privilege web-interface

Log out of the NSX Manager (type exit) and stay logged into the linux machine.
Create cli-auditor.xml that contains this (replace brackets with greater/less than):
[?xml version="1.0" encoding="ISO-8859-1" ?]
[accessControlEntry]
[role]auditor[/role]
[resource]
[resourceId]globalroot-0[/resourceId]
[/resource]
[/accessControlEntry]

Add the user as an auditor in the NSX Manager as a CLI user:
curl -i -k -u 'admin:password' -H "Content-Type: application/xml" -X POST --data "@cli-auditor.xml" https://nsxmanagerip/api/2.0/services/usermgmt/role/vrops-readonly?isCli=true
Add your domain/vCenter user as an auditor in the NSX Manager (NOT as a CLI user):
curl -i -k -u 'admin:password' -H "Content-Type: application/xml" -X POST --data "@cli-auditor.xml" https://nsxmanagerip/api/2.0/services/usermgmt/role/ReadOnly@THEPHUCK.COM?isCli=false

Details for creating the NSX CLI user for vROps

Read More →