diff --git a/vmware/manifests/server.pp b/vmware/manifests/server.pp
index 7121466..deb12ee 100644
--- a/vmware/manifests/server.pp
+++ b/vmware/manifests/server.pp
@@ -37,6 +37,26 @@ class vmware::server {
 	}
     }
 
+    if $vmware_admin_group {
+        file { "/etc/vmware/ssl/rui.key":
+	    ensure  => present,
+	    source  => "${puppet_ssldir}/private_keys/${fqdn}.pem",
+	    mode    => 0640,
+	    owner   => root,
+	    group   => $vmware_admin_group,
+	    require => [ Service["vmware"],
+                         Class["puppet::client"], ],
+	    notify  => Exec["restart-vmware-mgmt"],
+        }
+
+        exec { "restart-vmware-mgmt":
+            command     => "/etc/init.d/vmware-mgmt restart && sleep 10",
+            path        => "/bin:/usr/bin:/sbin:/usr/sbin",
+            user        => root,
+            refreshonly => true,
+        }
+    }
+
 }
 
 
@@ -48,6 +68,11 @@ class vmware::server {
 #
 class vmware::server::certs {
 
+    case $vmware_admin_group {
+        "":      { $real_vmware_admin_group = "root" }
+        default: { $real_vmware_admin_group = $vmware_admin_group }
+    }
+
     file { "/etc/vmware/ssl":
 	ensure  => directory,
 	mode    => 0755,
@@ -65,18 +90,7 @@ class vmware::server::certs {
 	require => [ File["/etc/vmware/ssl"],
 		     Class["puppet::client"], ],
 	before  => Service["vmware"],
-	notify  => Service["vmware"],
-    }
-    file { "/etc/vmware/ssl/rui.key":
-	ensure  => present,
-	source  => "${puppet_ssldir}/private_keys/${fqdn}.pem",
-	mode    => 0600,
-	owner   => root,
-	group   => root,
-	require => [ File["/etc/vmware/ssl"],
-		     Class["puppet::client"], ],
-	before  => Service["vmware"],
-	notify  => Service["vmware"],
+	notify  => Exec["restart-vmware-mgmt"],
     }
 
 }
@@ -163,10 +177,15 @@ class vmware::server::vmfs {
 #
 define vmware::server::datastore($device, $type = "auto", $options = "defaults") {
 
-   include vmware::server::vmfs
+    include vmware::server::vmfs
 
-   if $type == "auto" {
-	$server = regsubst($device, '^([a-zA-Z0-9\-]+):(/.+)$', '\1')
+    case $vmware_admin_group {
+        "":      { $real_vmware_admin_group = "root" }
+        default: { $real_vmware_admin_group = $vmware_admin_group }
+    }
+
+    if $type == "auto" {
+        $server = regsubst($device, '^([a-zA-Z0-9\-]+):(/.+)$', '\1')
 	if $server == $device {
 	    $fstype = $type
 	    if $device == regsubst($device, '^(/dev/).+$', '\1') {
@@ -184,9 +203,15 @@ define vmware::server::datastore($device, $type = "auto", $options = "defaults")
 
     file { "/vmfs/volumes/${name}":
 	ensure  => directory,
-	mode    => 0755,
+	mode    => $fstype ? {
+            nfs     => 0755,
+            default => 0775,
+        },
 	owner   => root,
-	group   => root,
+	group   => $fstype ? {
+            nfs     => "root",
+            default => $real_vmware_admin_group,
+        },
 	require => File["/vmfs/volumes"],
     }