Users and administrators require certain account permissions to install and manage App Volumes components.
You can create user accounts and grant privileges for different roles. User names must contain only ASCII characters:
To integrate App Volumes with vCenter Server, you must create a service account within a vCenter Server with administrator privileges. Optionally, you can create a service account with privileges granted by a custom user role.
If you plan to use a direct connection to the ESXi host or plan to use the Mount to Host option with a vCenter Server connection, you must have administrator privileges on all ESXi hosts.
Active Directory Credentials
The App Volumes Manager connects to Active Directory using the service account. To prepare for installation, you must create an account within the Active Directory domain that meets the following requirements:
Provides read access to the Active Directory domain. Administrator privileges are not required.
Has a password that does not expire.
If your environment contains domains that are configured for one-way or two-way trust, you can configure separate credentials to access these domains. These credentials are used when connecting to any trust instead of the primary domain credentials.
Access to the App Volumes Manager is restricted to the App Volumes administrators group. When you perform the initial configuration, you must provide the name of the Active Directory security group that will have access to the App Volumes Manager.
Local administrator privileges are required for the following actions:
Install App Volumes components on target servers.
Use writable volumes with user-installed applications.
The Active Directory service account user is not required to be an administrator.