Users and administrators require certain account permissions to install and manage App Volumes components.
User Accounts
- To integrate App Volumes with vCenter Server, you must create a service account within a vCenter Server with administrator privileges. Optionally, you can create a service account with privileges granted by a custom user role.
- If you plan to use a direct connection to the ESXi host or plan to use the Mount to Host option with a vCenter Server connection, you must have administrator privileges on all ESXi hosts.
Active Directory Credentials
- Provides read access to the Active Directory domain. Administrator privileges are not required.
- Has a password that does not expire.
If your environment contains domains that are configured for one-way or two-way trust, you can configure separate credentials to access these domains. These credentials are used when connecting to any trust instead of the primary domain credentials.
Administrators Group
Access to the App Volumes Manager is restricted to the App Volumes administrators group. When you perform the initial configuration, you must provide the name of the Active Directory security group that will have access to the App Volumes Manager.
Local administrator privileges are required for the following actions:
- Install App Volumes components on target servers.
- Use writable volumes with user-installed applications.
- Package Application Packages.
The Active Directory service account user is not required to be an administrator.