Users and administrators require certain account permissions to install and manage App Volumes components.

User Accounts

You can create user accounts and grant privileges for different roles. User names must contain only ASCII characters:
  • To integrate App Volumes with vCenter Server, you must create a service account within a vCenter Server with administrator privileges. Optionally, you can create a service account with privileges granted by a custom user role.
  • If you plan to use a direct connection to the ESXi host or plan to use the Mount to Host option with a vCenter Server connection, you must have administrator privileges on all ESXi hosts.

Active Directory Credentials

App Volumes Manager connects to Active Directory using the service account. To prepare for installation, you must create an account within the Active Directory domain that meets the following requirements:
  • Has read access to the Active Directory domain.

    Administrator privileges are not required.

  • Has a password that does not expire.
Note: If a User in a Group belongs to a domain different from the domain of the Group, then the service account must have the following permissions:
  • List contents
  • Read all properties
  • Read all permissions

These permissions must be applied to the User, Group, and the Org Unit where the User and Group are members.

If your environment contains domains that are configured for one-way or two-way trust, you can configure separate credentials to access these domains. These credentials are used when connecting to any trust instead of the primary domain credentials.

Database Credentials

When installing App Volumes Manager, if you select Windows Integrated Authentication as the database connection method and your database server is remotely hosted, then ensure that you can connect to the SQL server from the Windows server (used for App Volumes Manager installation) with Windows Authentication.

Administrators Group

Access to App Volumes Manager is restricted to the App Volumes administrators group. When you perform the initial configuration, you must provide the name of the Active Directory security group that will have access to the App Volumes Manager.

Local administrator privileges are required for the following actions:

  • Install App Volumes components on target servers.
  • Use writable volumes with user-installed applications.
  • Package Application Packages.

The Active Directory service account user is not required to be an administrator.