The predefined administrator roles combine all of the individual privileges required to perform common administration tasks. You cannot modify the predefined roles.

1 describes the predefined roles and indicates whether a role can be applied to an access group.

Table 1. Predefined Roles in View Administrator

Role

User Capabilities

Applies to an Access Group

Administrators

Perform all administrator operations, including creating additional administrator users and groups. In a Cloud Pod Architecture environment, administrators that have this role can configure and manage a pod federation and manage remote pod sessions.

Administrators that have the Administrators role on the root access group are super users because they have full access to all of the inventory objects in the system. Because the Administrators role contains all privileges, you should assign it to a limited set of users. Initially, members of the local Administrators group on your View Connection Server host are given this role on the root access group.

Important:

An administrator must have the Administrators role on the root access group to perform the following tasks:

  • Add and delete access groups.

  • Manage ThinApp applications and configuration settings in View Administrator.

  • Use the vdmadmin , vdmimport, and lmvutil commands.

Yes

Administrators (Read only)

  • View, but not modify, global settings and inventory objects.

  • View, but not modify, ThinApp applications and settings.

  • Run all PowerShell commands and command line utilities, including vdmexport but excluding vdmadmin, vdmimport and lmvutil.

In a Cloud Pod Architecture environment, administrators that have this role can view inventory objects and settings in the Global Data Layer.

When administrators have this role on an access group, they can only view the inventory objects in that access group.

Yes

Agent Registration Administrators

Register unmanaged machines such as physical systems, standalone virtual machines, and RDS hosts.

No

Global Configuration and Policy Administrators

View and modify global policies and configuration settings except for administrator roles and permissions, and ThinApp applications and settings.

No

Global Configuration and Policy Administrators (Read only)

View, but not modify, global policies and configuration settings except for administrator roles and permissions, and ThinApp applications and settings.

No

Inventory Administrators

  • Perform all machine, session, and pool-related operations.

  • Manage persistent disks.

  • Resync, Refresh, and Rebalance linked-clone pools and change the default pool image.

When administrators have this role on an access group, they can only perform these operations on the inventory objects in that access group.

Yes

Inventory Administrators (Read only)

View, but not modify, inventory objects.

When administrators have this role on an access group, they can only view the inventory objects in that access group.

Yes

Local Administrators

Perform all local administrator operations, except for creating additional administrator users and groups. In a Cloud Pod Architecture environment, administrators that have this role cannot perform operations on the Global Data Layer or manage sessions on remote pods.

Yes

Local Administrators (Read Only)

Same as the Administrators (Read Only) role, except for viewing inventory objects and settings in the Global Data Layer. Administrators that have this role have read-only rights only on the local pod.

Yes