An administrator must have certain privileges to perform general administration tasks and run command line utilities.
The following table shows the privileges that are required to perform general administration tasks and run command line utilities.
| Task | Required Privileges |
|---|---|
| Add or delete an access group | Must have the Local Administrators role or Administrators role on the root access group for deleting an access group. Must have the Inventory Administrators or Local Administrators or Administrators role on the root access group. |
| Manage ThinApp applications and settings in Horizon Administrator | Must have the Administrators role on the root access group. |
| Install Horizon Agent on an unmanaged machine, such as a physical system, standalone virtual machine, or RDS host | Register Agent |
| View or modify configuration settings (except for administrators) in Horizon Administrator | Manage Global Configuration and Policies |
| Run all PowerShell commands and command line utilities except for vdmadmin and vdmimport. | Direct Interaction
Note: Starting in
Horizon 7 version 7.10, the Direct Interaction privilege is automatically added to new roles and is not visible in the list of privileges in
Horizon Console.
|
| Use the vdmadmin and vdmimport commands | Must have the Administrators role on the root access group. |
| Use the vdmexport command | Must have the Administrators role or the Administrators (Read only) role on the root access group. |
| Read only access to vCenter Server configuration. | Manage vCenter Configuration (Read only) |
