To increase the security and manageability of your View environment, you should follow best practices when managing administrator users and groups.

  • Create new user groups in Active Directory and assign View administrative roles to these groups. Avoid using Windows built-in groups or other existing groups that might contain users who do not need or should not have View privileges.

  • Keep the number of users with View administrative privileges to a minimum.

  • Because the Administrators role has every privilege, it should not be used for day-to-day administration.

  • Because it is highly visible and easily guessed, avoid using the name Administrator when creating administrator users and groups.

  • Create access groups to segregate sensitive desktops and farms. Delegate the administration of those access groups to a limited set of users.

  • Create separate administrators that can modify global policies and View configuration settings.