To increase the security and manageability of your Horizon 7 environment, you should follow best practices when managing administrator users and groups.
Create new user groups in Active Directory and assign administrative roles to these groups. Avoid using Windows built-in groups or other existing groups that might contain users who do not need or should not have Horizon 7 privileges.
Keep the number of users with Horizon 7 administrative privileges to a minimum.
Because the Administrators role has every privilege, it should not be used for day-to-day administration.
Because it is highly visible and easily guessed, avoid using the name Administrator when creating administrator users and groups.
Create access groups to segregate sensitive desktops and farms. Delegate the administration of those access groups to a limited set of users.
Create separate administrators that can modify global policies and Horizon 7 configuration settings.