Object-specific privileges control operations on specific types of inventory objects. Roles that contain object-specific privileges can be applied to access groups.
The following table describes the object-specific privileges. The predefined roles Administrators and Inventory Administrators contain all of these privileges.
| Privilege | User Capabilities | Object |
|---|---|---|
| Enable Farms and Desktop Pools | Enable and disable desktop pools. | Desktop pool, farm |
| Entitle Desktop and Application Pools | Add and remove user entitlements. | Desktop pool, application pool |
| Manage Maintenance Operations on Automated Desktops and Farms | Recompose, refresh, rebalance, schedule push image, schedule maintenance and change the default image for a desktop pool and farm. | Desktop pool, farm |
| Manage Machine | Perform all machine and session-related operations. | Machine |
| Manage Persistent Disks | Perform all persistent disk operations, including attaching, detaching, and importing persistent disks. | Persistent disk |
| Manage Farms and Desktop and Application Pools | Add, modify, and delete farms. Add, modify, delete, and entitle desktop and application pools. Add and remove machines. | Desktop pool, application pool, farm |
| Manage Sessions | Disconnect and log off sessions and send messages to users. | Session |
| Manage Reboot Operation | Reset virtual machines or restart virtual desktops. | Machine |
