Object-specific privileges control operations on specific types of inventory objects. Roles that contain object-specific privileges can be applied to access groups. In a Cloud Pod Architecture environment, roles that contain certain object-specific privileges are applicable to federation access groups.
The following table describes the object-specific privileges. The predefined roles Administrators, Local Administrators, Help Desk Administrators, and Inventory Administrators contain these privileges.
| Privilege | User Capabilities | Object |
|---|---|---|
| Enable Farms and Desktop Pools | Enable and disable desktop pools. | Desktop pool, application pool, farm |
| Entitle Desktop and Application Pools | Add and remove user entitlements. | Desktop pool, application pool |
| Manage Cloud Pod Architecture | Configure and manage a Cloud Pod Architecture environment, including global entitlements, sites, home sites, and pods. To manage a Cloud Pod Architecture configuration, an administrator must have this privilege on the root federation access group. |
Desktop pool, application pool, farm, machine, global entitlements |
| Manage Global Sessions | Manage global sessions in a Cloud Pod Architecture environment. | Global sessions |
| Manage Maintenance Operations on Automated Desktops and Farms | Schedule push image, schedule maintenance, and change the default image for a desktop pool and farm. | Desktop pool, farm |
| Manage Machine | Perform all machine and session-related operations. | Machine |
| Manage Farms and Desktop and Application Pools | Add, modify, and delete farms. Add, modify, delete, and entitle desktop and application pools. Add and remove machines. | Desktop pool, application pool, farm |
| Manage Sessions | Disconnect and log off sessions and send messages to users. | Session |
| Manage Reboot Operation | Reset virtual machines or restart virtual desktops. | Machine |
| Manage Help Desk (Read only) | Read-only access to the Horizon Help Desk Tool, global settings, and global policies, except for administrators and roles and Cloud Pod Architecture configurations. | Desktop pool, application pool, farm, machine, session, global entitlements, global sessions |
