Required privileges depend on the CLI that you are using and on the command that you want to run. For example, for most certificate management operations, you have to an Administrator for the local vCenter Single Sign-On domain (vsphere.local by default). Some commands are available for all users.
- dir-cli
- You must be a member of the Administrators group in the local domain (vsphere.local by default) to run dir-cli commands. If you do not specify a user name and password, you are prompted for the password for the administrator of the local vCenter Single Sign-On domain, [email protected] by default.
- vecs-cli
- Initially, only the store owner and users with blanket access privileges have access to a store. Users in the Administrators group on Windows and root users on Linux have blanket access privileges.