Sessions privileges control the ability of extensions to open sessions on the vCenter Server system.

You can set this privilege at different levels in the hierarchy. For example, if you set a privilege at the folder level, you can propagate the privilege to one or more objects within the folder. The object listed in the Required On column must have the privilege set, either directly or inherited.

Note: Assign Sessions privileges only to administrators or trusted users.
Table 1. Session Privileges
Privilege Name Description Required On
Sessions.Impersonate user

Allows impersonation of another user. This capability is used by extensions.

Root vCenter Server

Sessions.Message

Allows setting of the global login message.

Root vCenter Server

Sessions.Validate session

Allows verification of session validity.

Root vCenter Server

Sessions.View and stop sessions

Allows viewing sessions and forcing log out of one or more logged-on users.

Root vCenter Server