Host Configuration Privileges

Host configuration privileges control the ability to configure hosts.

You can set this privilege at different levels in the hierarchy. For example, if you set a privilege at the folder level, you can propagate the privilege to one or more objects within the folder. The object listed in the Required On column must have the privilege set, either directly or inherited.

Table 1. Host Configuration Privileges
Privilege Name in the vSphere Client	Description	Required On	Privilege Name in the API
Configuration Advanced Settings	Allows setting advanced host configuration options.	Hosts	Host.Config.AdvancedConfig
Configuration Authentication Store	Allows configuring Active Directory authentication stores.	Hosts	Host.Config.AuthenticationStore
Configuration Change PciPassthru settings	Allows changes to PciPassthru settings for a host.	Hosts	Host.Config.PciPassthru
Configuration Change SNMP settings	Allows changes to SNMP settings for a host.	Hosts	Host.Config.Snmp
Configuration Change date and time settings	Allows changes to date and time settings on the host.	Hosts	Host.Config.DateTime
Configuration Change settings	Allows setting of lockdown mode on ESXi hosts.	Hosts	Host.Config.Settings
Configuration Connection	Allows changes to the connection status of a host (connected or disconnected).	Hosts	Host.Config.Connection
Configuration Firmware	Allows updates to the ESXi host's firmware.	Hosts	Host.Config.Firmware
Configuration GuestStore settings	Allows changes to the GuestStore.	GuestStore repository	Host.Config.GuestStore
Configuration Hyperthreading	Allows activating and deactivting hyperthreading in a host CPU scheduler.	Hosts	Host.Config.HyperThreading
Configuration Image configuration	Allows changes to the image associated with a host.		Host.Config.Image
Configuration Maintenance	Allows putting the host in and out of maintenance mode and shutting down and restarting the host.	Hosts	Host.Config.Maintenance
Configuration Memory configuration	Allows modifications to the host configuration.	Hosts	Host.Config.Memory
Configuration NVDIMM	Allows reading and configuring Non-Volatile DIMMs.	Hosts	Host.Config.Nvdimm
Configuration Network configuration	Allows configuration of network, firewall, and vMotion network.	Hosts	Host.Config.Network
Configuration Power	Allows configuration of host power management settings.	Hosts	Host.Config.Power
Configuration ProductLocker settings	Allows configuration of the ESXi productlocker folder.	Hosts	Host.Config.ProductLocker
Configuration Quarantine	Allows putting a host into Quarantine mode.	Hosts	Host.Config.Quarantine
Configuration Query patch	Allows querying for installable patches and installing patches on the host.	Hosts	Host.Config.Patch
Configuration Security profile and firewall	Allows configuration of Internet services, such as SSH, Telnet, SNMP, and of the host firewall.	Hosts	Host.Config.NetService
Configuration Storage partition configuration	Allows VMFS datastore and diagnostic partition management. Users with this privilege can scan for new storage devices and manage iSCSI.	Hosts	Host.Config.Storage
Configuration System Management	Allows extensions to manipulate the file system on the host.	Hosts	Host.Config.SystemManagement
Configuration System resources	Allows updates to the configuration of the system resource hierarchy.	Hosts	Host.Config.Resources
Configuration Virtual machine autostart configuration	Allows changes to the auto-start and auto-stop order of virtual machines on a single host.	Hosts	Host.Config.AutoStart