Setting up users, groups, and permissions consists of these tasks:

1. Get information about privilege requirements and privileges associated with system and sample roles.
   • Find out which operations on vSphere objects require which privileges. See the API Reference.
   • Find out which operations the system roles and sample roles can perform. See Description of Roles on vSphere Servers.
2. If necessary, create additional roles (sets of privileges). See Modifying Sample Roles to Create New Roles.
3. Retrieve information about existing users and groups (see Obtaining User and Group Information from UserDirectory) and create additional groups if needed.
4. Associate users or groups with roles using permissions. See Managing Roles and Permissions with AuthorizationManager.

At runtime, use SessionManager to log in to the server. vCenter Servers support single sign-on sessions. To establish a single sign-on session, use the SessionManager.LoginByToken method. To establish a session with a standalone ESXi host, use the SessionManager.Login method.