VCP5-DT Objective 2.8 – Configure Role-Based Administrators

Objective 2.8 – Configure Role-Based Administrators

For this objective I used the following resources:

  • VMware View Administration documentation

Identify Required Folders

The only “required” folder for View is the ‘root’ folder (or ‘/’). The root folder by default is where all desktop pools are created:

Pic1

Create View Folders for Delegated Administration and Roles

Set Permissions on a Folder

Step 1 – Connect and login into the VMware View Administrator console:

LogIn

Step 2 – Under “View Configuration” select “Administrators”. In the right hand pane click the “Folders” tab and click the “Add Folder” button:

pic2a

Step 3 – Provide a folder name:

pic3a

Step 4 – Select the newly created folder and click “Add Permission”:

pic4a

Step 5 – On the “Add Permission” dialog click “Add”:

pic5a

Step 6 – Locate the user or group you want to add:

pic6a

Step 7 – Click “Next”:

pic7a

Step 8 – Select the role you want to provide to user or group:

pic8a

Step 9 – When finished you can see the role you added as well those being inherited:

pic9a

Create the Administrator Roles

Step 1 – Connect and login into the VMware View Administrator console:

LogIn

Step 2 – Under “View Configuration” select “Administrators”. In the right hand pane click the “Roles” tab and click the “Add Role” button:

pic2b

Step 3 – In the “Add Role” dialog provide a Name and Description for the new role. Select the desired privileges to be configured for the role:

pic3b

The available privileges are highlighted in the charts below:

Global Privileges

Privilege

User Capabilities

Predefined Roles

Console Interaction Log in to and use View Administrator Administrators
Administrators (Read Only)
Inventory Administrators
Inventory Administrators (Read Only)
Global Configuration and Policy Administrators
Global Configuration and Policy Administrators (Read Only)
Direct Interaction Run all PowerShell commands and command line utilities, except for vdmadmin and vdmimport
Administrators must have the Administrators role on the root folder to use the vdmadmin and vdmimport commands
Administrators
Administrators (Read Only)
Manage Global Configuration and Policies View and modify global policies and configuration settings except for administrator roles and permissions Administrators
Global Configuration and Policy Administrators
Manage Roles and Permissions Create, modify, and delete administrator roles and permissions Administrators
Register Agent Install View Agent on unmanaged desktop sources such as physical systems, standalone virtual machines, and terminal servers. During View Agent installation, you must provide your administrator login credentials to register the unmanaged desktop source with the View Connection Server instance Administrators
Agent Registration Administrators

 

Object Specify Privileges

Privilege

User Capabilities

Object

Enable Pool Enable and disable desktop pools Desktop pool
Entitle Pool Add and remove user entitlements Desktop pool
Manage Composer Pool Image Resync, Refresh, and Rebalance linked-clone pools and change the default pool images Desktop pool
Manage Desktop Perform all desktop and session-related operations Desktop
Manage Local Sessions Roll back and initiate replications for local desktops Desktop
Manage Persistent Disks Perform all View Composer persistent disk operations, including attaching, detaching, and importing persistent disks. Persistent disk
Manage Pool Add, modify, and delete desktop pools and add and remove desktops Desktop pool
Manage Remote Sessions Disconnect and log off remote sessions and send messages to desktop users Desktop
Manage Reboot Operation Reset desktops Desktop

 

-Jason

%d bloggers like this: