An administrator is tasked with giving the security team non-destructive rights to see how the connection servers have been configured.
What privilege is needed to meet the requirement?
An administrator is tasked with giving the security team non-destructive rights to see how the connection servers have been configured.
What privilege is needed to meet the requirement?
The privilege needed to meet the requirement is 'Global Configuration and Policy Administrators (Read only)'. This role allows the security team to view global configuration settings and policies without making any changes, which fulfills the need for non-destructive rights to see how the connection servers have been configured.
https://docs.vmware.com/en/VMware-Horizon/2103/horizon-console-administration.pdf
https://docs.vmware.com/en/VMware-Horizon-7/7.13/horizon-administration/GUID-ADC0577C-C1EF-485D-814B-43DF17D5F2C4.html
"View, but not modify, global policies and configuration settings except for administrator roles and permissions, and ThinApp applications and settings." I don't think A is correct cause they wont be able to see Thin Apps applications and settings.
A Global Configuration and Policy Administrators View and modify global policies and configuration settings except for administrator roles and permissions
Tested in my LAB: * Global Configuration and Policy Administrators (Read only) Description: Administration users with read-only rights for global View Configuration settings and policies. https://docs.vmware.com/en/VMware-Horizon/2103/horizon-console-administration.pdf (Pag. 116)
View, but not modify, global settings and inventory objects. View, but not modify, ThinApp applications and settings. Run all PowerShell commands and command line utilities, including vdmexport but excluding vdmadmin, vdmimport and lmvutil. In a Cloud Pod Architecture environment, administrators that have this role can view inventory objects and settings in the Global Data Layer. When administrators have this role on an access group, they can only view the inventory objects in that access group