Cloud and Datacenter Management Blog

Microsoft Hybrid Cloud blogsite about Management

User Roles in System Center Virtual Machine Manager 2012

by Leave a comment


You can create user roles in System Center 2012 – Virtual Machine Manager (VMM) to define the objects that users can manage and the management operations that users can perform. The following table summarizes the capabilities of each user role in VMMM :

User Role Descriptions for VMM

VMM User Role Capabilities
Administrator Members of the Administrators user role can perform all administrative actions on all objects that VMM manages.Administrators have sole responsibility for these features of VMM:

  • Only administrators can add stand-alone XenServer hosts and XenServer clusters (known as pools) to VMM management.
  • Only administrators can add a Windows Server Update Services (WSUS) server to VMM to enable updates of the VMM fabric through VMM.

To change the members of the Administrator user role, see How to Add Users to the Administrator User Role.
Delegated Administrator Members of Delegated Administrator user roles can perform all administrative tasks within their assigned host groups, clouds, and library servers, except for adding XenServer and adding WSUS servers.To create a delegated administrator, see How to Create a Delegated Administrator User Role.
Self-Service User Members of Self-Service User roles create, deploy, and manage their own virtual machines and services by using the VMM console or a Web portal. The Self-Service User role:

  • Specifies the private clouds to which their virtual machines and services are deployed and the actions that the users can take.
  • Grants access to logical and physical resources in the library and on their own user data paths.
  • Sets quotas on virtual machines and computing resources.
  • Specifies whether PRO tips can be viewed and implemented.

For more information, see How to Create a Self-Service User Role in VMM.
Read-Only Administrator Read-only administrators can view status, job status, and properties of objects within their assigned host groups, clouds, and library servers. The user role also specifies the Run As accounts that the read-only administrator can view.To create a read-only administrator, see How to Create a Read-Only Administrator User Role.

Author: James van den Berg

I'm Microsoft Architect and ICT Specialist and Microsoft MVP Cloud and Datacenter Management Microsoft MVP Windows Insider Microsoft Tech Community Insider Microsoft Azure Advisor

Leave a comment

This site uses Akismet to reduce spam. Learn how your comment data is processed.