Sessions privileges control the ability of extensions to open sessions on the vCenter Server system.

You can set this privilege at different levels in the hierarchy. For example, if you set a privilege at the folder level, you can propagate the privilege to one or more objects within the folder. The object listed in the Required On column must have the privilege set, either directly or inherited.

Session Privileges

Privilege Name

Description

Required On

Sessions.Impersonate user

Allow impersonation of another user. This capability is used by extensions.

Root vCenter Server

Sessions.Message

Allow setting of the global log in message.

Root vCenter Server

Sessions.Validate session

Allow verification of session validity.

Root vCenter Server

Sessions.View and stop sessions

Allow viewing sessions and forcing log out of one or more logged-on users.

Root vCenter Server