Update from Brad Ascar:
This is the info we have from Engineering as a quick answer on the minimal permission set. This is not tested and not verified by our QE, but a quick look through code by Eng they think the following *should* be safe. Anything not working is on the team/customer.
* Cancel task
* Log event
* Set custom attribute
I removed Diagnostics and Settings from this list, Diagnostics should only be needed by the host user for smartstate, not for the vSphere user. I don't think we ever needed Settings but I could be wrong.
With some changes we could probably remove the need to enable any global permissions which is I think where a lot of the concern comes from.
Check all privileges for the following:
* Datastore cluster
* Distributed switch
* Profile-driven storage (if your VC is 5.5 or newer)
* Scheduled task
* Virtual Machine
Hey Mike, what info do you need from me?
(In reply to Adam Grare from comment #6)
> Hey Mike, what info do you need from me?
Hi Adam, I have attached to the case the updated Vmware privilege from DHS in response to what Brad has provided to us. Can you please review the list?
I also need an advice if I need to proceed with the support exception.