You need to provide a user with the minimal access needed to perform maintenance on the Session Hosts that includes removing the session hosts from the pool and changing the drain mode.
Which role would you provide to the user?
Click on the arrows to vote for the correct answer
A. B. C. D.Correct Answer: B
The session Host operator role allows the user to view and remove the session hosts, even change drain mode.
This role does not allow you to add session hosts through the Azure portal as this role doesn't have the write permissions for host pool objects.
Option A is incorrect.
The User Session Operator allows you to send the messages, disconnect the sessions, and use the "logoff" function to sign sessions out of the session host.
This won't meet the requirements.
Option B is correct.
The session Host operator role allows the user to view and remove the session hosts, even change the drain mode.
Option C is incorrect.
The host pool contributor role will provide the users with more rights than required.
Option D is incorrect.
Desktop Virtualization Contributor will also provide the user with more rights than required.
To know more about Built-in roles for Azure Virtual Desktop, please visit the below-given link:
The role that would provide a user with the minimal access needed to perform maintenance on the Session Hosts that includes removing the session hosts from the pool and changing the drain mode is the Session Host Operator role (option B).
The Session Host Operator role is designed to provide access to manage session hosts in a specific host pool without requiring full administrative access to the entire Azure Virtual Desktop environment. This role is appropriate for users who need to perform maintenance tasks on session hosts but should not have access to manage the host pool or the overall Azure Virtual Desktop environment.
In contrast, the User Session Operator role (option A) is designed to provide access to manage user sessions on session hosts within a host pool. This role is appropriate for users who need to troubleshoot or manage user sessions, but do not need to perform maintenance tasks on session hosts.
The Host Pool Contributor role (option C) is a higher level of access that includes the ability to manage the host pool as well as session hosts within it. This role is appropriate for users who need to manage the overall configuration and management of a host pool.
The Desktop Virtualization Contributor role (option D) is an even higher level of access that includes the ability to manage multiple host pools as well as other Azure resources related to desktop virtualization. This role is appropriate for users who need to manage the overall desktop virtualization environment, including creating and managing host pools, session hosts, and other resources.
Therefore, the Session Host Operator role (option B) is the most appropriate role for a user who needs to perform maintenance tasks on session hosts, such as removing session hosts from the pool and changing the drain mode, without requiring full administrative access to the entire Azure Virtual Desktop environment.