When you open a desktop and select a role, you get all of the access rights associated with that role. Depending on how the role is configured, those access rights may be limited to running applications with locally elevated privileges or include access to remote servers on the network. The Centrify icon in the system Notification Area always displays the current Local and Network roles you are using. However, it is up to the administrator to decide whether network access rights should be included in roles that grant desktop access rights.
If roles granting network access rights are defined separately from roles that include desktop access rights, you might have to select your local and network roles separately. In some cases, you might also need to select more than one network role to work with multiple remote computers. To handle these more complex situations, you can use the Advanced View to select the appropriate combination of local and network roles.
To view and select your local and network roles for a desktop:
- Open a new desktop.
In the Select Role dialog box, click Advanced View.
If there are any network roles listed, those roles grant network access rights for specific remote computers. For example, if you are assigned separate roles with network access rights to two separate SQL Server instances, you might see the roles with network access rights listed separately from your roles with local desktop access rights.
In this example, the DesktopAdmin role is a local role that has desktop access rights but does not include any network access rights. By selecting both MS SQL Server-Finance and MS SQL Server‑West network roles, you can create a single local desktop that has remote network access to both SQL Server instances. Alternatively, you could create separate desktops for accessing each SQL Server instance. You can left-click on the Centrify icon in the system Notification Area to view the roles you have selected so that you know whether you have network access rights for one SQL Server instance or both.
- For the local role, select a role that grants desktop access rights or application access rights on the local computer.
Type the password for your login account, if you are prompted for it, then click OK.
If your administrator has enabled multi-factor authentication, complete the additional authentication challenges after entering your password.