Administering the application may require at least the following tasks:
* Start / Stop / Recycle services (either via command or Windows Computer Management)
* Start / Stop / Recycle application plugins like engines, SD servers, RC servers, etc.
* RDP (Remote Access Protocol) Access to Domain Managers, Scalability Servers and Agent computers.
* Enable / Restore trace levels for all the modules, for a particular facility or for a particular process.
* Change Client Administrator policies via command line.
* Extract / Modify the comstore of the application containing the current policy settings.
* Install / Modify / Reinstall / Repair existing or new modules of the Application.
* Start / Stop / Recycle via command or Windows Service auxiliary low level linked communication products like CAM (CA-Messaging, CSAM, etc).
* SQL Server dbowner access on the MDB database as some times we may require SQL Server interaction to trace problems, like adding, updating or modifying rows to some tables, reindexing and database maintenance, trigger manupulation, views manupulation, etc.
All these tasks require Local Administrator privileges, that is why the user account for the administrator of the ITCM application must be a Local Administrator of the computer the ITCM Domain Manager is installed on.
This is by product design as all the services and plugins are running with LSA (Local System Account) context and the interaction executables to CAF (the Common Application Framework) have been also designed to be managed by local administrators only.