Because of the security implications of this feature, the system administrator needs to grant this permission to named users and/or groups before it can be used.
The vsmserver service controls whether a user requesting to shadow another user is authorized to do so. The configuration parameter /shadowing/allowed_shadowers from the /opt/thinlinc/etc/conf.d/shadowing.hconf file is read by the vsmserver service on startup. This parameter is described in detail in /shadowing/allowed_shadowers .
After the configuration variable has been set, the vsmserver service needs to be restarted before the change is made active.