Administrators must have the following privileges:
ACID(CREATE) authority, through the TSS ADMIN function, to CREATE ACIDs under their administrative scope
RESOURCE(OWN) authority, through the TSS ADMIN function, to assign resource ownership to ACIDs within their scope
MISC1, MISC2 and MISC9 authorities, through the TSS ADMIN function, to assign many of the security attributes