To ensure that vRealize Suite Lifecycle Manager can deploy and manage SDDC components on the management domain vCenter Server inventory in the additional VMware Cloud Foundation instance, you assign account permissions to the service account for communication from the vRealize Suite Lifecycle Manager instance in the first VMware Cloud Foundation instance to vSphere in the additional VMware Cloud Foundation instance.

UI Procedure

  1. Log in to the management domain vCenter Server in the additional VMware Cloud Foundation instance at https://<vcenter_server_fqdn>/ui as administrator@vsphere.local.

  2. Select Menu > Administration.

  3. In the left pane, select Access control > Global permissions.

  4. Click the Add permission icon, configure the settings according to your values in the VMware Cloud Foundation Planning and Preparation Workbook, select Propagate to children, and click OK.

PowerShell Procedure

  1. Start Windows PowerShell.

  2. Replace the values in the sample code with values from your VMware Cloud Foundation Planning and Preparation Workbook and run the commands in the PowerShell console.

    $sddcManagerFqdn = "lax-vcf01.lax.rainpole.io"
$sddcManagerUser = "administrator@vsphere.local"
$sddcManagerPass = "VMw@re1!"

$domainUser = "administrator"
$domainUserPass = "VMw@re1!"

$ssoUsername = "svc-xint-vrslcm01-lax-m01-vc01"
$vrslcmVsphereRoleName = "vRealize Suite Lifecycle Manager to vSphere Integration"

  3. Perform the configuration by running the command in the PowerShell console.

    Add-vCenterGlobalPermission -server $sddcManagerFqdn -user $sddcManagerUser -pass $sddcManagerPass -domain vsphere.local -domainBindUser $domainUser -domainBindPass $domainUserPass -principal $ssoUsername -role $vrslcmVsphereRoleName -propagate true -type user -localDomain