Select Menu > Administration.

In the left pane, select Access control > Global permissions.

Click the Add permission icon.

Configure the settings for the service account for application-to-application communication from the Site Recovery Manager adapters in vRealize Operations Manager to vSphere and Site Recovery Manager according to your values in the VMware Cloud Foundation Planning and Preparation Workbook, select the Propagate to children check box, and click OK.

Repeat the steps for the service account for application-to-application communication from the vSphere Replication adapters in vRealize Operations Manager to vSphere and vSphere Replication.

Start Windows PowerShell.

Replace the values in the sample code with values from your VMware Cloud Foundation Planning and Preparation Workbook and run the commands in the PowerShell console.

$sddcManagerFqdn = "sfo-vcf01.sfo.rainpole.io"
$sddcManagerUser = "administrator@vsphere.local"
$sddcManagerPass = "VMw@re1!"

$domainBindUser = "svc-vsphere-ad"
$domainBindPass = "VMw@re1!"

$srmServiceAccount = "vrops-srm"
$srmRole = "Readonly"

$vrmserviceAccount = "vrops-vr"
$vrmRole = "VRM replication viewer"

Perform the configuration by running the command in the PowerShell console.

Add-vCenterGlobalPermission -server $sddcManagerFqdn -user $sddcManagerUser -pass $sddcManagerPass -domain vsphere.local -domainBindUser $domainBindUser -domainBindPass $domainBindPass -principal $srmServiceAccount -role $srmRole -propagate true -type user -localdomain

Add-vCenterGlobalPermission -server $sddcManagerFqdn -user $sddcManagerUser -pass $sddcManagerPass -domain vsphere.local -domainBindUser $domainBindUser -domainBindPass $domainBindPass -principal $vrmserviceAccount -role $vrmRole -propagate true -type user -localdomain