Assign vCenter Single Sign-On administrative global permissions to the operations service account svc-srm so that you can manage, pair and perform orchestrated disaster recovery operations between the management vCenter Server instances by using Site Recovery Manager. 


  • Verify that the Management Platform Services Controllers for Region A and Region B are connected to the Active Directory domain.

  • Verify that the users and groups from the rainpole.local domain are available in Region A and Region B.


  1. Log in to vCenter Server by using the vSphere Web Client.
    1. Open a Web browser and go to https://mgmt01vc01.sfo01.rainpole.local/vsphere-client.
    2. Log in using the following credentials.



      User name




  2. From the Home menu, select Administration.
  3. Add the service account svc-srm@rainpole.local to the Single Sign-On administrators group
    1. In the vSphere Web Client, select Administration from the Home menu and click Users and Groups under Users and Groups.
    2. On the Groups tab, click the Administrators group and click the Add Member icon under Group Members.

    3. In the Add Principals dialog box, from the Domain drop-down menu, select rainpole.local, in the filter box type svc, and press Enter.
    4. From the list of users and groups, select the svc-srm user, click Add, and click OK.


The global vCenter Single Sign-On administrative permissions of the svc-srm account propagate to all other linked vCenter Server instances.