Assign vCenter Single Sign-On administrative, global permissions to the operations service account svc-vr so that you can manage and configure virtual machine replication for disaster recovery operations between the management vCenter Server instances by using vSphere Replication.


  • Verify that the Management Platform Services Controllers for Region A and Region B are connected to the Active Directory domain.

  • Verify that the users and groups from the rainpole.local domain are available in Region A and Region B.


  1. Log in to vCenter Server by using the vSphere Web Client.
    1. Open a Web browser and go to https://mgmt01vc01.sfo01.rainpole.local/vsphere-client.
    2. Log in using the following credentials.



      User name




  2. From the Home menu, select Administration.
  3. Assign the service account svc-vr@rainpole.local to the Single Sign-On Administrators group
    1. In the vSphere Web Client, navigate to Administration and click Users and Groups.
    2. On the Groups tab, click the Administrators group and click the Add Membericon under Group Members.
    3. In the Add Principals dialog box, from the Domain drop-down menu, select rainpole.local, in the filter box type svc, and press Enter.
    4. From the list of users and groups, select the svc-vr user, click Add, and click OK.


The global vCenter Single Sign-On administrative permissions of the svc-vr account propagates to all other linked vCenter Server instances.