Assign global permissions to the operations service account svc-vdp so that you can manage and perform backups by using vSphere Data Protection.
The svc-vdp user has access rights that are specifically required for performing backups of vCenter Server inventory.
Verify that the Management vCenter Server for Region A are connected to the Active Directory domain.
Verify that the users and groups from the rainpole.local domain are available on the Management vCenter Server or Region A.
- Log in to vCenter Server by using the vSphere Web Client.
- Open a Web browser and go to https://mgmt01vc01.sfo01.rainpole.local/vsphere-client.
- Log in using the following credentials.
- From the Home menu, select Administration.
- Assign global permissions to the email@example.com service account.
- In the vSphere Web Client, select navigate Administration from the Home menu and click Global Permissions under Access Control.
- On the Manage tab, click Add Permission.
- In the Global Permissions Root - Add Permission dialog box, click Add to associate a user or a group with a role.
- In the Select Users/Groups dialog box, from the Domain drop-down menu, select rainpole.local, in the filter box type svc, and press Enter.
- From the list of users and groups, select the svc-vdp user, click Add, and click OK.
- In the Global Permissions Root - Add Permission dialog box, from the Assigned Role drop-down menu, select vSphere Data Protection User, select Propagate to children, and click OK.
The global permissions of the svc-vdp service account propagate to all linked vCenter Server instances.