Assign global permissions to the operations service account svc-vdp so that you can manage and perform backups by using vSphere Data Protection.

The svc-vdp user has access rights that are specifically required for performing backups of vCenter Server inventory.

Prerequisites

  • Verify that the Management vCenter Server for Region A are connected to the Active Directory domain.

  • Verify that the users and groups from the rainpole.local domain are available on the Management vCenter Server or Region A.

Procedure

  1. Log in to vCenter Server by using the vSphere Web Client.
    1. Open a Web browser and go to https://mgmt01vc01.sfo01.rainpole.local/vsphere-client.
    2. Log in using the following credentials.

      Setting

      Value

      User name

      administrator@vsphere.local

      Password

      vsphere_admin_password

  2. From the Home menu, select Administration.
  3. Assign global permissions to the svc-vdp@rainpole.local service account.
    1. In the vSphere Web Client, select navigate Administration from the Home menu and click Global Permissions under Access Control.
    2. On the Manage tab, click Add Permission.
    3. In the Global Permissions Root - Add Permission dialog box, click Add to associate a user or a group with a role.
    4. In the Select Users/Groups dialog box, from the Domain drop-down menu, select rainpole.local, in the filter box type svc, and press Enter.
    5. From the list of users and groups, select the svc-vdp user, click Add, and click OK.




    6. In the Global Permissions Root - Add Permission dialog box, from the Assigned Role drop-down menu, select vSphere Data Protection User, select Propagate to children, and click OK.

      The global permissions of the svc-vdp service account propagate to all linked vCenter Server instances.