Assign global permissions in the Consolidated SDDC to the operations service account svc-vdp so that you can manage and perform backups by using vSphere Data Protection.

About this task

The svc-vdp user has access rights that are specifically required for performing backups vCenter Server inventory.


  • Verify that the Consolidated vCenter Server is connected to the Active Directory domain.

  • Verify that the users and groups from the rainpole.local domain are available on the Consolidated vCenter Server.


  1. Log in to vCenter Server by using the vSphere Web Client.
    1. Open a Web browser and go to https://sfo01w01vc01.sfo01.rainpole.local/vsphere-client.
    2. Log in using the following credentials.



      User name




  2. From the Home menu, select Administration.
  3. Assign global permissions to the svc-vdp@rainpole.local service account.
    1. In the vSphere Web Client, select navigate Administration from the Home menu and click Global Permissions under Access Control.
    2. On the Manage tab, click the Add Permission icon.
    3. In the Global Permissions Root - Add Permission dialog box, click the Add button to associate a user or a group with a role.
    4. In the Select Users/Groups dialog box, from the Domain drop-down menu, select rainpole.local, in the filter box type svc, and press Enter.
    5. From the list of users and groups, select the svc-vdp user, click Add button, and click OK.
    6. In the Global Permissions Root - Add Permission dialog box, from the Assigned Role drop-down menu, select vSphere Data Protection User, select Propagate to children, and click OK.