Assign vCenter Single Sign-On administrative global permissions to the operations service account svc-srm so you can manage, pair, and perform orchestrated disaster recovery operations between the management vCenter Server instances by using Site Recovery Manager. 


  • Verify that the Management Platform Services Controllers for Region A and Region B are connected to the Active Directory domain.
  • Verify that the users and groups from the rainpole.local domain are available in Region A and Region B.


  1. Log in to vCenter Server by using the vSphere Web Client.
    1. Open a Web browser and go to https://sfo01m01vc01.sfo01.rainpole.local/vsphere-client.
    2. Log in using the following credentials.
      Setting Value
      User name administrator@vsphere.local
      Password vsphere_admin_password
  2. Add the svc-srm@rainpole.local service account to the Single Sign-On administrators group.
    1. From the Home menu, select Administration > Single Sign-On > Users and Groups.
    2. On the Groups tab under the vCenter Users and Groups page, click the Administrators group.
    3. Under Group Members, click the Add Member icon.
      The Add Principals dialog box appears.
    4. From the Domain drop-down menu, select rainpole.local, in the filter box type svc, and press Enter.
    5. From the User/Group list, select the svc-srm user, click Add, and click OK.


The global vCenter Single Sign-On administrative permissions of the svc-srm account propagate to all other linked vCenter Server instances.