You must verify that you have the roles and credentials to install vRealize Automation components.

vCenter Service Account

If you plan to use a vSphere endpoint, you need a domain or local account that has the appropriate level of access configured in vCenter.

Virtual Appliance Installation

To deploy the Identity Appliance and the vRealize Appliance, you must have administrator privileges on the deployment platform (for example, vSphere administrator credentials).

During the deployment process, you specify the passwords for the virtual appliance administrator accounts and the system administrator account. These accounts provide access to the Identity Appliance and vRealize Appliance management consoles where you configure and administer the virtual appliances.

IaaS Installation

Before installing IaaS components, add the user under which you plan to execute the IaaS installation programs to the Administrator group on the installation host.

IaaS Database Credentials

You can create the database using the installation wizard or create it manually by running the provided scripts. If you use the complete install option to create a minimal installation, you must create the database using the installer.

When you use the IaaS installer to create or populate the IaaS database the following requirements apply:

  • If you use the installer to create the database and select Use Windows Authentication, the credentials under which you executed the installer must have the sysadmin role in SQL Server to create and alter the size of the database.

  • If you use the installer to create the database and do not select Use Windows Authentication, you must provide SQL credentials with the sysadmin role. If you do not use Windows authentication, the credentials you provide are used only for database creation (not for run-time access after initial creation).

  • If you use the installer to populate a pre-created database, the user credentials you provide (either the current Windows user or the specified SQL user) needs only dbo privileges for the IaaS database.

vRealize Automation users also require the correct level of Windows authentication access to log in and use vRealize Automation. The machine from which the user authenticates using Windows Authentication must be joined to the domain in which the vRealize Automation Identity Appliance is configured. See Configure the Identity Stores for the Default Tenant.

IaaS Service User Credentials

IaaS installs several Windows services that share a single service user.

The following requirements apply to the service user for IaaS services:

  • The user must be a domain user.

  • The user must have local Administrator privileges on all hosts on which the Manager Service or Web site component is installed. Do not do a workgroup installation.

  • The user is configured with Log on as a service privileges. This privilege ensures that the Manager Service starts and generates log files.

  • The user must have dbo privileges for the IaaS database. If you use the installer to create the database, ensure that the service user login is added to SQL Server prior to running the installer. The installer grants the service user dbo privileges after creating the database.

  • The account under which the installer is running should have the sysadmin role enabled under MSSQL.

  • The Management Agent is installed with LocalSystem (NT AUTHORITY\SYSTEM) built-in Windows Account. For more information about Local System accounts, see the Microsoft article

  • The domain user account that you plan to use as the IIS application pool identity for the Model Manager Web Service is configured with Log on as batch job privileges.

Model Manager Server Specifications

Always specify the Model Manager server name by using a fully qualified domain name (FQDN). Do not use an IP address to specify the server.