Assign global permissions in Region A to the operations service account svc-vdp so that you can manage and perform backups by using vSphere Data Protection.

The svc-vdp user has access rights that are specifically required for performing backups vCenter Server inventory.

Verify that the Management vCenter Server for Region A are connected to the Active Directory domain.

Verify that the users and groups from the rainpole.local domain are available on the Management vCenter Server in Region A.

1

Log in to vCenter Server by using the vSphere Web Client.

a

Open a Web browser and go to https://mgmt01vc01.sfo01.rainpole.local/vsphere-client.

b

Log in using the following credentials.

Setting

Value

User name

administrator@vsphere.local

Password

vsphere_admin_password

2

From the Home menu, select Administration.

3

Assign global permissions to the svc-vdp@rainpole.local service account.

a

In the vSphere Web Client, select navigate Administration from the Home menu and click Global Permissions under Access Control.

b

On the Manage tab, click Add Permission.

c

In the Global Permissions Root - Add Permission dialog box, click Add to associate a user or a group with a role.

d

In the Select Users/Groups dialog box, from the Domain drop-down menu, select rainpole.local, in the filter box type svc, and press Enter.

e

From the list of users and groups, select the svc-vdp user, click Add, and click OK.


f

In the Global Permissions Root - Add Permission dialog box, from the Assigned Role drop-down menu, select vSphere Data Protection User, select Propagate to children, and click OK.

The global permissions of the svc-vdp service account propagate to all linked vCenter Server instances.