Assign global permissions in Region A to the operations service accounts svc-vrops and svc-mpsd-vrops in order to access monitoring data from the Management vCenter Server and Compute vCenter Server in Region A with vRealize Operations Manager.

The svc-vrops user has read-only access on all objects in vCenter Server. The svc-mpsd-vrops user has rights that are specifically required for access to storage device information in vRealize Operations Manager on all objects in vCenter Server.

Verify that the Management vCenter Server and Compute vCenter Server for Region A are connected to the Active Directory domain.

Verify that the users and groups from the rainpole.local domain are available in the Management vCenter Server and in the Compute vCenter Server for Region A.

1

Log in to vCenter Server by using the vSphere Web Client.

a

Open a Web browser and go to https://mgmt01vc01.sfo01.rainpole.local/vsphere-client.

b

Log in using the following credentials.

Setting

Value

User name

administrator@vsphere.local

Password

vsphere_admin_password

2

From the Home menu, select Administration.

3

Assign global permissions to the svc-vrops@rainpole.local and svc-mpsd-vrops@rainpole.local users according to their roles.

User

Role

svc-vrops@rainpole.local

Read-Only

svc-mpsd-vrops@rainpole.local

MPSD Metrics User

a

In the vSphere Web Client, navigate Administration and click Global Permissions.

b

Click Add Permission


c

In the Global Permissions Root - Add Permission dialog box, click Add to associate a user or a group with a role.

d

In the Select Users/Groups dialog box, from the Domain drop-down menu, select rainpole.local, in the filter box type svc and press Enter.

e

From the list of users and groups, select svc-vrops, click Add , and click OK.


f

In the Global Permissions Root - Add Permission dialog box, from the Assigned Role drop-down menu, select Read-only, ensure that Propogate to children is selected, and click OK.

g

Repeat the steps to assign the MPSD Metrics User role to the svc-mpsd-vrops user.

The global permissions of svc-vrops and svc-mpsd-vrops propagate to all linked vCenter Server instances.