Previous Topic: Add Permissions for VDDK at vCenter Server LevelNext Topic: Convert Incremental Backup to a Verify Backup Because the Virtual Machine Snapshots Either Changed from the Last Backup Job or Needs Consolidation


Permissions for Host-based Agentless Backup and Virtual Standby at vCenter Server Level

When you configure vCenter to manage virtual machines, generally you set up users or groups with vCenter administrator privileges. This approach helps to ensure that the vCenter accounts have unrestricted access to vCenter functionality and tasks. Optionally, you can create vCenter users and groups that can be used to facilitate only backup operations or only backup and restore operations.

When using vCenter non-administrative accounts to facilitate backup and restore operations, you create vCenter roles, assign privileges to the roles, and then apply the role to individual users or groups.

Note: As a best practice, VMware recommends that you allow non-administrative vCenter user accounts to be members of the Windows local administrator group.

Important! The following steps assume that you are familiar with how to configure vCenter users, groups, roles, and permissions. Consult the vCenter documentation as needed.

Follow these steps:

  1. Log in to vCenter using the VI Client.
  2. Open the Add New Roles dialog and specify a name for the role.

    Add New Role dialog.

  3. Expand All privileges.
  4. (Optional) To allow the role to facilitate only backup operations, specify the following privileges:

    Important! To allow the role to facilitate backup and restore operations, continue to the next step.

    Go to Step 6.

  5. To allow the role to facilitate backup and restore operations, specify the following privileges:
  6. Click OK to create the role.
  7. Open the Assign Permissions dialog, to assign the newly created role to users, groups, or both.

    Assign Permissions dialog.

  8. From the Users and Groups list, select the custom user that you want to use for backups and restores.

    From the Assigned Role drop-down list, specify the role that you want to apply to the users or groups.

    Click OK to apply the role to the users or groups.

The permissions are now defined for vCenter roles.