User`s guide
335 Copyright © Acronis, Inc., 2000-2010
7.1.4.6 Privileges for VM backup and recovery
Once Agent for ESX/ESXi is deployed to a vCenter's host or cluster, any user of the vCenter Server can
connect a management console to the agent. The scope of available operations depends on the
privileges a user has on the vCenter Server. Only those actions are available that the user has
permission to perform. The below tables contain the privileges required for backup and recovery of
ESX virtual machines and, additionally, for virtual appliance deployment.
If the agent was deployed directly to an ESX/ESXi host or manually imported to the host, and you
want the vCenter users to be able to connect to the agent and the below privileges to take effect,
connect the agent to the vCenter Server rather than to the ESX/ESXi host. To change the connection,
access the virtual appliance GUI using the vSphere Client and specify access credentials for the
vCenter Server in the ESX(i)/vCenter setting.
Privileges on vCenter Server or ESX/ESXi host
Outlined in the below table are the privileges a vCenter Server user must have to perform operations
on all the vCenter hosts and clusters.
To enable a user to operate on a specific ESX host only, assign the user the same privileges on the
host. In addition, the Global > Licenses privilege is required to be able to back up virtual machines of
a specific ESX host.
Operation
Object
Privilege
Back up a
VM
Back up a
VM's disk
Recover to
a new VM
Recover to
an existing
VM
VA
deploymen
t
Datastore
Allocate space
+
+
+
Browse datastore
+
Low level file
operations
+
Global
Licenses
+
(required
on ESX host
only)
+
(required
on ESX host
only)
+
+
Network
Assign network
+
+
+
Resource
Assign VM to
resource pool
+
+
+
Virtual machine >
Configuration
Add existing disk
+
+
+
Add new disk
+
+
+
Add or remove
device
+
+