6.1
Table Of Contents
- Site Recovery Manager Administration
- Contents
- About VMware Site Recovery Manager Administration
- Updated Information
- Site Recovery Manager Privileges, Roles, and Permissions
- How Site Recovery Manager Handles Permissions
- Site Recovery Manager and the vCenter Server Administrator Role
- Site Recovery Manager and vSphere Replication Roles
- Managing Permissions in a Shared Recovery Site Configuration
- Assign Site Recovery Manager Roles and Permissions
- Site Recovery Manager Roles Reference
- Replicating Virtual Machines
- Configuring Mappings
- About Placeholder Virtual Machines
- Creating and Managing Protection Groups
- About Array-Based Replication Protection Groups and Datastore Groups
- About vSphere Replication Protection Groups
- About Storage Policy Protection Groups
- Create Protection Groups
- Organize Protection Groups in Folders
- Add or Remove Datastore Groups or Virtual Machines to or from a Protection Group
- Apply Inventory Mappings to All Members of a Protection Group
- Configure Inventory Mappings for an Individual Virtual Machine in a Protection Group
- Modifying the Settings of a Protected Virtual Machine
- Remove Protection from a Virtual Machine
- Protection Group Status Reference
- Virtual Machine Protection Status Reference
- Creating, Testing, and Running Site Recovery Manager Recovery Plans
- Testing a Recovery Plan
- Performing a Planned Migration or Disaster Recovery By Running a Recovery Plan
- Differences Between Testing and Running a Recovery Plan
- Performing Test Recovery of Virtual Machines Across Multiple Hosts on the Recovery Site
- Create, Test, and Run a Recovery Plan
- Export Recovery Plan Steps
- View and Export a Recovery Plan History
- Delete a Recovery Plan
- Recovery Plan Status Reference
- Configuring a Recovery Plan
- Recovery Plan Steps
- Creating Custom Recovery Steps
- Suspend Virtual Machines When a Recovery Plan Runs
- Specify the Recovery Priority of a Virtual Machine
- Configure Virtual Machine Dependencies
- Enable vSphere vMotion for Planned Migration
- Configure Virtual Machine Startup and Shutdown Options
- Limitations to Protection and Recovery of Virtual Machines
- Customizing IP Properties for Virtual Machines
- Reprotecting Virtual Machines After a Recovery
- How Site Recovery Manager Reprotects Virtual Machines with Array Based Replication
- How Site Recovery Manager Reprotects Virtual Machines with vSphere Replication
- How Site Recovery Manager Reprotects Virtual Machines with Storage Policy Protection
- Preconditions for Performing Reprotect
- Reprotect Virtual Machines
- Reprotect States
- Restoring the Pre-Recovery Site Configuration By Performing Failback
- Interoperability of Site Recovery Manager with Other Software
- Site Recovery Manager and vCenter Server
- Using Site Recovery Manager with VMware Virtual SAN Storage and vSphere Replication
- How Site Recovery Manager Interacts with DPM and DRS During Recovery
- How Site Recovery Manager Interacts with Storage DRS or Storage vMotion
- How Site Recovery Manager Interacts with vSphere High Availability
- How Site Recovery Manager Interacts with Stretched Storage
- Using Site Recovery Manager with VMware NSX
- Site Recovery Manager and vSphere PowerCLI
- Site Recovery Manager and vRealize Orchestrator
- Protecting Microsoft Cluster Server and Fault Tolerant Virtual Machines
- Using Site Recovery Manager with SIOC Datastores
- Using Site Recovery Manager with Admission Control Clusters
- Site Recovery Manager and Virtual Machines Attached to RDM Disk Devices
- Site Recovery Manager and Active Directory Domain Controllers
- Advanced Site Recovery Manager Configuration
- Reconfigure Site Recovery Manager Settings
- Change Connections Settings
- Change Site Recovery Manager History Report Collection Setting
- Change Local Site Settings
- Change Logging Settings
- Change Recovery Settings
- Change Remote Manager Settings
- Change Remote Site Settings
- Change Replication Settings
- Change SSO Setting
- Change Storage Settings
- Change ABR Storage Policy Setting
- Change Storage Provider Settings
- Change vSphere Replication Settings
- Modify Settings to Run Large Site Recovery Manager Environments
- Reconfigure Site Recovery Manager Settings
- Site Recovery Manager Events and Alarms
- Collecting Site Recovery Manager Log Files
- Troubleshooting Site Recovery Manager
- Site Recovery Manager Doubles the Number of Backslashes in the Command Line When Running Callouts
- Powering on Many Virtual Machines Simultaneously on the Recovery Site Can Lead to Errors
- LVM.enableResignature=1 Remains Set After a Site Recovery Manager Test Recovery
- Adding Virtual Machines to a Protection Group Fails with an Unresolved Devices Error
- Configuring Protection fails with Placeholder Creation Error
- Rapid Deletion and Recreation of Placeholders Fails
- Planned Migration Fails Because Host is in an Incorrect State
- Recovery Fails with a Timeout Error During Network Customization for Some Virtual Machines
- Recovery Fails with Unavailable Host and Datastore Error
- Reprotect Fails with a vSphere Replication Timeout Error
- Recovery Plan Times Out While Waiting for VMware Tools
- Synchronization Fails for vSphere Replication Protection Groups
- Rescanning Datastores Fails Because Storage Devices are Not Ready
- Recovery Sticks at 36% During Planned Migration
- Operations Fail with Error About a Nonreplicated Configuration File
- Index
Managing Permissions in a Shared Recovery Site Configuration
You can configure permissions on Site Recovery Manager to use a shared recovery site. The vCenter Server
administrator on the shared recovery site must manage permissions so that each user has sufficient
privileges to configure and use Site Recovery Manager, but no user has access to resources that belong to
another user.
In the context of a shared recovery site, a user is the owner of a pair of Site Recovery Manager Server
instances. Users with adequate permissions must be able to access the shared recovery site to create, test,
and run the recovery plans for their own protected site. The vCenter Server administrator at the shared
recovery site must create a separate user group for each user. No user's user accounts can be a member of
the vCenter Server Administrators group. The only supported configuration for a shared recovery site is for
one organization to manage all of the protected sites and the recovery site.
CAUTION Certain Site Recovery Manager roles allow users to run commands on
Site Recovery Manager Server, so you should assign these roles to trusted administrator-level users only.
See “Site Recovery Manager Roles Reference,” on page 17 for the list of Site Recovery Manager roles that
run commands on Site Recovery Manager Server.
On a shared recovery site, multiple customers share a single vCenter Server instance. In some cases,
multiple customers can share a single ESXi host on the recovery site. You can map the resources on the
protected sites to shared resources on the shared recovery site. You might share resources on the recovery
site if you do not need to keep all of the customers' virtual machines separate, for example if all of the
customers belong to the same organization.
You can also create isolated resources on the shared recovery site and map the resources on the protected
sites to their own dedicated resources on the shared recovery site. You might use this configuration if you
must keep all of the customers' virtual machines separate from each other, for example if all of the
customers belong to different organizations.
Guidelines for Sharing User Resources
Follow these guidelines when you configure permissions for sharing user resources on the shared recovery
site:
n
All users must have read access to all folders of the vCenter Server on the shared recovery site.
n
Do not give a user the permission to rename, move, or delete the datacenter or host.
n
Do not give a user the permission to create virtual machines outside of the user’s dedicated folders and
resource pools.
n
Do not allow a user to change roles or assign permissions for objects that are not dedicated to the user’s
own use.
n
To prevent unwanted propagation of permissions across different organizations’ resources, do not
propagate permissions on the root folder, datacenters, and hosts of the vCenter Server on the shared
recovery site.
Guidelines for Isolating User Resources
Follow these guidelines when you configure permissions for isolating user resources on the shared recovery
site:
n
Assign to each user a separate virtual machine folder in the vCenter Server inventory.
n
Set permissions on this folder to prevent any other user from placing their virtual machines in it.
For example, set the Administrator role and activate the propagate option for a user on that user's
folder. This configuration prevents duplicate name errors that might otherwise occur if multiple
users protect virtual machines that have identical names.
Site Recovery Manager Administration
14 VMware, Inc.