6.1
Table Of Contents
- Site Recovery Manager Administration
- Contents
- About VMware Site Recovery Manager Administration
- Updated Information
- Site Recovery Manager Privileges, Roles, and Permissions
- How Site Recovery Manager Handles Permissions
- Site Recovery Manager and the vCenter Server Administrator Role
- Site Recovery Manager and vSphere Replication Roles
- Managing Permissions in a Shared Recovery Site Configuration
- Assign Site Recovery Manager Roles and Permissions
- Site Recovery Manager Roles Reference
- Replicating Virtual Machines
- Configuring Mappings
- About Placeholder Virtual Machines
- Creating and Managing Protection Groups
- About Array-Based Replication Protection Groups and Datastore Groups
- About vSphere Replication Protection Groups
- About Storage Policy Protection Groups
- Create Protection Groups
- Organize Protection Groups in Folders
- Add or Remove Datastore Groups or Virtual Machines to or from a Protection Group
- Apply Inventory Mappings to All Members of a Protection Group
- Configure Inventory Mappings for an Individual Virtual Machine in a Protection Group
- Modifying the Settings of a Protected Virtual Machine
- Remove Protection from a Virtual Machine
- Protection Group Status Reference
- Virtual Machine Protection Status Reference
- Creating, Testing, and Running Site Recovery Manager Recovery Plans
- Testing a Recovery Plan
- Performing a Planned Migration or Disaster Recovery By Running a Recovery Plan
- Differences Between Testing and Running a Recovery Plan
- Performing Test Recovery of Virtual Machines Across Multiple Hosts on the Recovery Site
- Create, Test, and Run a Recovery Plan
- Export Recovery Plan Steps
- View and Export a Recovery Plan History
- Delete a Recovery Plan
- Recovery Plan Status Reference
- Configuring a Recovery Plan
- Recovery Plan Steps
- Creating Custom Recovery Steps
- Suspend Virtual Machines When a Recovery Plan Runs
- Specify the Recovery Priority of a Virtual Machine
- Configure Virtual Machine Dependencies
- Enable vSphere vMotion for Planned Migration
- Configure Virtual Machine Startup and Shutdown Options
- Limitations to Protection and Recovery of Virtual Machines
- Customizing IP Properties for Virtual Machines
- Reprotecting Virtual Machines After a Recovery
- How Site Recovery Manager Reprotects Virtual Machines with Array Based Replication
- How Site Recovery Manager Reprotects Virtual Machines with vSphere Replication
- How Site Recovery Manager Reprotects Virtual Machines with Storage Policy Protection
- Preconditions for Performing Reprotect
- Reprotect Virtual Machines
- Reprotect States
- Restoring the Pre-Recovery Site Configuration By Performing Failback
- Interoperability of Site Recovery Manager with Other Software
- Site Recovery Manager and vCenter Server
- Using Site Recovery Manager with VMware Virtual SAN Storage and vSphere Replication
- How Site Recovery Manager Interacts with DPM and DRS During Recovery
- How Site Recovery Manager Interacts with Storage DRS or Storage vMotion
- How Site Recovery Manager Interacts with vSphere High Availability
- How Site Recovery Manager Interacts with Stretched Storage
- Using Site Recovery Manager with VMware NSX
- Site Recovery Manager and vSphere PowerCLI
- Site Recovery Manager and vRealize Orchestrator
- Protecting Microsoft Cluster Server and Fault Tolerant Virtual Machines
- Using Site Recovery Manager with SIOC Datastores
- Using Site Recovery Manager with Admission Control Clusters
- Site Recovery Manager and Virtual Machines Attached to RDM Disk Devices
- Site Recovery Manager and Active Directory Domain Controllers
- Advanced Site Recovery Manager Configuration
- Reconfigure Site Recovery Manager Settings
- Change Connections Settings
- Change Site Recovery Manager History Report Collection Setting
- Change Local Site Settings
- Change Logging Settings
- Change Recovery Settings
- Change Remote Manager Settings
- Change Remote Site Settings
- Change Replication Settings
- Change SSO Setting
- Change Storage Settings
- Change ABR Storage Policy Setting
- Change Storage Provider Settings
- Change vSphere Replication Settings
- Modify Settings to Run Large Site Recovery Manager Environments
- Reconfigure Site Recovery Manager Settings
- Site Recovery Manager Events and Alarms
- Collecting Site Recovery Manager Log Files
- Troubleshooting Site Recovery Manager
- Site Recovery Manager Doubles the Number of Backslashes in the Command Line When Running Callouts
- Powering on Many Virtual Machines Simultaneously on the Recovery Site Can Lead to Errors
- LVM.enableResignature=1 Remains Set After a Site Recovery Manager Test Recovery
- Adding Virtual Machines to a Protection Group Fails with an Unresolved Devices Error
- Configuring Protection fails with Placeholder Creation Error
- Rapid Deletion and Recreation of Placeholders Fails
- Planned Migration Fails Because Host is in an Incorrect State
- Recovery Fails with a Timeout Error During Network Customization for Some Virtual Machines
- Recovery Fails with Unavailable Host and Datastore Error
- Reprotect Fails with a vSphere Replication Timeout Error
- Recovery Plan Times Out While Waiting for VMware Tools
- Synchronization Fails for vSphere Replication Protection Groups
- Rescanning Datastores Fails Because Storage Devices are Not Ready
- Recovery Sticks at 36% During Planned Migration
- Operations Fail with Error About a Nonreplicated Configuration File
- Index
n
Place all of the user's placeholder virtual machines in this folder, so that they can inherit its
permissions.
n
Do not assign permissions to access this folder to other users.
n
Assign dedicated resource pools, datastores, and networks to each user, and configure the permissions
in the same way as for folders.
CAUTION A deployment in which you isolate user resources still assumes trust between the vSphere sites.
Even though you can isolate user resources, you cannot isolate the users themselves. This is not a suitable
deployment if you must keep all users completely separate.
Viewing Tasks and Events in a Shared Recovery Site Configuration
In the Recent Tasks panel of the vSphere Client, users who have permissions to view an object can see tasks
that other users start on that object. All users can see all of the tasks that other users perform on a shared
resource. For example, all users can see the tasks that run on a shared host, datacenter, or the vCenter Server
root folder.
Events that all of the instances of Site Recovery Manager Server generate on a shared recovery site have
identical permissions. All users who can see events from one instance of Site Recovery Manager Server can
see events from all Site Recovery Manager Server instances that are running on the shared recovery site.
Assign Site Recovery Manager Roles and Permissions
During installation of Site Recovery Manager, users with the vCenter Server administrator role are granted
the administrator role on Site Recovery Manager. At this time, only vCenter Server administrators can log in
to Site Recovery Manager, unless they explicitly grant access to other users.
To allow other users to access Site Recovery Manager, vCenter Server administrators must grant them
permissions in the Site Recovery Manager interface in the vSphere Web Client. You assign site-wide
permission assignments on a per-site basis. You must add corresponding permissions on both sites.
Site Recovery Manager requires permissions on vCenter Server objects as well as on Site Recovery Manager
objects. To configure permissions on the remote vCenter Server installation, start another instance of the
vSphere Web Client. You can change Site Recovery Manager permissions from the same
vSphere Web Client instance on both sites after you connect the protected and recovery sites.
Site Recovery Manager augments vCenter Server roles and permissions with additional permissions that
allow detailed control over Site Recovery Manager specific tasks and operations. For information about the
permissions that each Site Recovery Manager role includes, see “Site Recovery Manager Roles Reference,”
on page 17.
You can assign more granular permissions to users by assigning them permissions on specific
Site Recovery Manager objects, including individual array managers, protection groups, and recovery plans.
You can also allow users to access specific groups of protections groups, recovery plans, and array managers
by assigning permissions to protection group and recovery plan folders, and to all of the array managers for
a site.
Procedure
1 In the vSphere Web Client, select the objects on which to assign permissions.
Option Description
Assign site-wide permissions
Click Site Recovery > Sites, and select a site.
Assign permissions to an individual
protection group
Click Site Recovery, expand Inventories, click Protection Groups, and
select a protection group.
Chapter 1 Site Recovery Manager Privileges, Roles, and Permissions
VMware, Inc. 15