6.1
Table Of Contents
- Site Recovery Manager Administration
- Contents
- About VMware Site Recovery Manager Administration
- Updated Information
- Site Recovery Manager Privileges, Roles, and Permissions
- How Site Recovery Manager Handles Permissions
- Site Recovery Manager and the vCenter Server Administrator Role
- Site Recovery Manager and vSphere Replication Roles
- Managing Permissions in a Shared Recovery Site Configuration
- Assign Site Recovery Manager Roles and Permissions
- Site Recovery Manager Roles Reference
- Replicating Virtual Machines
- Configuring Mappings
- About Placeholder Virtual Machines
- Creating and Managing Protection Groups
- About Array-Based Replication Protection Groups and Datastore Groups
- About vSphere Replication Protection Groups
- About Storage Policy Protection Groups
- Create Protection Groups
- Organize Protection Groups in Folders
- Add or Remove Datastore Groups or Virtual Machines to or from a Protection Group
- Apply Inventory Mappings to All Members of a Protection Group
- Configure Inventory Mappings for an Individual Virtual Machine in a Protection Group
- Modifying the Settings of a Protected Virtual Machine
- Remove Protection from a Virtual Machine
- Protection Group Status Reference
- Virtual Machine Protection Status Reference
- Creating, Testing, and Running Site Recovery Manager Recovery Plans
- Testing a Recovery Plan
- Performing a Planned Migration or Disaster Recovery By Running a Recovery Plan
- Differences Between Testing and Running a Recovery Plan
- Performing Test Recovery of Virtual Machines Across Multiple Hosts on the Recovery Site
- Create, Test, and Run a Recovery Plan
- Export Recovery Plan Steps
- View and Export a Recovery Plan History
- Delete a Recovery Plan
- Recovery Plan Status Reference
- Configuring a Recovery Plan
- Recovery Plan Steps
- Creating Custom Recovery Steps
- Suspend Virtual Machines When a Recovery Plan Runs
- Specify the Recovery Priority of a Virtual Machine
- Configure Virtual Machine Dependencies
- Enable vSphere vMotion for Planned Migration
- Configure Virtual Machine Startup and Shutdown Options
- Limitations to Protection and Recovery of Virtual Machines
- Customizing IP Properties for Virtual Machines
- Reprotecting Virtual Machines After a Recovery
- How Site Recovery Manager Reprotects Virtual Machines with Array Based Replication
- How Site Recovery Manager Reprotects Virtual Machines with vSphere Replication
- How Site Recovery Manager Reprotects Virtual Machines with Storage Policy Protection
- Preconditions for Performing Reprotect
- Reprotect Virtual Machines
- Reprotect States
- Restoring the Pre-Recovery Site Configuration By Performing Failback
- Interoperability of Site Recovery Manager with Other Software
- Site Recovery Manager and vCenter Server
- Using Site Recovery Manager with VMware Virtual SAN Storage and vSphere Replication
- How Site Recovery Manager Interacts with DPM and DRS During Recovery
- How Site Recovery Manager Interacts with Storage DRS or Storage vMotion
- How Site Recovery Manager Interacts with vSphere High Availability
- How Site Recovery Manager Interacts with Stretched Storage
- Using Site Recovery Manager with VMware NSX
- Site Recovery Manager and vSphere PowerCLI
- Site Recovery Manager and vRealize Orchestrator
- Protecting Microsoft Cluster Server and Fault Tolerant Virtual Machines
- Using Site Recovery Manager with SIOC Datastores
- Using Site Recovery Manager with Admission Control Clusters
- Site Recovery Manager and Virtual Machines Attached to RDM Disk Devices
- Site Recovery Manager and Active Directory Domain Controllers
- Advanced Site Recovery Manager Configuration
- Reconfigure Site Recovery Manager Settings
- Change Connections Settings
- Change Site Recovery Manager History Report Collection Setting
- Change Local Site Settings
- Change Logging Settings
- Change Recovery Settings
- Change Remote Manager Settings
- Change Remote Site Settings
- Change Replication Settings
- Change SSO Setting
- Change Storage Settings
- Change ABR Storage Policy Setting
- Change Storage Provider Settings
- Change vSphere Replication Settings
- Modify Settings to Run Large Site Recovery Manager Environments
- Reconfigure Site Recovery Manager Settings
- Site Recovery Manager Events and Alarms
- Collecting Site Recovery Manager Log Files
- Troubleshooting Site Recovery Manager
- Site Recovery Manager Doubles the Number of Backslashes in the Command Line When Running Callouts
- Powering on Many Virtual Machines Simultaneously on the Recovery Site Can Lead to Errors
- LVM.enableResignature=1 Remains Set After a Site Recovery Manager Test Recovery
- Adding Virtual Machines to a Protection Group Fails with an Unresolved Devices Error
- Configuring Protection fails with Placeholder Creation Error
- Rapid Deletion and Recreation of Placeholders Fails
- Planned Migration Fails Because Host is in an Incorrect State
- Recovery Fails with a Timeout Error During Network Customization for Some Virtual Machines
- Recovery Fails with Unavailable Host and Datastore Error
- Reprotect Fails with a vSphere Replication Timeout Error
- Recovery Plan Times Out While Waiting for VMware Tools
- Synchronization Fails for vSphere Replication Protection Groups
- Rescanning Datastores Fails Because Storage Devices are Not Ready
- Recovery Sticks at 36% During Planned Migration
- Operations Fail with Error About a Nonreplicated Configuration File
- Index
5 Select Propagate to Children to apply the selected role to all of the child objects of the inventory objects
that this role can affect.
For example, if a role contains privileges to modify folders, selecting this option extends the privileges
to all the virtual machines in a folder. You might deselect this option to create a more complex
hierarchy of permissions. For example, deselect this option to override the permissions that are
propagated from the root of a certain node from the hierarchy tree, but without overriding the
permissions of the child objects of that node.
6 Click OK to assign the role and its associated privileges to the user or user group.
7 Repeat Step 2 through Step 6 to assign roles and privileges to the users or user groups on the other
Site Recovery Manager site.
You assigned a given Site Recovery Manager role to a user or user group. This user or user group has
privileges to perform the actions that the role defines on the objects on the Site Recovery Manager site that
you configured.
Example: Combining Site Recovery Manager Roles
You can assign only one role to a user or user group. If a user who is not a vCenter Server administrator
requires the privileges of more than one Site Recovery Manager role, you can create multiple user groups.
For example, a user might require the privileges to manage recovery plans and to run recovery plans.
1 Create two user groups.
2 Assign the SRM Recovery Plans Administrator role to one group.
3 Assign the SRM Recovery Administrator role to the other group.
4 Add the user to both user groups.
By being a member of groups that have both the SRM Recovery Plans Administrator and the SRM
Recovery Administrator roles, the user can manage recovery plans and run recoveries.
Site Recovery Manager Roles Reference
Site Recovery Manager includes a set of roles. Each role includes a set of privileges, which allow users with
those roles to complete different actions.
Roles can have overlapping sets of privileges and actions. For example, the Site Recovery Manager
Administrator role and the Site Recovery Manager Protection Groups Administrator have the Create
privilege for protection groups. With this privilege, the user can complete one aspect of the set of tasks that
make up the management of protection groups.
Assign roles to users on Site Recovery Manager objects consistently on both sites, so that protected and
recovery objects have identical permissions.
All users must have at least the System.Read privilege on the root folders of vCenter Server and the
Site Recovery Manager root nodes on both sites.
NOTE If you uninstall Site Recovery Manager Server, Site Recovery Manager removes the default
Site Recovery Manager roles but the Site Recovery Manager privileges remain. You can still see and assign
Site Recovery Manager privileges on other roles after uninstalling Site Recovery Manager. This is standard
vCenter Server behavior. Privileges are not removed when you unregister an extension from vCenter Server.
Chapter 1 Site Recovery Manager Privileges, Roles, and Permissions
VMware, Inc. 17