Permissions

The following permissions are required for proper operation of Veeam Availability Console.

Connecting to Microsoft SQL Server

The account used to connect to the Microsoft SQL Server hosting the Veeam Availability Console database must have the following permissions:

• public role (default permissions)
• dbcreator role (needed to create the Veeam Availability Console database during the Veeam Availability Console installation procedure)
• db_owner and public roles on the Veeam Availability Console database
• public permissions on the master database
• public permissions on the msdb database
• [For Always-On Availability Groups] VIEW SERVER STATE, VIEW ANY DEFINITION permissions

Connecting Veeam Cloud Connect Server

• Connection account

The account used to connect a Veeam Cloud Connect server to Veeam Availability Console must have:

• local Administrator permissions on the Veeam Cloud Connect machine
• access to the admin$ share on the Veeam Cloud Connect machine.

• Service account

The account used to authenticate the management agent installed on the Veeam Cloud Connect server in Veeam Availability Console must have:

• local Administrator permissions on the Veeam Cloud Connect machine
• Backup Administrator role assigned in Veeam Cloud Connect
• access to the admin$ share on the Veeam Cloud Connect machine.

Discovery

The account used to discover computers in the client infrastructure must have local Administrator permissions on all discovered computers.

Installing and Uninstalling Veeam Backup Agents

The account used to install and uninstall Veeam backup agents must have local Administrator permissions on computers where the install and uninstall procedures are performed.

Configuring ConnectWise Manage Connection

The account used to configure ConnectWise Manage plugin connection must be assigned a security role that has access to the following security modules: