It is recommended that you use the local System account as Veeam Backup Enterprise Manager Service account. However, if you plan to use another account for installing and using Veeam Backup Enterprise Manager and, optionally, Veeam Backup Search, make sure the following permissions are set:
Veeam Backup Enterprise Manager
Local Administrator permissions on the Veeam Backup Enterprise Manager server to install and run Veeam Backup Enterprise Manager.
The account used to run Veeam Backup Enterprise Manager service must have:
To be able to work with Veeam Backup Enterprise Manager, users should be assigned the Portal Administrator, Portal User or Restore Operator role (see Configuring Security Settings section below).
If you plan to add Active Directory user or group accounts to the list of Veeam Backup Enterprise Manager roles, the Veeam Backup Enterprise Manager service must be started under the Active Directory service account that has enough permissions to enumerate Active Directory domains. Otherwise (if the local machine account is used), you will get the "Cannot find user account DOMAIN\username" error.
By default, Active Directory users have enough permissions to enumerate Active Directory domains.
vSphere Web Client Plug-in for Veeam Backup & Replication (optional)
Account used to install the plug-in must have sufficient access rights for vCenter server (must belong to the same domain in case of cross-domain access):
Extension > Register extension - to install the plug-in
Extension > Unregister extension - to uninstall the plug-in
Veeam Backup Search Server (optional, used for compatibility with legacy deployments)
Local Administrator permissions on the Veeam Backup Search Server console to install Microsoft Search Server and the Veeam Backup Search component.