Connection to Virtual Servers
This section describes permissions to accounts used to connect virtual servers.
The account used to connect vCenter Server and ESXi hosts must have the following permissions:
vCenter, ESXi host
Note: Names of privileges are provided for the latest supported version of VMware vSphere, and may vary for different platform versions.
1 Required for gathering of ESXi host hardware data.
2 Required for using VM Console and viewing snapshot information.
3 Required for running remediation actions.
4 Required for collecting and updating tags on the vCenter Server side. The privileges must be assigned at the vCenter Server level.
5 Required for accessing VM console from Veeam ONE Client.
6 Required for collecting datastore details.
7 Required for collecting license information.
The account used to connect Microsoft Hyper-V hosts and clusters must:
- Be a member of the Hyper-V Administrators and Performance Monitor Users security groups.
- Have permissions to remotely access WMI on Microsoft Hyper-V hosts.
This includes remote access, activation and launching the DCOM application of WMI, and remote access to the root WMI namespace and sub-namespaces. For details on granting these permissions, see Configuring Permissions to Remotely Access WMI.
The account used to connect an SCVMM Server must have in SCVMM an assigned user role that is based on the Read-Only Administrator profile.
To monitor clusters and hosts managed by SCVMM, the minimal required permissions for these hosts and clusters must be granted to the same account. For details, see Microsoft Hyper-V Hosts and Clusters.