Our website uses cookies!
By continuing to use our website, you agree with our use of cookies in accordance with our Cookie Policy. You can reject cookies by changing your browser settings.
OK, GOT IT
Veeam Availability Orchestrator 1.0 [Archived]
Deployment Guide
Related documents
User GuideDeployment GuideCategorization GuideRESTful API Reference
Search
This is an archive version of the document. To get the most up-to-date information, see the current version.

Required Permissions

The accounts used for installing and using Veeam Availability Orchestrator must have the following permissions.

Account

Required Permission

Setup Account

The account used for product installation must be a domain user who has the Local Administrator permissions on the target machine.

VAO Service Accounts

The accounts used to run VAO services, Veeam Backup & Replication services and Veeam ONE services must have the Local Administrator permissions on the VAO server.

The accounts must also be granted the Log on as a service right. For more information on Windows security policy settings, see Microsoft Docs.

VAO Agent Installation Account

The account used to install a VAO agent on a Veeam Backup & Replication server must have the Veeam Backup Administrator permissions on the server.

vCenter Permissions

The account used to connect the vCenter Server to the VAO infrastructure must have the Administrator permissions.

Instead of granting the Administrator permissions to the account, you can configure more granular permissions. For more information, see Veeam Backup & Replication Required Permissions and Veeam ONE Required Permissions.

Microsoft SQL Server

Different sets of Microsoft SQL permissions are required in the following cases:

  • Installation (remote or local): the current account needs the CREATE ANY DATABASE permission on the SQL server level. After the database is created, this account automatically gets a db_owner role and can perform all operations with the database.
  • Operation: the account used to run VAO services, Veeam Backup & Replication services and Veeam ONE services requires the db_owner role, as well as permissions to execute stored procedures for the configuration databases on the Microsoft SQL Server.

For more information, see Veeam Backup & Replication Required Permissions and Veeam ONE Required Permissions.

VAO Step Accounts

The account used to run the Verify SharePoint step, must be assigned the SharePoint_Shell_Access role and must be a member of the WSS_ADMIN_WPG group on the processed VM.

The account used to run the Exchange Credentials step, must be assigned the ApplicationImpersonation role on the processed VM.

 

I want to report a typo

There is a misspelling right here:

 

I want to let the Veeam Documentation Team know about that.