08-17-2015 06:01 AM
I'm considering rolling out the Backup Exec Management Plugin for VMware with the vSphere C# client.
However need to establish the minimum set of permissions required by a user to effectively use the plug-in.
Backup Exec Sevice Account has permissions required to backup and restore virtual machines, as per
https://support.symantec.com/en_US/article.TECH129645.html
However we wouldn't normally run the vSphere client under this account.
Users with virtual machine power user role, won't know Backup Exec service account details, nor will they have create / edit custom attribute permissions
http://kb.vmware.com/selfservice/microsites/search.do?language=en_US&cmd=displayKC&externalId=1005720
So does one have to be a backup administrator with knowledge of the BEX service account AND VMware Admin rights to use this plug-in ?
Or is there a way to provide it and the details on VM protection status to normal non priviledged virtual machine power users?
Thanks in advance
Solved! Go to Solution.
08-17-2015 08:34 PM
Verbatim from the Backup Exec Management Plug-in for VMware User's Guide -
You must have backup operator rights on the media server that protects the virtual machines that you want to monitor.
Infact, media server credentials are required to access the various tabs.
08-18-2015 10:23 AM
Afaik, the custom annotations are used to store BE's protection information about the VMs such as backup type, backup media server, last backup etc.
Let me check internally if i can find more information about the annotations.
EDITED**
The Annotations displays the following info -
08-17-2015 08:34 PM
Verbatim from the Backup Exec Management Plug-in for VMware User's Guide -
You must have backup operator rights on the media server that protects the virtual machines that you want to monitor.
Infact, media server credentials are required to access the various tabs.
08-18-2015 02:16 AM
Hi,
Thanks for the feedback.
Also noticed that by default the vSphere plug-in wants to create custom annotations on all virtual machines in vCenter.
However, no details in the manual as to what fields those would be and what information would be contained therein.
Won't be able to get sign-off from clients' VMware administrator, if this isn't specified in advance.
So anyone know what the custom attributes the plug-in creates are?
(For the moment annotations have been disabled on their test environment )
Thanks
08-18-2015 03:19 AM
One other point about using this plugin, to use the plugin, you must use the same host or vcenter name to login to the vSphere Client as you used when adding the host or vcenter into the Backup Exec server itself. Bearing in mind you could be have added them into Backup Exec using:
- just hostname (in effect the SERVERNAME)
- FQDN (in effect SERVERNAME.DOMAIN.COM)
- just IP address (nnn.nnn.nnn.nnn)
then the user monitoring the VMware installation for backups using the vSphere client plus plugin wil need to know how it was added into Backup Eec so they can match it when logging into vSphere.
08-18-2015 10:23 AM
Afaik, the custom annotations are used to store BE's protection information about the VMs such as backup type, backup media server, last backup etc.
Let me check internally if i can find more information about the annotations.
EDITED**
The Annotations displays the following info -