Re: VDR 2.0 - vCenter 5.0 - Cannot restore (-3958 ...

FuNK3Y · ‎11-19-2011

Hello,

I followed the VMware recommendations (http://pubs.vmware.com/vsphere-50/topic/com.vmware.datarecovery.admin.doc_20/GUID-9550127D-95CF-4302...) and created a user dedicated to my VDR appliance in my vCenter.

As stated in the documentation I added the following authorization to the role assigned to that user:

Datastore > Allocate space

Global > Disable methods

Global > Enable methods

Global > Licenses

Virtual machine > Configuration > Add existing disk

Virtual machine > Configuration > Add new disk

Virtual machine > Configuration > Add ore remove device

Virtual machine > Configuration > Change ressource

Virtual machine > Configuration > Disk change tracking

Virtual machine > Configuration > Remove disk

Virtual machine > Configuration > Settings

Virtual machine > Provisioning > Allow read-only disk access

Virtual machine > Provisioning > Allow virtual machine download

Virtual machine > State > Create snapshot

Virtual machine > State > Remove snapshot

It backups fine, but when I tried to restore I recieved the following error:

11/19/2011 3:05:34 PM: Restore using ActiveDirectory Rehearsal
11/19/2011 3:05:34 PM: To virtual machine Resources...
11/19/2011 3:05:34 PM: Restoring from /storage/VDR/, restore point (11/19/2011 5:03:17 AM)
11/19/2011 3:05:36 PM: Trouble writing files, error -3958 ( invalid permissions)
11/19/2011 3:05:36 PM: Task incomplete
11/19/2011 3:05:36 PM: Remaining: 4 files, 20.1 GB
11/19/2011 3:05:36 PM: Completed: 0 files, 14 KB
11/19/2011 3:05:36 PM: Performance: 0.4 MB/minute
11/19/2011 3:05:36 PM: Duration: 00:00:03

For testing purpose, I granted my VDR user the admin role, it restored fine. My conclusion is that my VDR role is still missing some authorization.

Any idea is welcome

11satya · ‎11-20-2011

till now have done some exercise ?

have a look this

http://kb.vmware.com/selfservice/microsites/search.do?language=en_US&cmd=displayKC&externalId=101057...

_______________________________
Good luck!

FuNK3Y · ‎11-21-2011

Thank you for your answer.

I went though your article, and noticed that I already had the role set correctly and the user bound at the top most level of my hierarchy.

Again, backup works fine, I only get problem when I try to restore (and restore reharsal when testing)

FuNK3Y · ‎01-29-2012

Am I really the only one having this issue?

I don't feel very comfortable with the VDR user as an admin.

Thanks!

tstahlfsu2 · ‎02-09-2012

I'm having the same issue.. Setup the VMDR user with the permissions from the user guide. Same error on restore.

tstahlfsu2 · ‎02-09-2012

Well, I was able to get the restore going. Gave the VMDR administrator permissions on the datacenter..

FuNK3Y · ‎02-19-2012

Thank your for your input.

You are then experiencing the exact same issue; seems that the VDR documentation lacks some informations about the authorizations required for the restore.

Could any VMware engineer enlights us on which checkbox to check?

Thank you

vmwaremeister2 · ‎08-07-2012

We're experiencing this issue as well. Which permissions are required for a VDR restore operation? The ones stated in the admin guide are not sufficient for this.

vmwaremeister2 · ‎08-07-2012

Replying to my own post. I've narrowed it down a bit. With the following permissions, the VDR user can restore VMs from backup:

Resource -> Assign virtual machine to resource pool

Virtual machine -> Configuration (all*)

Virtual machine -> Provisioning (all*)

This is in addition to the permissions given in the top post, which are sufficient for backing up VMs. I'm sure that this is over-generous but it's surely better than assigning full admin rights to the VDR user.

There is also an option to restore a VM using a different user's credentials, which I imagine is the way VMware want you to do it - the admin would just authenticate using their own credentials.

All

VDR 2.0 - vCenter 5.0 - Cannot restore (-3958 invalid permissions)