VMware Cloud Community
GabCava
Enthusiast
Enthusiast
‎11-05-2017 12:11 PM
Jump to solution

Managing Permissions in a Shared Recovery Site Configuration

Hello we have two sites with two vcenter servers and SRM with twin versions so all ok there. We would like to implement a DR scenario for multiple independent offices. These parties we'll need to create and run their own Recovery Plans. However we need to provide these parties enough credentials to view and manage only what is theirs. I have read these two VMware documents and in the second one I read:

1.  Managing Permissions in a Shared Recovery Site Configuration 

2. Site Recovery Manager Roles Reference 

<All users must have at least the System > Read privilege on the root folders of vCenter Server and the Site Recovery Manager root nodes on both sites.>

Now what does that mean exactly? That the read permission has to be applied  to the top root of  the vcenter server? Or to the top root of their own folders in the vcenter server VM view in the client? If it is the first assumption the users will have permissions to view other parties VMs and Hosts. In our  environment the parties we manage don't have dedicated Clusters. So we should have a dedicated vcenter server for each of our party/customer?

Does anyone have experience with SRM and shared permissions. We obviously will retain the SRM administrator role, however what leaves in doubt is the statement that "All users must have at least the System > Read etc...."  so probably it seems that SRM is not the right product for our scenario and maybe the vSphere RM would be a better solution.

many thanks in advance!

.g

0 Kudos
1 Solution

Accepted Solutions
hussainbte
Expert
Expert
‎11-06-2017 03:51 AM
Jump to solution

It makes sense..  the reason for that I believe is SRM is designed keeping in mind the site recovery manager Admin will be someone who has the rights to initiate a failover from one site to another.

for oblivious reasons its expected in this case to be having permissions at the vCenter root level as well.

technically I think the root level read is required only for connecting to the sites.. but if you want to protect/unprotect a VM or perform failover tasks admin rights on vcenter is required.

If you found my answers useful please consider marking them as Correct OR Helpful Regards, Hussain https://virtualcubes.wordpress.com/

View solution in original post

0 Kudos
4 Replies
hussainbte
Expert
Expert
‎11-06-2017 02:14 AM
Jump to solution

It means That the read permission has to be applied  to the top root of  the vcenter server?..

This is for the users you will configure under SRM permissions to perform failover ,testfailover etc..

If you dont have Cluster, you can have seperate folders.

then the permissions for each party will be applied on there folder..

But users which are given admin permissions on SRM will need admin permissions on vCenters

If you found my answers useful please consider marking them as Correct OR Helpful Regards, Hussain https://virtualcubes.wordpress.com/
0 Kudos
GabCava
Enthusiast
Enthusiast
‎11-06-2017 03:45 AM
Jump to solution

many thanks Hussainbte,, we do have clusters but they are not dedicated to each customer. The environment (one VC on protected site and one VC at recovery site) is all shared and here our issue. VMware says that all users must have a read at the root of  vcenter server. That means  they will be able to read about VMs that don't belong to them. We don't want  that. So basically.. we vSphere administrators will be SRM admnistrators too and that is ok. Then we need to assign Site Recovery ManagerProtection Groups Administrator role to a party for their own VMs and the same role for another party to manage failover of their  own VMs.

According to VMware each of this user must have a Read permission at the vcenter root  level. That means all of them will view all VMs names and more... 

so my impression is taht SRM is not  good in these scenarios. I don't know if I explained the scenario properly...

0 Kudos
hussainbte
Expert
Expert
‎11-06-2017 03:51 AM
Jump to solution

It makes sense..  the reason for that I believe is SRM is designed keeping in mind the site recovery manager Admin will be someone who has the rights to initiate a failover from one site to another.

for oblivious reasons its expected in this case to be having permissions at the vCenter root level as well.

technically I think the root level read is required only for connecting to the sites.. but if you want to protect/unprotect a VM or perform failover tasks admin rights on vcenter is required.

If you found my answers useful please consider marking them as Correct OR Helpful Regards, Hussain https://virtualcubes.wordpress.com/
0 Kudos
GabCava
Enthusiast
Enthusiast
‎11-06-2017 04:05 AM
Jump to solution

cheers mate, appreciated

0 Kudos