- Community Home
- >
- Storage
- >
- HPE Nimble Storage
- >
- Application Integration
- >
- What are the minimum permissions for creating snap...
Categories
Company
Local Language
Forums
Discussions
Forums
- Data Protection and Retention
- Entry Storage Systems
- Legacy
- Midrange and Enterprise Storage
- Storage Networking
- HPE Nimble Storage
Discussions
Discussions
Discussions
Forums
Forums
Discussions
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
- BladeSystem Infrastructure and Application Solutions
- Appliance Servers
- Alpha Servers
- BackOffice Products
- Internet Products
- HPE 9000 and HPE e3000 Servers
- Networking
- Netservers
- Secure OS Software for Linux
- Server Management (Insight Manager 7)
- Windows Server 2003
- Operating System - Tru64 Unix
- ProLiant Deployment and Provisioning
- Linux-Based Community / Regional
- Microsoft System Center Integration
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Community
Resources
Forums
Blogs
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Printer Friendly Page
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО11-12-2015 08:05 AM
тАО11-12-2015 08:05 AM
Our snapshots were failing and during the investigation, found that our user doesn't have the correct permissions in Vmware.
Message: Failed to create vCenter snapshot associated with volume collection XXXX1 schedule Nimble-Exchange-4am because the system is unable to log into the vCenter server due to an incorrect user name VMstorage or password. Verify the user name and password are correct.
Our Vmware admins will not allow Nimble to use an Administrator account due to concerns with security and general hesitation to allow anything/one admin access. What are the specific permissions required?
Thanks!
Solved! Go to Solution.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО11-12-2015 11:13 AM
тАО11-12-2015 11:13 AM
Re: What are the minimum permissions for creating snapshots through Vmware? "Administrator" rights are off the table.
Support said they will be testing, documenting, and probably publishing the permissions in a week or so. I will update when it happens.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО12-10-2015 06:29 AM
тАО12-10-2015 06:29 AM
SolutionThis is what Support replied with:
Privileges for NPM (Volume Collection Backups)
тАЬVirtualMachine.State.CreateSnapshotтАЭ,
тАЬVirtualMachine.State.RemoveSnapshotтАЭ
If you try тАЬValidateтАЭ on the vCenter Sync VolColl, it will check these permissions on all the VMs in the datastores of that VolColl.
Privileges for vCenter Plugin
"Datastore.AllocateSpace",
"Datastore.Config",
"Datastore.Delete",
"Datastore.Move",
"Datastore.Rename",
"Extension.Update",
"Global.CancelTask",
"Host.Config.AdvancedConfig",
"Host.Config.NetService",
"Host.Config.Settings",
"Host.Config.Storage",
"StoragePod.Config",
"System.Anonymous",
"System.Read",
"System.View",
"Task.Create",
"Task.Update"
Along with these, we also expect the privileges in the тАЬNimbleStorageтАЭ group should be included in any custom role the user creates.
We tested it against Commvault Intellisnap requirements originally which failed. We removed all Nimble permissions, Verified Commvault Intellisnap permissions and it worked fine. The issue with OUR environment is that within Nimble protection configuration, we had to use <DOMAIN>/username for the user to integrate with Vmware. We may encounter issues in the future for not using all the permissions from Nimble vs. Commvault (there are differences) but at this rate, we have it working.