Host-based backup of VMware vSphere VMs.
Post Reply
OneForTheTeam
Influencer
Posts: 18
Liked: 2 times
Joined: Dec 13, 2020 10:53 am
Full Name: Mark
Contact:

Veeam V10 - Install best practice.

Post by OneForTheTeam »

Hello,

Running vCentre with two ESXI v7 hosts with Windows VMs. Some guidance needed.

Is it best to set up a service account in AD added to the domain users group and use this account to run backup jobs?

Should this account have local admin access on the VM its backing up?

What about Domain Controllers as they do not have local admin accounts?

Thanks!
Egor Yakovlev
Product Manager
Posts: 2581
Liked: 708 times
Joined: Jun 14, 2013 9:30 am
Full Name: Egor Yakovlev
Location: Prague, Czech Republic
Contact:

Re: Veeam V10 - Install best practice.

Post by Egor Yakovlev »

Hi Mark

Yes, service account is a good idea. To be clear, there are 2 levels of access:
- account used to access vCenter, one that actually performs backup, sufficient for data protection. That account is set when adding vCenter to VBR. List of permissions needed for this account can be found here.
- (optional) account used to access VM guest OS, to add application-aware image processing for above said backup. That account is set on Guest Processing tab of backup job. And yes, that account must be in local Administrators group(doesn't have to be machine\account local, it can be domain\account with correct membership). Various scenarios might also require additional permissions(for example to process MS SQL transaction logs, or Domain Controller backup will add new ones), full list of in-guest account permissions can be found here.

Hope that helps!
OneForTheTeam
Influencer
Posts: 18
Liked: 2 times
Joined: Dec 13, 2020 10:53 am
Full Name: Mark
Contact:

Re: Veeam V10 - Install best practice.

Post by OneForTheTeam »

Egor - perfect. That clears that up nicely.
Post Reply

Who is online

Users browsing this forum: No registered users and 19 guests