Credentials and
Privileges for VMDK Access
Local operations are supported by local
VMDK. Access to ESXi hosts is authenticated by login credentials, so with
proper credentials VixDiskLib can reach any VMDK on an ESXi host. VMware
vSphere has its own set of privileges, so with the proper privileges (see
below) and login credentials, VixDiskLib can reach any VMDK on an ESXi host
managed by vCenter Server. VixDiskLib supports the following:
- Both read-only and read/write modes
- Read-only access to disk associated with any snapshot of online virtual machines
- Access to VMDK files of offline virtual machines (vCenter restricted to registered virtual machines)
- Reading of Microsoft Virtual Hard Disk (VHD) format
With vCenter Server, the Role of the backup
appliance when saving data must have these privileges for all the virtual
machines being backed up:
- Virtual machine > Change Configuration > Toggle disk change tracking
- Virtual machine > Provisioning > Allow read-only disk accessandAllow VM download
- Virtual machine > Snapshot management > Create snapshotandRemove snapshot
On the backup appliance, the user must have the
following privileges:
- Datastore > Allocate space
- Virtual machine > Change Configuration > Add new diskandRemove disk
- Virtual machine > Change Configuration > Change resourceandSettings
The user must have this privilege for vCenter
Server and all ESXi hosts involved in backup:
- Global > Disable methodsandEnable methods
If privileges are not applied at the vCenter
Server level, the returned error message is somewhat misleading: “The host is
not licensed for this feature.”