VM Owner Detection for Azure Stack Hub

Virtual machine owners can be assigned automatically during virtual machine discovery, based on privileges and roles defined in the Azure Stack Hub portal that indicate rights to virtual machines. When this feature is enabled in the Command Center, users and user groups who have the correct permissions defined in the Azure Stack Hub portal and are defined in Commvault are automatically assigned as VM owners for the virtual machine.

This feature enables administrators and end users to access virtual machine data without requiring that they be manually assigned as VM owners. Depending on the permissions and roles users have in the Azure Stack Hub portal, they can view virtual machine data or recover VM data. Any user with Remove VM, VM Power On, and VM Power Off permissions for a virtual machine is assigned as an owner of that VM during VM discovery.

Owner IDs are assigned during discovery only for a streaming or IntelliSnap backup, and are not modified by backup copy or auxiliary copy operations.


  • This feature is supported only for users or user groups defined in the Azure Stack Hub portal and through an Active Directory Domain Service (ADDS) user or group. The feature is not supported for users defined through Active Directory Federation Services (ADFS).

  • When you enable this feature, the VM discovery operation time might increase.


For Commvault

  • Users or user groups defined in the Azure Stack Hub portal must also be defined in Commvault, either through a local user definition or a Domains user definition (such as an Active Directory user or group).

  • Assign permissions for VM owners as described in Assigning Permissions to Owners.

For Azure Stack Hub

  • Users must have a predefined role assigned to indicate that the user has access to the virtual machine. By default, the Owner or Contributor roles are considered VM owners.

  • Azure Stack Hub AD applications used for Commvault authentication must have the following API permission assigned:

    Type: Application

    Permission: Microsoft Graph.Directory.Read.All


    This requires Admin consent.


To enable this feature, go to Edit VM Group Settings for Azure Stack Hub.