An owner of a virtual machine can create a passkey that can be used to perform browse or restore operations. When a passkey is configured, the user performing a browse or restore must enter the passkey to perform the operation.
Any user who has permissions for the virtual machine can use the passkey.
Passkeys can be configured by an MSP administrator in a multi-tenant setup, by a CommCell administrator in a standalone configuration, by a tenant administrator for a company. If passkeys are defined at multiple levels, the lowest level passkey takes precedence.
If a user enters the passkey at the hypervisor level, it is not required to re-enter the passkey at the VM group and the VM level. However, if a user enters the passkey at the VM group or the VM level, it is required to re-enter the passkey at the hypervisor level.
In a multi-tenant environment, if a company owns VMs that run on the service provider infrastructure, and the MSP administrator and tenant administrator both define passkeys, then by default the passkey configured by the MSP administrator is required for restores. To enable restores to be performed using the passkey that is configured by the tenant administrator, the tenant administrator must include the VMs that are owned by the tenant in the smart server group that is created automatically when the tenant company is created. As a best practice, add rules to associate VMs with the server group automatically, so that the server group gets updated dynamically when tenant VMs are added or deleted. For more information, see Smart Server Groups Using Automatic Association.
Before You Begin
The user who configures the passkey for a VM must be assigned as an owner for the VM.
From the navigation pane, go to Protect > Virtualization.
The Virtual machines page appears.
Click a virtual machine.
The virtual machine properties page appears.
On the Configuration tab, in the Passkey area, move the Require passkey for restores toggle key to the right.
The Set passkey dialog box appears.
Enter and confirm the passkey, and then click Submit.
The passkey must be at least eight characters, including at least one uppercase letter, one lowercase letter, one number, and one special character.
The Confirm create passkey dialog box appears.
The Authorize for restore toggle key appears.
To enable users to browse and restore backup data for 30 minutes after passkey authorization, move the Authorize for restore toggle key to the right.
The Authorize for restore dialog box appears.
In the Passkey box, enter the passkey, and then click Save.