Virtual machine owners can be assigned automatically during virtual machine discovery, based on privileges and roles defined in vCenter that indicate rights to virtual machines. When this feature is enabled, users and user groups who have appropriate capabilities in vCenter and are also defined in Commvault are automatically assigned as VM owners for the virtual machine.
This feature enables administrators and end users to access virtual machine data without requiring that they be assigned as VM owners manually. Depending on the permissions and roles users have in vCenter, they can view virtual machine data or recover VM data. Any user with Remove VM, VM Power On, and VM Power Off capabilities for a virtual machine will be assigned as an owner of that VM during VM discovery.
Owner IDs are only assigned during discovery for a streaming or IntelliSnap backup, and are not modified by backup copy or auxiliary copy operations.
This feature is available for VMware and VMware Cloud Director hypervisors.
VMware Cloud Support
In addition to identifying virtual machine owners based on vCenter roles and privileges, Commvault identifies VMware Cloud users and groups as VM owners. If the Auto detect VM owner option is selected in the VM group settings, the following users and groups are automatically assigned as VM owners:
-
Owner of the vApp or catalog that contains the VM
-
All users who have Full Control permissions to the vApp or catalog that contains the VM
-
All users and groups that are assigned the Organization Administrator role
Groups imported from an LDAP or SAML source are mapped to external groups defined for a domain in Commvault.
Requirements
-
Single sign on must be enabled on the vCenter and required vCenter capabilities must be configured for users and groups.
-
Users or user groups defined in vCenter must also be defined in Commvault, either through a local user definition or a Name Server user definition (such as an Active Directory user or group).
-
Assign permissions for VM owners as described in Assigning Permissions to Owners.
-
To import SAML users from VMware Cloud Director, perform the following actions:
-
Configure a SAML identity provider in VMware Cloud Director as described in Configure Your System to Use a SAML Identity Provider.
-
Configure a SAML identity provider for Commvault as described in Adding Identity Servers.
For information about specific identity providers, see Identity Provider Use Cases.
For additional information, see SAML Integration.
-
Use a Commvault user account to run a backup and discover SAML users.
-