All Collections
Enterprise Workloads
Protect VMware Virtual Machines
VMware Frequently Asked Questions
How to manage credentials for VMware servers
How to manage credentials for VMware servers

Assign credentials to VMware virtual machines

Updated over a week ago

Enterprise Workloads Editions: Business Enterprise Elite

Overview

Druva allows you to assign credentials to VMware virtual machines for app-aware backups. Credentials are also required should you want to perform disaster recovery of the backed-up virtual machine. See DR failover checks - Guest OS for details. Druva stores these credentials securely in the Credential Store. The credential store lets you assign the stored credentials to virtual machines (VMs) at scale without entering the credentials manually each time. You can create labels corresponding to the credentials for easier identification.

Assign credentials

To configure sudo users, ensure that you meet the following requirements.

Linux virtual machines

  • A non-root user must have sudo rights and must have the

    NOPASSWD: ALL

    tag enabled in the sudoers file. Edit the sudoers file and ensure that the non-root user has the following entry at the end:

    username ALL=(ALL) NOPASSWD: ALL


    where username, is the username that can execute all commands without prompting for a password.

  • Additionally, TTY must be disabled in the sudoers file either globally for all users (root and non-root users) or for a single sudo user.

    To disable TTY globally, replace

    Defaults requiretty with
    Defaults !requiretty



    To disable TTY for a specific user or group, suffix Defaults with the user or group:

    Defaults:myuser !requiretty


    where myuser is the username for which TTY is being disabled.

Verifying permissions

  • Login to the Linux machine using the user account that needs to be tested.

  • Execute the

    sudo -l

    command. If the user has sudo privileges and the

    NOPASSWD: ALL

    tag has been enabled in the sudoers file, the command will generate the following output without prompting for a password.

    1sudo.png


    If the user does not have sudo privileges or does not have the

    NOPASSWD: ALL

    tag enabled in the sudoers file, the command will generate the following output and will prompt for a password.

    2sudo.png

  • The directory /home/{username} must exist, and the non-root user must have read, write, and execute (RWX) permissions over this directory.

Manage credentials

You can manage credentials for VMware virtual machines from the All Virtual Machine page under Protect > VMware.

Guest OS credentials.png

The Guest OS Credentials column on the All Virtual Machines page displays the credentials assigned to the virtual machines on the selected vCenter/ESXi host.

Select a virtual machine, and then click Manage Credentials to add a new credential to the credential store, assign a credential to the selected virtual machine, or unassign a credential from the virtual machine.

Manage Credentials.png

The following table explains the fields available in the Manage Credentials dialog box.

Field

Description

Add Credential

Create a new credential. In the Add Credentials dialog box, enter the following details:

  • Label: Enter a label that uniquely identifies the credential.

  • Username: Enter the username of the credential. If your account uses a domain, enter the username as d omain\username — for example, DruvaCorp\jsmith.

  • Password: Enter the password of the credential.

  • Confirm Password: Re-enter the password of the credential.

Assign

Assign the selected credential to the virtual machine. The selected credential replaces any previously assigned credential.

Unassign

Unassign the selected credential from the server.

Related Articles
How to deploy additional VMware backup proxies
Restore prerequisites for VMware virtual machines
How to manage administrative groups for VMware virtual machines
How to reactivate VMware backup proxy
DR Failover Checks - Guest OS
Did this answer your question?