How to do VMware Agentless (file) restores to Windows guests using accounts other than built-in Administrator
Description
Agentless restores to Windows target VMs can fail if you use an account other than the built-in Administrator for Windows Guest OS account as the Target VM Credentials. The failure is the result of Window Security Policies settings.
If the restore account is a user added to the administrators group, review the Local Security Policy settings. From Local Policies, confirm that the Run all administrators in Admin Approval Mode parameter is disabled. Agentless restores fail if Run all administrators in Admin Approval Mode is enabled.
This setting is a group policy setting for Windows Guest OS. It is located at Local Security Policy > Local Policy > Security Options. If this setting is not disabled, use secpol.msc or Group policy to disable Run all administrators in Admin Approval Mode on the User Account Control. After you change this setting, you must restart the target VM.
When the domain enforces this setting, it may be read-only on target VM’s local security snap-in. In these cases, the setting must be changed using Group Policy Management Console for the enforcing domain, site, or organizational unit (OU). You may need to consult with your domain administrators to identify correct place to make the required change.
References
Was this content helpful?
Translated Content
Please note that this document is a translation from English, and may have been machine-translated. It is possible that updates have been made to the original version after this document was translated and published. Veritas does not guarantee the accuracy regarding the completeness of the translation. You may also refer to the English Version of this knowledge base article for up-to-date information.