In a two-site Site Recovery Manager (SRM) deployment consisting of a Production site and a Disaster Recovery (DR) site, users may observe a red banner alert when attempting to view replication details between the two sites.

When logging in to the Production site SRM with the production vCenter credentials and then selecting View Details to inspect replication status, the system prompts for the DR site vCenter credentials. If an Active Directory (AD) domain account with insufficient privileges is entered, the following symptoms appear:

• A red warning message at the top of the SRM interface:
  
  VR Management Server at <DR site VR> is having connectivity problems. 

• The Remote VR connection status of the DR site shows Unknown.

• In the SRM logs /opt/vmware/support/logs/dr-client/dr.log on the Production site, messages similar to the following are recorded:

  getPairSrmSummaryIssues - Failed to get VR.now replication issue for HMS server '<UUID>' at '<DR site VR>'.

  getVrRemoteSiteSummaryInfo - Peer HMS site info error!
  com.vmware.srm.client.topology.client.view.availability.ExtensionServer$GetPairFailedException: Unable to retrieve pairs from extension server at https://<DR site VR>:8043. Access to perform the operation was denied.

   

These errors occur because the AD account does not have sufficient permissions to access the DR site’s vSphere Replication (VR) management service.

• VMware Site Recovery Manager (SRM) with paired Production and Disaster Recovery sites

• vSphere Replication (VR) configured between the two sites

• vCenter Single Sign-On with both [email protected] and Active Directory domain accounts

To successfully view replication details in SRM:

1. Log in to the Production site SRM using the Production site vCenter credentials as usual.

2. When prompted for the DR site vCenter credentials after clicking View Details, enter the [email protected] account (or another SSO account with equivalent administrator privileges).

3. Avoid using an AD domain account that lacks full administrative rights, as this prevents SRM from retrieving the VR management server information from the DR site.

After authenticating with the SSO administrator account, the red banner alert disappears and the Remote VR connection status correctly reflects the health of the DR site vSphere Replication server.