I can't answer thsi question directly. I did find this as part of the VEPA Integration
Make sure you have the necessary VMware vSphere privileges granted to the user account
that is used to connect to the vCenter Server.
If you select
Standard security, you need to manually specify which login credentials Data
Protector should use to connect to the VMware client:
Port
: Specify the port that VMware vSphere is using. By default, VMware uses the port 443.
Username and Password:
Specify an operating system user account that has the following
VMware vSphere privileges:
Datastore -> Allocate space
Datastore -> Browse datastore
Datastore -> Low level file operations
Datastore -> Remove file
Datastore -> Rename datastore
Folder -> Delete folder
Folder -> Rename folder
Global -> Disable methods
Global -> Enable methods
Global -> Licenses
Host -> Configuration -> Maintenance
Host -> Inventory -> Add standalone host
Network -> Assign network
Resource -> Assign virtual machine to resource pool
Resource -> Remove resource pool
Resource -> Rename resource pool
Sessions -> Validate session
vApp -> Delete
vApp -> Rename
vApp -> Add virtual machine
Virtual machine -> State -> Revert to snapshot
Virtual machine -> Configuration *
Virtual machine -> Interaction -> Answer question
Virtual machine -> Interaction -> Power Off
Virtual machine -> Interaction -> Power On
Virtual machine -> Inventory -> Create new
Virtual machine -> Inventory -> Register
Virtual machine -> Inventory -> Remove
Virtual machine -> Inventory -> Unregister
Virtual machine -> Provisioning *
Virtual machine -> State -> Create snapshot
Virtual machine -> State -> Remove snapshot
•
Web service: Optionally, change the web service entry point URI. Default: /sdk
If you select Integrated security, which is only available for VMware vCenter Server systems,
provided that both the application client and the backup host are Windows systems, Data
Protector connects to the VMware vCenter Server system with the user account under which
the Data Protector Inet service on the backup host is running. Ensure that this user
account has appropriate VMware vSphere rights to connect to the VMware vCenter Server
system and the Data Protector Inet service on the backup host is configured for user
impersonation.
For details on setting accounts for the Inet service user impersonation, see the HP Data Protector Help index: “Inet user impersonation”.
For the
Port and Web service root options, Data Protector uses the values that are currently
specified for the standard security. Integrated security is based on Security Support Provider
Interface (SSPI).
I pulled this from the Virtualization Integration Guide for DP 8