Application Aware base protection Policy on SQL server fails on Initial Discovery

Symptoms found in the logs:
In the "Protection Policies," "Edit Policy" with "Application Aware" the Host Credentials specified but database discovery fails.
The ddbmcon log shows

##
2024-10-17T15:32:54.926Z ddbmcon: libdd_lockbox_destroy: Freeing the context and releasing the lockbox application.
2024-10-17T15:32:54.926Z ddbmcon will run in legacy mode i.e. no discovery account configured.
2024-10-17T15:32:54.958Z json argument to JSONIsString is NULL2024-10-17T15:32:54.974Z json argument to JSONIsString is NULL2024-10-17T15:32:54.974Z SQLCluster::SQLCluster: Entering.
2024-10-17T15:32:54.974Z SQLCluster::SQLCluster: Exiting.
2024-10-17T15:32:54.974Z SQLCluster::gatherClusterData: Entering.
...
2024-10-17T15:32:55.923Z Output:
2024-10-17T15:32:55.923Z {"response":{"APIVersion":"2.3","applicationSystems":[]},"errors":[{"type":"systemErr","text":"General exception when detecting AAG information for SQL Server 'SQL_PPDM01\\INSTANCE1'.\n"}]}
2024-10-17T15:32:55.938Z ddbmcon: remove_existing_aces: File Owner is a [BUILTIN\Administrators]
2024-10-17T15:32:55.938Z ddbmcon: remove_existing_aces: File Group Owner is a member of the [NT AUTHORITY\SYSTEM]
2024-10-17T15:32:55.938Z ddbmcon: ACL ACE dump: mode_to_acl result
2024-10-17T15:32:55.938Z ddbmcon:     ACE for [NT AUTHORITY\NETWORK]: 0x10000000
2024-10-17T15:32:55.938Z ddbmcon:     ACE for [BUILTIN\Administrators]: 0xc0070180
2024-10-17T15:32:55.938Z ddbmcon:     ACE for [\Everyone]: 0x80000000

##

The above log is reporting "no discovery account" is configured. Discovery is done using NT Authority\System account.
On older documentation, there is no mention of setting the sysadmin privilege for the Microsoft SQL server host.

Impacted Configuration and Settings:
Database Discoveries are failing with Error Message ASDS0027.
Discovery of all application systems for addon MICROSOFT_SQL_DATABASE_SYSTEM is unsuccessful on host XXXXXX because of the following errors: General exception when detecting AAG information for SQL Server 'SQL_PPDM01\INSTANCE1'.

Impact on PowerProtect Data Manager:
No successful discoveries of all the customers with Application Aware on SQL servers

The required sysadmin privileges for the NT\Authority account have not been configured, and once this was corrected the Application Aware on SQL servers discoveries are now working successfully.

Affected Version:
All PowerProtect Data Manager documentation up to 19.17

Fixed Version:
Future code release documentation

Workaround:
Engineering has confirmed that as of PowerProtect Data Manager 19.16, VMDirect requires:

On the SQL host, the SYSTEM account has SQL log in and sysadmin rights for each SQL server instance on the host.

Documentation will be updated on future PowerProtect Data Manager code releases.