Expiring Today—Celebrate National IT Professionals Day with 3 months of free Premium Membership. Use Code ITDAY17

x
?
Solved

Applying permissions to a backup operator account

Posted on 2008-06-17
6
Medium Priority
?
863 Views
Last Modified: 2013-12-05
I want to create a backup account that will only backup data on a few servers.  This backup account will run a scheduled task to backup the current system state.  I have the account made but the account does not have enough permissions.  I want to apply the least privileges principle but the only account who can perform this job is the Domain Admins.  We do not have a power user group or other integrated windows group.  

What would be the best method for applying my backup account backup only enough permissions to run the backup system state in a scheduled task?  
0
Comment
Question by:Donald_Gibson
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 3
  • 2
6 Comments
 
LVL 70

Accepted Solution

by:
KCTS earned 1600 total points
ID: 21804753
Why not just use the built-in Backup operators group ?
0
 
LVL 3

Assisted Solution

by:mahe2000
mahe2000 earned 400 total points
ID: 21805005
you have an user rigth to specify which users can make backups and another to specify who can restore backups. Be sure that users can write in the folder where the backups are stored.

the rights are: "Backup files and directories" and "Restore files and directories"... amazing!!! :)
0
 
LVL 2

Author Comment

by:Donald_Gibson
ID: 21805274
KCTS - the built-in Backup operator group does allow me to backup.  If I go under Scheduled Tasks, right mouse click on my backup and go to RUN, it says status: Running for a few moments then it goes to blank.

mahe2000 - Where is this user right you speak of?  Is it a group policy setting?
0
When ransomware hits your clients, what do you do?

MSPs: Endpoint security isn’t enough to prevent ransomware.
As the impact and severity of crypto ransomware attacks has grown, Webroot fought back, not just by building a next-gen endpoint solution capable of preventing ransomware attacks but also by being a thought leader.

 
LVL 70

Expert Comment

by:KCTS
ID: 21805295
Backup operators should have these rights - thats what they are for
0
 
LVL 2

Author Comment

by:Donald_Gibson
ID: 21805364
I agree with you KCTS but I am on a windows 2000 domain that has proprietary software running on the network and the manufactures (Honeywell) made scripts to overwrite policies.  The Backup Operator account will not work.  I am familiar with linking policies to organizational units but how do I view the policy of a group, lets say the Backup Operators?
0
 
LVL 2

Author Comment

by:Donald_Gibson
ID: 21805833
I found out what I need to do.  I need to go to the local groups and add the Backup Operator to the Backup Operator group.

Thanks for the help guys.
0

Featured Post

Ransomware: The New Cyber Threat & How to Stop It

This infographic explains ransomware, type of malware that blocks access to your files or your systems and holds them hostage until a ransom is paid. It also examines the different types of ransomware and explains what you can do to thwart this sinister online threat.  

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Hey fellow admins! This time, I have a little fairy tale for you. As many tales do, it starts boring and then gets pretty gory. I hope you like it. TL;DR: It is about an important security matter, you should read it if you run or administer Windows …
How does someone stay on the right and legal side of the hacking world?
Email security requires an ever evolving service that stays up to date with counter-evolving threats. The Email Laundry perform Research and Development to ensure their email security service evolves faster than cyber criminals. We apply our Threat…
Sometimes it takes a new vantage point, apart from our everyday security practices, to truly see our Active Directory (AD) vulnerabilities. We get used to implementing the same techniques and checking the same areas for a breach. This pattern can re…

719 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question