Solved

Does Backup Exec service account require interactive logon rights?

Posted on 2008-10-15
4
1,385 Views
Last Modified: 2013-12-04
Can I disable logon rights for the accounts that the BExec services run as?  
0
Comment
Question by:qpm
  • 2
4 Comments
 
LVL 19

Expert Comment

by:CoccoBill
Comment Utility
According to this, no: http://seer.support.veritas.com/docs/254239.htm

It requires:
Act as Part of the Operating System
Backup Files and Directories
Create a Token Object
Logon as a service
Manage Auditing and Security Log
Restore Files and Directories
Take ownership of files and other objects
0
 

Author Comment

by:qpm
Comment Utility
Thanks for the quick response, I have to wait until the lab administrator gets back in the office later today to try that out.

If I give the account those rights, is there anything I should test other than starting the services, backup, and restore?  Also, this article doesn't explicitly mention release 12, should that matter?  

My main concern is that we have to fill out a bunch of paperwork get this system configuration approved.  If we do that then find out it isn't right, we have to file a bunch more paperwork to change it.  
0
 
LVL 3

Accepted Solution

by:
------------ earned 125 total points
Comment Utility
your admin guide mentions all the necessary rights required by the backup exec service account

If backup exec is in a domain, besa account should be a domain admin
and if backing up exchange server it also has to be a exchange full admin or org admin for exchange 2007
for sql it has to be the db owner and so on..
0
 

Author Comment

by:qpm
Comment Utility
we were not able to get the service to start with the rights assigned as listed in the veritas document above unless the servce account was also an admin (BUILTIN\Administrators on the server).  If we took away admin rights, we got the error described in (http://seer.entsupport.symantec.com/docs/284604.htm).  
0

Featured Post

Why You Should Analyze Threat Actor TTPs

After years of analyzing threat actor behavior, it’s become clear that at any given time there are specific tactics, techniques, and procedures (TTPs) that are particularly prevalent. By analyzing and understanding these TTPs, you can dramatically enhance your security program.

Join & Write a Comment

Our Group Policy work started with Small Business Server in 2000. Microsoft gave us an excellent OU and GPO model in subsequent SBS editions that utilized WMI filters, OU linking, and VBS scripts. These are some of experiences plus our spending a lo…
By default, Carbonite Server Backup manages your encryption key for you using Advanced Encryption Standard (AES) 128-bit encryption. If you choose to manage your private encryption key, your backups will be encrypted using AES 256-bit encryption.
This tutorial will walk an individual through configuring a drive on a Windows Server 2008 to perform shadow copies in order to quickly recover deleted files and folders. Click on Start and then select Computer to view the available drives on the se…
This tutorial will walk an individual through the process of installing the necessary services and then configuring a Windows Server 2012 system as an iSCSI target. To install the necessary roles, go to Server Manager, and select Add Roles and Featu…

772 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

9 Experts available now in Live!

Get 1:1 Help Now