Solved

Server 2008 R2 Backup account permissions

Posted on 2010-08-26
3
625 Views
Last Modified: 2012-05-10
I'm not a Windows expert, so I'm turning to those who are.

I've setup a Windows Server 2008 R2 at my brother's medical office and created a special Backup account for the sole purpose of allowing the staff to monitor and initiate backups.

All files are compressed and encrypted onto flash drives.

The backups include user profiles which are saved on a different partition than the system drive and I use folder redirection to this location.

I do NOT want to make the Backup account part of the Administrators in order to limit any damage or access they can do under this special account, however, the Backup fails due to the inability to access the user profile folders, unless I include this account in the Administrators.

I tried manually adding access for the Backup account to each and every user profile folder, but 1) its way too tedious, 2) I have to do it for every new profile, 3) changing permissions has caused errors on some user profiles that completely corrupted them and required recreating the accounts.

Is there any other solution such as through GPO that will automatically grant read only access to the user profiles?

For the time being, I have included the Backup account as an administrator.
0
Comment
Question by:RogueMac
  • 2
3 Comments
 

Author Comment

by:RogueMac
ID: 33534726
PS: Even if the user is included in the Administrators group, there are still some folders within the user profiles that they are unable to automatically access (e.g. Contacts, Favorites, Links...) and I have to go in and manually set the permissions.

Is there another way?
0
 
LVL 63

Accepted Solution

by:
SysExpert earned 500 total points
ID: 33535412
No choice - backups require admin access or to be part of the backup Users group.

You should not need to create a backup group / role as it already exists.

0
 

Author Closing Comment

by:RogueMac
ID: 33535659
No, I did not say I created a backup group/role; I created a Backup LOGIN account.

I've already included the Backup account as part of the backup group, but that group does not automatically gain access to all the folders, so that group in reality is useless other than allowing any accounts under such groups to run scheduled routines.

But I just noticed that even if I include the Backup account as an administrator, there are certain folders (seems to be specific to Windows 7 user-specific folders like Contact, Favorites, Links...) that Administrators group can't access which causes failures in the backup program (SyncBackPro).
0

Featured Post

Use Case: Protecting a Hybrid Cloud Infrastructure

Microsoft Azure is rapidly becoming the norm in dynamic IT environments. This document describes the challenges that organizations face when protecting data in a hybrid cloud IT environment and presents a use case to demonstrate how Acronis Backup protects all data.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

##the calculator has been updated to version 1.6 please download the use the updated version## Hi there, After the previous post of the original version of the calculator here : http://www.experts-exchange.com/articles/OS/Microsoft_Operatin…
The question has been asked on multiple occasions as to how best to do printing in a remote desktop or terminal services environment.   It seems that this particular question has plagued several people and most especially as Terminal Services, as…
Two types of users will appreciate AOMEI Backupper Pro: 1 - Those with PCIe drives (and haven't found cloning software that works on them). 2 - Those who want a fast clone of their boot drive (no re-boots needed) and it can clone your drive wh…

790 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question