Server 2008 R2 Backup account permissions

Posted on 2010-08-26
Medium Priority
Last Modified: 2012-05-10
I'm not a Windows expert, so I'm turning to those who are.

I've setup a Windows Server 2008 R2 at my brother's medical office and created a special Backup account for the sole purpose of allowing the staff to monitor and initiate backups.

All files are compressed and encrypted onto flash drives.

The backups include user profiles which are saved on a different partition than the system drive and I use folder redirection to this location.

I do NOT want to make the Backup account part of the Administrators in order to limit any damage or access they can do under this special account, however, the Backup fails due to the inability to access the user profile folders, unless I include this account in the Administrators.

I tried manually adding access for the Backup account to each and every user profile folder, but 1) its way too tedious, 2) I have to do it for every new profile, 3) changing permissions has caused errors on some user profiles that completely corrupted them and required recreating the accounts.

Is there any other solution such as through GPO that will automatically grant read only access to the user profiles?

For the time being, I have included the Backup account as an administrator.
Question by:RogueMac
  • 2

Author Comment

ID: 33534726
PS: Even if the user is included in the Administrators group, there are still some folders within the user profiles that they are unable to automatically access (e.g. Contacts, Favorites, Links...) and I have to go in and manually set the permissions.

Is there another way?
LVL 63

Accepted Solution

SysExpert earned 1000 total points
ID: 33535412
No choice - backups require admin access or to be part of the backup Users group.

You should not need to create a backup group / role as it already exists.


Author Closing Comment

ID: 33535659
No, I did not say I created a backup group/role; I created a Backup LOGIN account.

I've already included the Backup account as part of the backup group, but that group does not automatically gain access to all the folders, so that group in reality is useless other than allowing any accounts under such groups to run scheduled routines.

But I just noticed that even if I include the Backup account as an administrator, there are certain folders (seems to be specific to Windows 7 user-specific folders like Contact, Favorites, Links...) that Administrators group can't access which causes failures in the backup program (SyncBackPro).

Featured Post

Keep up with what's happening at Experts Exchange!

Sign up to receive Decoded, a new monthly digest with product updates, feature release info, continuing education opportunities, and more.

Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

Background Information Recently I have fixed file server permission issues for one of my client. The client has 1800 users and one Windows Server 2008 R2 domain joined file server with 12 TB of data, 250+ shared folders and the folder structure i…
Understanding the various editions available is vital when you decide to purchase Windows Server 2012. You need to have a basic understanding of the features and limitations in each edition in order to make a well-informed decision that best suits …
From store locators to asset tracking and route optimization, learn how leading companies are using Google Maps APIs throughout the customer journey to increase checkout conversions, boost user engagement, and optimize order fulfillment. Powered …
To export Lotus Notes to Outlook PST or Exchange and Domino Server files to Exchange Server or PST files with ease, go for Kernel for Lotus Notes to Outlook conversion tool. Through the video, you can watch the conversion process. A common user with…

624 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question