Solved

Restrict C drive from EMC networker restoration console

Posted on 2013-06-21
6
508 Views
Last Modified: 2013-07-01
Hi,
We are using EMC Networker version 8.0.1 for backup and restoration. Now we want to restrict/hide C drive from networker's restoration console.
I have prepared a group policy to restrict C drive and applied that group policy on backup user (which is being used to all backup and restoration jobs). C drive got hide when i login/RDP on any server thru backup ID but it still appeared/accessible from networker restoration console on all servers.

Please help me and let me know a way to achieve that.

We are using 2008 and 2012 servers and they all are on domain.
0
Comment
Question by:pdixit1977
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
  • 2
  • 2
6 Comments
 
LVL 19

Expert Comment

by:strivoli
ID: 39268008
a. Which groups does the user belong to?
b. You want to restrict/hide but still want to backup data stored on C:?
0
 
LVL 14

Expert Comment

by:theruck
ID: 39269955
you can not achieve that as the networker client process is running under an account which has to have rights to backup and restore. anyway you described only how you want to achieve something but it would be better if you tell us what you really need to achieve and maybe we could find another, proper and working way as your idea is not the right approach
0
 

Author Comment

by:pdixit1977
ID: 39275195
Sorry for delayed reply.

@strivoli :
1. they belongs to backup operator.
2. i want to restrict them completely on c drive, no backup and no restoration.


@theruck:
we have several branch office and each office have their own local IT team of 1-2 guys. Backup will run from central backup ID which is being mantained by backup team.
Local IT will take care of all restorations to their particular sites but these guys are not very much familiar/technical with backup application hence we want to restrict them on c drive so that even by accident/mistake they dont crash anything.

Hope i explained it, please let me know if you need anymore information.
0
Has Powershell sent you back into the Stone Age?

If managing Active Directory using Windows Powershell® is making you feel like you stepped back in time, you are not alone.  For nearly 20 years, AD admins around the world have used one tool for day-to-day AD management: Hyena. Discover why.

 
LVL 14

Assisted Solution

by:theruck
theruck earned 125 total points
ID: 39275663
to be able to restore they need to have filesystem rights. the user profiles reside in the C:\ drive by default. i think you will need to build a trust in your IT stuff at branches or teach them how to do it. i can not see a way how you would secure your data from IT stuff mistake.
it is even in the documentation of networker as a first restore step

To recover the NetWorker client or storage node data:
1. Log on to Windows with local administrator privileges.

that says it all i think.
also keep ion mind that persons dealing with company data need to be trained and trusted as if you have access to a backup server you have access to all the data backed up (in general)
0
 
LVL 19

Accepted Solution

by:
strivoli earned 125 total points
ID: 39275968
Backup Operators can access any file (for backup and restore operations) by design. Your only chance is:
a. Assign the account to (only) a newly created group (call it "Demoted Backup Operators"),
b. Deny access to C: to the account only,
c. Allow access to other logical disks (such as D:?) to the account only in order to let him perform backups and restores.
0
 

Author Closing Comment

by:pdixit1977
ID: 39291909
thanks
0

Featured Post

Optimizing Cloud Backup for Low Bandwidth

With cloud storage prices going down a growing number of SMBs start to use it for backup storage. Unfortunately, business data volume rarely fits the average Internet speed. This article provides an overview of main Internet speed challenges and reveals backup best practices.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Auditing domain password hashes is a commonly overlooked but critical requirement to ensuring secure passwords practices are followed. Methods exist to extract hashes directly for a live domain however this article describes a process to extract u…
Had a business requirement to store the mobile number in an environmental variable. This is just a quick article on how this was done.
This tutorial will show how to configure a single USB drive with a separate folder for each day of the week. This will allow each of the backups to be kept separate preventing the previous day’s backup from being overwritten. The USB drive must be s…
This video shows how to use Hyena, from SystemTools Software, to bulk import 100 user accounts from an external text file. View in 1080p for best video quality.

737 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question