Want to protect your cyber security and still get fast solutions? Ask a secure question today.Go Premium

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 519
  • Last Modified:

Restrict C drive from EMC networker restoration console

Hi,
We are using EMC Networker version 8.0.1 for backup and restoration. Now we want to restrict/hide C drive from networker's restoration console.
I have prepared a group policy to restrict C drive and applied that group policy on backup user (which is being used to all backup and restoration jobs). C drive got hide when i login/RDP on any server thru backup ID but it still appeared/accessible from networker restoration console on all servers.

Please help me and let me know a way to achieve that.

We are using 2008 and 2012 servers and they all are on domain.
0
pdixit1977
Asked:
pdixit1977
  • 2
  • 2
  • 2
2 Solutions
 
strivoliCommented:
a. Which groups does the user belong to?
b. You want to restrict/hide but still want to backup data stored on C:?
0
 
theruckCommented:
you can not achieve that as the networker client process is running under an account which has to have rights to backup and restore. anyway you described only how you want to achieve something but it would be better if you tell us what you really need to achieve and maybe we could find another, proper and working way as your idea is not the right approach
0
 
pdixit1977Author Commented:
Sorry for delayed reply.

@strivoli :
1. they belongs to backup operator.
2. i want to restrict them completely on c drive, no backup and no restoration.


@theruck:
we have several branch office and each office have their own local IT team of 1-2 guys. Backup will run from central backup ID which is being mantained by backup team.
Local IT will take care of all restorations to their particular sites but these guys are not very much familiar/technical with backup application hence we want to restrict them on c drive so that even by accident/mistake they dont crash anything.

Hope i explained it, please let me know if you need anymore information.
0
Get your Disaster Recovery as a Service basics

Disaster Recovery as a Service is one go-to solution that revolutionizes DR planning. Implementing DRaaS could be an efficient process, easily accessible to non-DR experts. Learn about monitoring, testing, executing failovers and failbacks to ensure a "healthy" DR environment.

 
theruckCommented:
to be able to restore they need to have filesystem rights. the user profiles reside in the C:\ drive by default. i think you will need to build a trust in your IT stuff at branches or teach them how to do it. i can not see a way how you would secure your data from IT stuff mistake.
it is even in the documentation of networker as a first restore step

To recover the NetWorker client or storage node data:
1. Log on to Windows with local administrator privileges.

that says it all i think.
also keep ion mind that persons dealing with company data need to be trained and trusted as if you have access to a backup server you have access to all the data backed up (in general)
0
 
strivoliCommented:
Backup Operators can access any file (for backup and restore operations) by design. Your only chance is:
a. Assign the account to (only) a newly created group (call it "Demoted Backup Operators"),
b. Deny access to C: to the account only,
c. Allow access to other logical disks (such as D:?) to the account only in order to let him perform backups and restores.
0
 
pdixit1977Author Commented:
thanks
0

Featured Post

Concerto Cloud for Software Providers & ISVs

Can Concerto Cloud Services help you focus on evolving your application offerings, while delivering the best cloud experience to your customers? From DevOps to revenue models and customer support, the answer is yes!

Learn how Concerto can help you.

  • 2
  • 2
  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now