cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Veritas.com
Support

Give Helpdesk the rights to restore

Go to solution
chiprock
Level 3

‎09-26-2012 07:25 AM

We backup a file server with a variety of permissions.  I am looking to give our Helpdesk the ability to restore files that he/she does not neccisarily have permissions to.  The example would be a file that only our CEO has access to.  In theory the Helpdesk could redirect that file to a server that they have full admin on (such as the BE server), take permissions of that file, then open it.  Was hoping we could do one of these two things,

Option 1 - Limit their ability to restore based on NTFS permissions.  So if they don't have access to a file on the file server, they can't restore it.  Access denied error message.

Option 2 - Limit their ability to use file redirection.  So they could only restore a file back to its original location, which they would not have NTFS permissions, and they would not admin on the windows server therefore they couldn't take ownership of the file.

Option 3 - ????

We tend to do a lot of restores and it is cumbersome to the higher level admins to deal with some of these.  And to cut this question off we have looked at trying to get our users to not delete files they need.  Seems like a uphill battle that we can't win right now.

Any help is appreciated.

1 ACCEPTED SOLUTION

Accepted Solutions

Go to solution
CraigV
Moderator
Moderator
Partner    VIP    Accredited

‎09-26-2012 07:34 AM

Hi,

 

This sort of role-based access doesn't exist in BE at all. A number of posts have been doing the rounds about this over the past couple of years.

However, read my article below about how I created some sort of access level using the BE remote console (which is free!)...

 

https://www-secure.symantec.com/connect/articles/how-leverage-backup-execs-remote-console

Thanks!

View solution in original post

0 Kudos
3 REPLIES 3

Go to solution
CraigV
Moderator
Moderator
Partner    VIP    Accredited

‎09-26-2012 07:34 AM

Hi,

 

This sort of role-based access doesn't exist in BE at all. A number of posts have been doing the rounds about this over the past couple of years.

However, read my article below about how I created some sort of access level using the BE remote console (which is free!)...

 

https://www-secure.symantec.com/connect/articles/how-leverage-backup-execs-remote-console

Thanks!

0 Kudos

Go to solution
chiprock
Level 3

‎09-26-2012 10:35 AM

Thanks for the feedback.  We use the BE Console and that almost gets me there.  if I could just find a way to stop them from having the ability to redirect to another location.

0 Kudos

Go to solution
CraigV
Moderator
Moderator
Partner    VIP    Accredited

‎09-26-2012 11:34 AM

You can head on over to the Ideas section (https://www-secure.symantec.com/connect/backup-and-recovery/ideas) to add this in, but role-based security for BE hasn't been on the cards from what I can see.

Best bet is to give very select users access to do what you want them too which is restore.

0 Kudos