We have the following infar:-
1, Symantec BE 2010 with DLO on Windows 2003 Std. server.
2. DC is not in the same network rather in the different geographical location. There is only one OU and a ADC is there in the customer premissis which have the permission to only change the specific OU. A specific user is alotted to do this jobs. This user is not the admin user rather have the authentication to change the OU user and computers.
3. This DLO is not the current DLO version we have now, rather it was the old DLO which is intragated with BE 2010.
4. User are having Win XP and Win 7 system.
5. A specific folder is taken backup from all the user system.
6. All user are in the same network as the DLO server.
1. When adding the domain user for admin rights and others it was giving some problem. so I need to create a user under the OU and make that the local administartor of the DLO server. (i.e BE 2010 server).
2. When logging with this OU admin in the DLO server, I was unable to see the alerts of the DLO. But when logging with the local Administrator I ca see all alerts. (OU admin is in the local administrators group).
3. The DLO agent in the clients system gets disabled. All the troublshooting (registry edit, user share folder permission , etc) were tried. lastly we need to delete the computer from the DLO console (ultimately delete the user data from that system) and after re-logging of the user the agent were all enabled.
4. Adding a ned DLO client user also give the error " can not connect the Domain..." where I can see the user wjile adding. I need to disable the authentication check from the registry of the DLO server.
The account used to manage the DLO console must be a domain account with full administrative rights on the DLO server. Additionally, this account should be able to access/create the NUDF shares.
Whichever account is used to login to the DLO console, the same account is used to view the restore tab or the job logs. I am guessing in the current restricted environment, this user does not full administrative rights on the DLO server, which is why when you login via the local administrator you are able to view the logs/alerts.
Do ensure the account which is used also has appropriate permissions to access the BE_DLO DB.
DLO clients can be disabled for multiple reasons and would recommend to log a formal support case to review why it happens. Lastly, which authentication do you disable from the registry when adding a new client ?
The AD user have the full local administrator rights in the BE server. But still we need to use the local administrator as the domain user (with local administrtors rights) does not provide the user logs and alerts. And I have no trace.... why?
I have done the following change in the registry in the BE server as per the below KB articles.
Regarding, the database permission I need to check the permission.
Regarding the logs, I would recommend to have a try @ this KB first - http://www.symantec.com/business/support/index?page=content&id=TECH150594