cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Veritas.com
Support

Where are EV admin roles defined in the directory database

Topper454
Level 3
Partner Accredited

‎08-23-2013 06:59 AM

Hi,

I am trying to overcome the following error with the BE archiving option.

Access denied. User is not in a role that allows '(STO) Can Administer vault Stores and Partions'

This error appears in the EV event log when I attempt to create a vault store.

No vault stores have as yet been created.

Symantec tech note TECH182988 has been applied to no avail.

I have trawled through a "Real" EV directory database and can find no reference to the defnition of Roles.

The only reference to managing EV roles is through the VAC.

Does anyone know of a method of managing roles via registry / directory database?

Many Thanks

Topper454

0 Kudos
5 REPLIES 5

GabeV
Level 6
Employee Accredited

‎08-23-2013 07:09 AM

Hi topper,

I believe what you are looking for is the Authorization Manager. Do right click over the Directory in the VAC:

Capture_0.JPG

You can use Authorization Manager to assign the user account from BE to perform backups.

I hope this helps.

0 Kudos

Ben_Watts
Level 6
Employee Accredited

‎08-23-2013 07:12 AM

Hi Topper,

No you cant really define roles via SQL, the way permissions are kept in SQL for EV, understandably is 'complex' and near impossible to use.

The Roles membership, as you mention above, is usually done via the Authorization Manager from within the VAC.

Which account are you trying to create a Vault Store with, is it the VSA or another?

 

Gabe beat me to it, as Gabe says, via the VAC.

0 Kudos

GabeV
Level 6
Employee Accredited

‎08-23-2013 07:20 AM

Also, '(STO) Can Administer vault Stores and Partions' is considered an operation:

Capture1_2.JPG

The Task 'EVT Manage Enterprise Vault Vault Stores' contains this operation:

Capture_1.JPG

So, you need to assign the Role 'Storage Administrator' to the account:

Capture_2.JPG

But, you can always assign just the operation or the task if you only want to assign ONLY a specific privilege to the user account.

I hope this helps.

0 Kudos

EdLacey
Level 5
Certified

‎08-23-2013 07:22 AM

Here's an article about the associated files - http://www.symantec.com/docs/TECH130113

0 Kudos

Topper454
Level 3
Partner Accredited

‎08-23-2013 07:29 AM

Hi

Thanks to everyone for the rapid replys, especially as it is a Friday afternoonsmiley

As I said in the original message this is to do with Backup Exec Archiving option which is a cut down

"McDonalds happy meal" version of EV (everything is done in the background for you and it is very difficult to make any changes)

So basically the only way to modify the Roles is through the VAC via the Authorization Manager.

Looks like I will have to try and strip the archiving option off  the Backup Exec media server and start again.

Thanks again

Cheers

Topper  

 

 

 

0 Kudos