Topics | How To | Related Topics
DB2 iDataAgents (DB2, DB2 DPF)
Exchange Agents (Exchange Compliance Archiver, Exchange Database, Exchange Mailbox, Exchange Mailbox Archiver, Exchange Public Folder, Exchange Public Folder Archiver, Exchange Web Folder)
Image Level ProxyHost iDataAgent
Lotus Domino Server iDataAgents
Microsoft Data Protection Manager iDataAgent
Microsoft SQL Server iDataAgent
Microsoft Windows File System iDataAgent
NetWare Server iDataAgents (File Archiver for NetWare, GroupWise, NetWare File System, Novell Directory Service)
Oracle iDataAgents (Oracle, Oracle RAC)
SharePoint Agents (SharePoint Archiver, SharePoint Database, SharePoint Document)
User accounts and passwords can be administered for various components of the product, including the CommServe, MediaAgents, and agents. These accounts and passwords allow you to perform various operations per the affected component. In some cases, user accounts and passwords are established during the install of the specific component, and in most cases they can be changed after the install via various operations from the CommCell Browser. To this latter end, you can use the CommCell Browser to populate either account-like dialog boxes or spaces within other types of dialog boxes with this information.
The CommCell network password is an internal security measure used to ensure that communications occur only between CommCell computers. By default, the software assigns each computer in the CommCell a different password. You can, at any time, define a new CommCell network password for any computer in the CommCell. Although you do not need to know the existing password to define a new one, you do need to have administrative privileges.
The CommCell network password can be changed from the Change System Password dialog box.
The CommCell network password can be changed from the Change Network Password dialog box. See Change the CommCell Network Password for step-by-step instructions.
You can also change the network password for one or more client computers from the command line. See ChangeNetworkPwd tool for more information.
The CommServe uses an account to access updates. This account can be changed from the User name and password dialog box. See Change Account for Accessing Updates for step-by-step instructions.
You can prepopulate user credentials to access the Maintenance Advantage web site automatically. See Change Account for Accessing the Maintenance Advantage Page for step-by-step instructions.
On Windows clients, you can use and change an Impersonate User account to access the Job Results Directory for the client. See User Impersonation for Accessing the Job Results Directory for more information.
You can use and change the account to register a domain controller with the CommServe. To register a domain controller, you must administer Name Servers in the CommCell Browser. You must register a domain controller to authenticate Single Sign On or to configure the Search Console for Content Indexing and Search. See Change Account to Register a Domain Controller with the CommServe for step-by-step instructions.
The Media Password is used to enforce credentials while using the Media Explorer (DR Tool) to restore data from a media. This password prevents the unauthorized access of data from media. The password is assigned during the installation of the CommServe and can be changed, and it becomes necessary in the case of a disaster. The password is stored as an encrypted string on the On Media Label (OML) of the tape, and the information for the password (including the SQL metadata, etc.) is stored encrypted in the OML of the tape and in the SQL database.
Only one media password is allowed per media. If you changed the media password, it will be effective for the next media. Keep in mind that the existing media can be accessed using only the old media password.
The Media Password can by changed from the Change System Password dialog box. To access this dialog box, use CommCell Console Control Panel. See Change the Media Password for step-by-step instructions.
If you want to provide more security by not allowing anyone else to read and decipher data on the media, you may want to enable Data Encryption. |
If you have a shared index cache, you will require a user account to access the shared index. See Configure a MediaAgent for Index Cache Sharing for more information.
The Active Directory account information is used to verify the rights to back up and restore data from the Active Directory Server. This information is initially assigned by the user during the installation of the iDataAgent.
If necessary, you can change the options established during installation or setup a non-administrator account from the CommCell Console. (See Change Account for Accessing Application Servers/Filers for step-by-step instructions.)
It is necessary to use an account with sufficient privileges. If a user account does not have sufficient privileges, Active Directory jobs may fail either in whole or part. Refer to User Privileges, for more information on user accounts. Consider the following analysis before setting up an account for the Active Directory iDataAgent.
Administrator account | Non-Administrator account |
As Administrative rights are provided by default, this account does not require additional rights. | Must
have Administrative rights in the Domain Controller.
You must specify an account that already exists. If the desired account does not exist, you must create it in the Active Directory Domain Controller. The account must be a member of the Domain Administrator group or have Read, Change, and Create Child Objects permissions for the Active Directory domain. Once the account is created, edit the Active Directory Agent Properties from the CommCell Console and provide one of the following:
|
You can define an account with permissions to execute Pre/Post commands for the agent's archive, backup, or volume creation jobs. See Pre-Post User Impersonation for Data Protection and Recovery Operations for more information.
You can define a user or an account with permissions to execute Pre/Post commands when creating Recovery Points. See Pre-Post User Impersonation for Data Protection and Recovery Operations for more information.
To perform data protection and recovery operations, the DB2 iDataAgents require a user account with one of the following privileges to access the DB2 application and database:
This account must already be set up on the client. Additional accounts should be established by the DB2 database administrator. To establish additional accounts on your own, consult the appropriate DB2 application documentation.
The user account can be added or modified from the CommCell Console using Instance Properties (for DB2) or Backup Set Properties (for DB2 and DB2 DPF). This allows you to regulate the number of databases accessed per specified user. See Create/Modify an Instance, Configure a Backup Set/Archive Set, and Change Account for Accessing Databases/Applications for step-by-step instructions.
The following pertains to DB2 and DB2 DPF on Windows:
You can define an account with permissions to execute Pre/Post commands for the agent's archive, backup, or volume creation jobs. See Pre-Post User Impersonation for Data Protection and Recovery Operations for more information.
The Documentum iDataAgent requires you to configure two types of application accounts:
These accounts are used when the Docbase and database are installed. You need to specify these accounts at the instance level of the Documentum iDataAgent. Subsequently, they can also be changed later on at the instance level if required.
To perform data protection and recovery operations, the Documentum iDataAgent requires a user account to log on to the related Documentum docbase to access the data. The user account is the Documentum Install owner account that was used to install the Documentum software.
The account must already be set up on the client.
You can change the Documentum Repository user account details from the instance level.
If using an Oracle database, the Documentum iDataAgent requires an Oracle account to access the database.
You can use a database user account to verify the rights to access Oracle databases. You can use an account for the standard database, and you can use an account for the Recovery Catalog database. The account information is included within one or more of the following database connect strings:
The standard database user account must have the following privileges:
Alternatively, instead of the SELECT ANY TABLE privilege, you can create less powerful user IDs with the following object privileges:
The Recovery Catalog database user account must have recovery catalog owner privileges.
The above mentioned accounts must already be set up on the client. Additional accounts (except Impersonate User) should be established by Oracle database administrator. To establish additional accounts on your own, consult the appropriate Oracle application documentation.
You can change the user account details from the instance level.
If using a DB2 database, the Documentum iDataAgent requires an DB2 account to access the database.
To perform data protection and recovery operations, the DB2 iDataAgents require a user account with one of the following privileges to access the DB2 application and database:
This account must already be set up on the client. Additional accounts should be established by the DB2 database administrator. To establish additional accounts on your own, consult the appropriate DB2 application documentation.
You can change the user account details from the instance level.
To perform data protection and recovery operations, various Exchange agents require a user account to log on to the related server to access the data. The affected agents include: Exchange Mailbox, Exchange Public Folder, Exchange Compliance Archiver, Exchange Mailbox Archiver and Exchange Public Folder Archiver. The account must have Exchange administrator privileges.
This account information is input during the Exchange agent install.
The account must already be set up on the client. Additional accounts should be established by the Exchange database administrator. To establish additional accounts on your own, consult the appropriate Exchange application documentation.
The user account can be added or modified from the CommCell Console at the agent level. See Change Account for Accessing Application Servers/Filers for step-by-step instructions.
See Advanced Configuration - Exchange Mailbox iDataAgent Configuration for information.
Once Single Sign-On has been configured, then Outlook users may perform find and browse recoveries of archived messages without the need to enter CommCell authentication credentials. When users select the Outlook Add-In option to Find and Recover Messages, their Windows user accounts are automatically granted rights to access the CommServe to perform this function as part of a CommCell User Group. For more information, see Single Sign On.
You can define an account with permissions to execute Pre/Post commands for the agent's archive, backup, or volume creation jobs. See Pre-Post User Impersonation for Data Protection and Recovery Operations for more information.
You can define an account with permissions to execute Pre/Post commands for data recovery jobs. See Pre-Post User Impersonation for Data Protection and Recovery Operations for more information.
You can define an account with permissions to execute Pre/Post commands for the agent's archive, backup, or volume creation jobs. See Pre-Post User Impersonation for Data Protection and Recovery Operations for more information.
You can define a user or an account with permissions to restore data to either mapped/shared network drives or directories to which you have no write privileges. See Change Account for Restoring to Mapped/Share Network Drives and Restricted Directories for step-by-step instructions.
If you are using the Celerra Proxy Stub Subclient feature, which allows the File Archiver for Windows Agent to archive and recover data residing on an EMC Celerra File Server, you must enter authentication information to access data on the file server for this purpose. For step-by-step instructions, see Configure File Server/Proxy Authentication Credentials.
The user account must have read and write permissions on the CIFS share and exported to the network storage file server/proxy. The user account must also have admin access to filer and read/write access to the Windows registry on the proxy computer.
The following pertain to Image Level on Windows:
You can define an account with permissions to execute Pre/Post commands for the agent's archive, backup, or volume creation jobs. See Pre-Post User Impersonation for Data Protection and Recovery Operations for more information.
You can define a user or an account with permissions to restore data to either mapped/shared network drives or directories to which you have no write privileges. See Change Account for Restoring to Mapped/Share Network Drives and Restricted Directories for step-by-step instructions.
You can define an account with permissions to execute Pre/Post commands for the agent's archive, backup, or volume creation jobs. See Pre-Post User Impersonation for Data Protection and Recovery Operations for more information.
You can define a user or an account with permissions to restore data to either mapped/shared network drives or directories to which you have no write privileges. See Change Account for Restoring to Mapped/Share Network Drives and Restricted Directories for step-by-step instructions.
To perform data protection and recovery operations, the Informix iDataAgent requires a user account to access the Informix application and database. This account must have administration privileges (default) or Informix administration privileges.
The account must already be set up on the client. Additional accounts should be established by the Informix database administrator. To establish additional accounts on your own, consult the appropriate Informix application documentation.
The user account can be added or modified from the CommCell Console using Instance Properties. See Create/Modify an Instance and Change Account for Accessing Databases/Applications for step-by-step instructions.
You can define an account with permissions to execute Pre/Post commands for the agent's archive, backup, or volume creation jobs. See Pre-Post User Impersonation for Data Protection and Recovery Operations for more information.
You can define a user or an account with permissions to restore data to either mapped/shared network drives or directories to which you have no write privileges. See Change Account for Restoring to Mapped/Share Network Drives and Restricted Directories for step-by-step instructions.
You can define an account with permissions to execute Pre/Post commands for the agent's archive, backup, or volume creation jobs. See Pre-Post User Impersonation for Data Protection and Recovery Operations for more information.
The Microsoft SQL Server iDataAgents require a user account to access the SQL Server application and database. The account can be either:
The user account can be added or modified at four levels:
Ensure that the SQL Server service for instances being protected are not using the Network Service account as restores will fail. |
You can define an account with permissions to execute Pre/Post commands for the agent's archive, backup, or volume creation jobs. See Pre-Post User Impersonation for Data Protection and Recovery Operations for more information.
You can define an account with permissions to execute Pre/Post commands for data recovery jobs. See Pre-Post User Impersonation for Data Protection and Recovery Operations for more information.
You can define from the subclient level an account to be used when configuring a UNC Path as part of the subclient's content.
The user name and password that you use must have sufficient rights to access the share to which the UNC Path is pointing. Also, the user name and password must have the right to log on to the client machine that is running the backup, as well as rights to the logs on that computer.
To perform a backup or a restore operation using a UNC Path as either the content of the subclient or the destination for a restore, we recommend using an account that has administrative privileges. Also, the User Account that is used must be an account that already exists. If you choose to use an account that does not exist, it must be created.
Once you establish the account, you can modify the account. See Change Account for Configuring UNC Paths for step-by-step instructions.
You can define an account with permissions to execute Pre/Post commands for the agent's archive, backup, or volume creation jobs. See Pre-Post User Impersonation for Data Protection and Recovery Operations for more information.
You can define an account with permissions to execute Pre/Post commands for data recovery jobs. See Pre-Post User Impersonation for Data Protection and Recovery Operations for more information.
You can define a user or an account with permissions to restore data to either mapped/shared network drives or directories to which you have no write privileges. See Change Account for Restoring to Mapped/Share Network Drives and Restricted Directories for step-by-step instructions.
For an overview, see Services: Running Services Using a Windows User.
Generally, to run backups , the user must be either an administrator or a member of the Backup Operators group. Each such member acquires backup rights. Backup operators (or Service Users) are designed to have full control to the registry and the install folder.
To back up the System State data, the service user must be either an administrator or a backup operator. Also, system state backups require backup operator group permissions on the HKLM\SYSTEM\SETUP key to enable system-protected file backups.
The 1-Touch component of system state backups will fail whenever you run services as a backup operator. As a workaround, either skip backing up 1-Touch information during system state backups by using the SKIP_1TOUCH_BACKUP registry key, or run the backups using the local system account. |
An administrator or a backup operator in a local group can back up any file and folder on the local computer to which the local group applies. An administrator or backup operator on a domain controller can back up any file and folder on any computer in the domain or any computer in a domain where a two-way trust relationship exists.
To back up files if you are not an administrator or a backup operator, you must be the owner of the files and folders you want to back up or have one or more of the following permissions for the files and folders you want to back up: Read, Read and execute, Modify, or Full Control.
You must enable backup operator access to the registry and directory.
To add a user to the Backup Operators Group on a domain controller, use Active Directory users and computers.
Also, on a domain controller, you may need to modify the Domain Controller Security Policy since a domain controller overrides the Local Security Policy. In addition, when you set the policy for DC security policy, this policy adds itself to the local policy as an "Effective Policy Setting". This means the domain controller is using a policy that has overwritten the Local Policy Setting.
See Set Up or Modify User Permissions and Rights for more information.
Generally, only restore rights are required to restore files. For a Windows 2000 Server, these rights are inherited by backup operators. For a Windows 2003 Server, you must add backup operators to the 'Restore Files and Folder' Local Security Policy.
To restore System State data, one of the following must be true: the service user is a local administrator, or Services will be run as a local system. See Set Up or Modify User Permissions and Rights for more information.
See the following procedures as appropriate:
To perform data protection and recovery operations, the MySQL iDataAgent requires the following user account :
You can use the MySQL Server user account to verify the rights to perform all data protection and recovery operations for the associated MySQL Server instance
The user accounts can be added or modified from the CommCell Console using Instance Properties.
MySQL users should have special privileges to perform backups and recovery.
For Backup:
As a MySQL user, you should have the following permissions to perform backups:
SHOW DATABASES, SUPER, RELOAD,SELECT, LOCK
Example Query to grant the required permissions for backup is as follows:
mysql> GRANT SHOW DATABASES, SELECT, LOCK TABLES, RELOAD,SUPER ON *.* to <backup_agent username>@localhost IDENTIFIED BY '<backup_agent password>';
However, it is recommended to grant all Database Administrator privileges to perform backup operations too.
Example:
mysql> GRANT ALL PRIVILEGES ON *.* TO <backup_agent username>@localhost IDENTIFIED BY '<backup_agent password>';
For Restore:
You should have full Database Administrator privileges to perform restore operations:
Example Query to grant the required permissions for restore is as follows:
mysql> GRANT ALL PRIVILEGES ON *.* TO <restore_agent username>@localhost IDENTIFIED BY '<restore_agent password>' WITH GRANT OPTION;
See Create/Modify an Instance and Change Account for Accessing Instances for step-by-step instructions.
To perform data protection and recovery operations, the NAS agents require a user account to log on to the related file server to access the data. The user account depends upon the file server being accessed.
Where appropriate, the user account can be added or modified from the CommCell Console at the agent level. See Change Account for Accessing Application Servers/Filers for step-by-step instructions.
You can define an account with permissions to execute Pre/Post commands for the agent's archive, backup, or volume creation jobs. See Pre-Post User Impersonation for Data Protection and Recovery Operations for more information.
To perform data protection and recovery operations, the NetWare Server agents require a user account to log on to the related server to access the data. This account information is input during the NetWare Server iDataAgent install.
This account must already be set up on the client. Additional accounts should be established by the NetWare Server administrator. To establish additional accounts on your own, use the appropriate NetWare administration tool or consult the appropriate NetWare Server application documentation.
The user account can be added or modified from the CommCell Console at the agent level. See Change Account for Accessing Application Servers/Filers for step-by-step instructions.
You can define a user or an account with permissions to restore data to either mapped/shared network drives or directories to which you have no write privileges. See Change Account for Restoring to Mapped/Share Network Drives and Restricted Directories for step-by-step instructions.
To perform data protection and recovery operations, the Oracle and Oracle RAC iDataAgents require two user accounts. These accounts include:
For Oracle on Unix, you can use the operating system user account to verify the rights to perform all data protection and recovery operations for the associated Oracle instance. For Oracle on Windows, use the Impersonate User option for this purpose.
You can use a database user account to verify the rights to access Oracle databases. You can use an account for the standard database, and you can use an account for the Recovery Catalog database. The account information is included within one or more of the following database connect strings:
The standard database user account must have the following privileges:
Alternatively, instead of the SELECT ANY TABLE privilege, you can create less powerful user IDs with the following object privileges:
The Recovery Catalog database user account must have recovery catalog owner privileges.
The above mentioned accounts must already be set up on the client. Additional accounts (except Impersonate User) should be established by Oracle database administrator. To establish additional accounts on your own, consult the appropriate Oracle application documentation.
See Create/Modify an Instance, Change Instance Details, and Change Account for Accessing Databases/Applications for step-by-step instructions.
The following pertain to Oracle on Windows:
You can define an account with permissions to execute Pre/Post commands for the agent's archive, backup, or volume creation jobs. See Pre-Post User Impersonation for Data Protection and Recovery Operations for more information.
You can define an account with permissions to execute Pre/Post commands for data recovery jobs. See Pre-Post User Impersonation for Data Protection and Recovery Operations for more information.
To perform data protection and recovery operations, the PostgreSQL iDataAgent requires the following user account :
You can use the PostgreSQL Server user account to verify the rights to perform all data protection and recovery operations for the associated PostgreSQL Server instance
The user accounts can be added or modified from the CommCell Console using Instance Properties. See Create/Modify an Instance and Change Account for Accessing Instances for step-by-step instructions.
You can define an account with permissions to execute Pre/Post commands for the agent's archive, backup, or volume creation jobs. See Pre-Post User Impersonation for Data Protection and Recovery Operations for more information.
You can define a user or an account with permissions to restore data to either mapped/shared network drives or directories to which you have no write privileges. See Change Account for Restoring to Mapped/Share Network Drives and Restricted Directories for step-by-step instructions.
To perform data protection and recovery operations, the Quick Recovery Agent with Exchange requires a user account to log on to the related server to access the data. The account must have either of the following privileges:
This account information is input during the Exchange agent install.
The account must already be set up on the client. Additional accounts should be established by the Exchange database administrator. To establish additional accounts on your own, consult the appropriate Exchange application documentation.
You can select an Exchange application and change the associated user account from the CommCell Console at the agent level. Also, if you are including another Exchange Server, you can change the Exchange Server Name. See Change Account for Accessing Application Servers/Filers for step-by-step instructions.
Also, consider the following:
To perform data protection and recovery operations, the Quick Recovery Agent with SQL Server requires a user account to access the SQL Server application and database. The account must have the following privileges:
The account must already be set up on the client. Additional accounts should be established by the SQL database administrator. To establish additional accounts on your own, consult the appropriate Microsoft SQL Server application documentation.
You can select a SQL Server application and change the associated user account from the CommCell Console at the agent level. See Change Account for Accessing Application Servers/Filers for step-by-step instructions.
Also, consider the following:
For the Quick Recovery Agent with NAS, you can change from the agent level the account for discovering network drives. This account has permissions on both the NAS data server and the Quick Recovery Agent machine. In effect, this account also has permissions on the CIFS shares that are backed up.
Since the NAS data server and the Quick Recovery Agent machine can never be the same machine, the account is a network (and not a local) account. Therefore, since the account has permissions on both machines, the machines must either be in the same domain or have an appropriate trust set up.
See Change Account for Discovering Network Drives for step-by-step instructions.
To perform data protection and recovery operations, the Quick Recovery Agent with Oracle requires an Impersonate User account with administrator privileges to access the Oracle application and database. The account must already be set up on the client.
You can add/select an Oracle instance and add/modify the associated user account from the CommCell Console at the agent level. See Change Account for Accessing Databases for step-by-step instructions.
You can define an account with permissions to execute Pre/Post commands for the agent's archive, backup, or volume creation jobs. See Pre-Post User Impersonation for Data Protection and Recovery Operations for more information.
To perform backup and restore operations, the user must have administrator privileges to access the Oracle application.
For command line operations, the user credentials are provided during the backup or restore operation from the command line.
In the case of backup and restore operations from the CommCell Console, the user credentials to access the Oracle application are provided initially when you create the instance. If necessary, the credentials can be modified from the General tab of the Instance Properties dialog box.
Always use the following user name to perform backup and restore operations from the CommCell Console for the associated instance:
On Unix clients:
Moreover, to verify the rights to access Oracle databases, you need to use a database user account. The account information is included within one or more of the following database connect strings:
The standard database user account must have the following privileges:
Alternatively, instead of the SELECT ANY TABLE privilege, you can create less powerful user IDs with the following object privileges:
The above mentioned accounts must already be set up on the client. Additional accounts (except Impersonate User) should be established by Oracle database administrator. To establish additional accounts on your own, consult the appropriate SAP for Oracle application documentation.
To perform data protection and recovery operations, the SharePoint agents require a user account to log on to the related file server to access the data. This account must have the required rights to create and modify SharePoint databases.
For the SharePoint Server iDataAgent and SharePoint Archiver, consider the following.
The Base Services of the client will run under the user account that is specified. Use an account that meets this criteria:
In addition, this account must have "Log on as Service" permissions to ensure the Communication (CVD) Services will start. For more information on Base and Communication (CVD) Services, see Services.
Refer to the Knowledge Base article Galaxy Service Account User Information for Windows 2003 and Window Server 2003 clients available from the Maintenance Advantage web site.
This account must already be set up on the client. Additional accounts should be established by the SharePoint database administrator. To establish additional accounts on your own, consult the appropriate SharePoint application documentation.
The user account can be added or modified from the CommCell Console at the agent level.
For Database backup sets, you can change:
For Document backup sets, you can change the Administrator Account.
See Change Account for Accessing Application Servers/Filers for step-by-step instructions.
You can define an account with permissions to execute Pre/Post commands for the agent's archive, backup, or volume creation jobs. See Pre-Post User Impersonation for Data Protection and Recovery Operations for more information.
To perform data protection and recovery operations, the Sybase iDataAgent requires two user accounts. They are:
You can use the operating system user account to verify the rights to perform all data protection and recovery operations for the associated Sybase instance
For Sybase on Unix, the account information for accessing the database is input during the Sybase iDataAgent install.
These accounts must already be set up on the client.
You can perform backups of Sybase databases and restore non-system databases with operating system user account (operator role) privileges. However, when you perform backup with operating system user account (operator role) privileges, you need to have access to all the databases (if more than one database exists) in an instance.
If you need to restore Sybase system databases, then you need Sybase database administrator (SA role) privileges.
The user accounts can be added or modified from the CommCell Console from Accounts tab of Instance Properties. See Configuring User Accounts for step-by-step instructions.
Additional accounts should be established by the Sybase database administrator. To establish additional accounts on your own, consult the appropriate Sybase application documentation.
Users performing backup and restore operations must have credentials with sufficient permissions granted on the Virtual Center or ESX Server. Datacenter Administrator is an example of an account with acceptable privileges for these operations.
For VCB environments, the VCB Role is sufficient for both backup and restore operations.
For vSphere VADP environments, the VCB Role can be used for backups, but require the following additional privileges for restore operations:
In both VCB and vSphere VADP environments, user-defined roles can be created provided the above-mentioned privileges are included in those roles.
Passwords for ESX Server or Virtual Center instances cannot have single-quote (') or double-quote (") characters. |
To configure the user account associated with the Virtual Center, click the Configure Password button. Enter the credentials in the dialog displayed.
To configure the user account associated with the ESX Server:
Please note the following issues.
You must use the local system account for this purpose.
To perform a full system restore, see Disaster Recovery. A full system restore should be performed using only the local system account because this account has full rights to restore the data on the computer. If a full system restore runs as a User, registry and other data will not be restored properly because the User does not have the required rights to write to the system. Even when restoring just the system state or system state services (system databases), the services must be running as a local system account; otherwise, the restore will fail. Also, following a full system restore, the user no longer has rights to the registry key. Therefore, you may have to give the User permissions to this key in the registry following a full system restore.
QSnap fails to snap volumes when services are running as a backup operator account. Therefore, use a local system account to this purpose.
When you open Outlook, a pop-up message indicating that you have an older OST file is displayed. You can delete this file and create a new one if necessary.
During a file system backup, there maybe a message logged in clbackup.log indicating you are unable to turn off the archive attribute after the backup. This happens because the user does not have the rights to write to this folder (e.g., C:\Program Files\).
During file system backups and restores, the following message is displayed:
W2K File System: Failed to enumerate share information [[997 Access is denied.]
Note that backups will be successful even if this message is displayed.
Operations performed with this feature are recorded in the Audit Trail. See Audit Trail for more information.
If you are getting invalid password errors and you are sure that your password is correct, try changing your password.