eeolson Posted December 16, 2009 Report Share Posted December 16, 2009 hello, I have setup retro small business server with exchange backup as recommended in the manual. Created an "RBU" user in Admin, Domain Admin and Backup Operator groups. Retrospect is set to always run as this user, and run in terminal services session. In most of my environments, we leave this session running, and backup operators remote into the machine as user RBU to manage backups. BUT, if I need to have a user without administrator privileges to manage media changes etc., how can I do this? Don't they have to login as RBU to see the status of running jobs, swap media etc? thanks! Quote Link to comment Share on other sites More sharing options...
Ramon88 Posted December 17, 2009 Report Share Posted December 17, 2009 I don't believe this is possible. Robin can correct me if I'm wrong, but due to the way Retrospect is set up you can only execute one instance at the same time. Because that runs on admin credentials you can't log in as a different user. If the developers would have set up the engine and gui as separate entities it would have been possible to set up the program in the way you want. But because there is no such separation it's probably difficult to make this happen for the developers. However you might be able to make some media changes happen in case of tape media. You can have your tape auto ejected after backup. A person can remove the tape form the drive and insert a new one, albeit 'blind', and thus have to rely on labels. Another option is to run Retrospect on a dedicated backup server, giving those users admin access on only that machine and not the rest of your network. However, they will be able to access backed up data that way, so it is not really protected from theft or nosy exploits. But there is a way around that by encrypting and password protect scripts and storage sets. Quote Link to comment Share on other sites More sharing options...
poorman Posted December 17, 2009 Report Share Posted December 17, 2009 An approach that might suffice is to rely on the email notifications to notify the people that change the tapes. (This is configured in Preferences -> Email.) You could direct those emails to whatever account you're willing to let the tape changers access, avoiding the need for them to log in as RBU. This is, essentially, what I do at home since the Activity Monitor doesn't work on my Retrospect 7.6 / Vista X64 system. (A defect that is fixed in 7.7, according to the release notes.) -- Pete Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.