Wednesday, July 16, 2008

Backup Exec Service Account

Because some of my servers are NOT part of a domain, I needed to create a local user account to run Backup Exec. I had a hard time finding the correct user rights to assign the account, but finally found the correct combination of user groups and user right assignments that are needed to do this. So if you need to do this (or I do in the future), here is how I do it.

UserAccount.pngCreate a new user account
  1. Click on the "Start" button
  2. Click on the "Administrative Tools" menu option
  3. Double-click on "Computer Management"
  4. Double-click on "System Tools" node
  5. Double-click on "Local Users and Groups" node
  6. Click on the "Users" node.
  7. Right-click on the Users node, select "New User..."
  8. Provide a username
  9. Provide a strong password (I suggest a 12 - 14 character one from here)
  10. Uncheck "User must change password at next logon"
  11. Check "User cannot change password"
  12. Check "Password never expires"
  13. Click the "Create" button
  14. Double-click on the user account to open it's property sheet
  15. Click on the "Member of" tab
  16. Click the "Add" button
  17. Type "Administrators", click the "OK" button
  18. Click the "Add" button
  19. Type "Backup Operators", click the "OK" button
  20. Click the "OK" button
LocalSecurityPolicy.pngAssign User Rights to Account
  1. Click on the "Start" button
  2. Click on the "Administrative Tools" menu option
  3. Double-click on "Local Security Policy"
  4. Expand the "Local Policies" node
  5. Expand the "User Rights Assignments" node
  6. Double-click on the "Act as a part of Operating System" right
  7. Click the "Add User or Group" button
  8. Type the name of the user account you created, then click the "OK" button
  9. Double-click on the "Create a token object" right
  10. Click the "Add User or Group" button
  11. Type the name of the user account you created, then click the "OK" button
  12. Double-click on the "Log on as a service" right
  13. Click the "Add User or Group" button
  14. Type the name of the user account you created, then click the "OK" button
  15. Double-click on the "Manage auditing and security log" right
  16. Click the "Add User or Group" button
  17. Type the name of the user account you created, then click the "OK" button
  18. Close the "Local Security Settings" window
Update: Symantec reference document 253759
Posted by at
Labels:

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)