User privileges on a storage node

Acronis Backup & Recovery
Understanding Acronis Backup & Recovery 10
Understanding centralized management
Privileges for centralized management
User privileges on a storage node

The scope of a user’s privileges on Acronis Backup & Recovery 10 Storage Node depends on the user’s rights on the machine where the storage node is installed.

A regular user, such as a member of the Users group on the storage node, can:

Create archives in any centralized vault managed by the storage node
View and manage archives owned by the user

A user who is a member of the Administrators group on the storage node can additionally:

View and manage any archive in any centralized vault managed by the storage node
Create centralized vaults to be managed by the storage node—provided that the user is also an Acronis Backup & Recovery 10 Management Server administrator
Re-schedule the compacting task, as described in Operations with storage nodes, under “Change the compacting task schedule”

Users with these additional privileges are also called storage node administrators.

  Recommendations on user accounts

To allow users to access the centralized vaults managed by a storage node, you must ensure that those users have a right to access the storage node from the network.

If both the users’ machines and the machine with the storage node are in one Active Directory domain, you probably do not need to perform any further steps: all users are typically members of the Domain Users group and so can access the storage node.

Otherwise, you need to create user accounts on the machine where the storage node is installed. We recommend creating a separate user account for each user who will access the storage node, so that the users are able to access only the archives they own.

When creating the accounts, follow these guidelines:

For users whom you want to act as storage node administrators, add their accounts to the Administrators group.
For other users, add their user accounts to the Users group.

  Additional right of machine administrators

A user who is a member of the Administrators group on a machine can view and manage any archives created from that machine in a managed vault—regardless of the type of that user’s account on the storage node.

Example

Suppose that two users on a machine, UserA and UserB, perform backups from this machine to a centralized vault managed by a storage node. On the storage node, let these users have regular (non-administrative) accounts UserA_SN and UserB_SN, respectively.

Normally, UserA can access only the archives created by UserA (and owned by UserA_SN), and UserB can access only the archives created by UserB (and owned by UserB_SN).

However, if UserA is a member of the Administrators group on the machine, this user can additionally access the archives created from this machine by UserB—even though UserA’s account on the storage node is a regular one.

Acronis Backup & Recovery

User privileges on a storage node

User privileges on a storage node

Acronis Backup & Recovery > User privileges on a storage node

Acronis Backup & Recovery