User centric backups

[stylezg]

Hello community.

I am trialling VAW and our requirement is for it to only backup data against specific users (apologies as our testing has been very brief and not aggressive/in-depth at all).

For example, when we create a job/policy, it will be set against an OU that includes the users we desire for backup. The Veeam job (managed by VBR) will backup only their personal documents C:\Users\Username\ path which I can see is an available feature in VAW when managed by VBR.

However, many of the devices we have will occasionally have admin/helpdesk (other) staff login for period of time, or roaming users. As we do not wish for their data to be backed up although they have logged into that device (only the users in the OUs selected).

Currently during our testing, if we set an OU that includes users, it does not backup - it needs to include an OU with machines (if we are understanding this correctly).

Given our unique requirement, is there a suitable route to provide this configuration?

[Dima P.]

Hello and welcome to the community Gavin,

However, many of the devices we have will occasionally have admin/helpdesk (other) staff login for period of time, or roaming users. As we do not wish for their data to be backed up although they have logged into that device (only the users in the OUs selected).

In this case I recommend you to change backup job type to managed by agent. With this option job is controlled on a client (so whenever computer is shutdown or away from target repository backup server wont try to back it up).

[stylezg]

Thanks for the reply Dima.

I've RTFM'd to ensure I'm not posting Qs that are already in the user guide - but still struggling.

1). If I create a VAW job in "Managed by Agent" mode, my only 2 sources are "Protect Group" or "Individual Computer".
2). So I have to choose a "Protection Group" as this is of course the most sensible route to protect hundreds of machines.
3). When I select the "type" during the creation of a "Protection Group", I select "Microsoft Active Directory" as I desire to choose some OUs as my source
4). The OU I select as the source ONLY includes user accounts from AD that I want to protect (NO MACHINES).
5). When the PG is rescanned, it shows "0 hosts discovered"
6). I have an active users logged into a workstation which is in the OU container included in the backup critera - ergo, I'd expect to see the host/workstation be detected by the PG.
7). As the backup job then tried to run, there is literally no object in the job as the PG hasnt added the device.[/list][/list]

Is it possible I am trying to use VAW for a purpose it is not designed for (we're planning to use it for endpoint prortection on laptops in our estate) but specifically want to ONLY backup a certain criteria of users data.

If I am correct, then I guess the workaround here would be to protect everything at a machine level (as opposed to user level) but we would run the risk of backing up several user accounts that we do not need data protection for. I see I can set exclusions, but assume these would be machine exclusions and not user exclusions?

[stylezg]

Any update on this people - keen to deploy a workaround if I can source a VAW job from an OU that includes only user accounts. See image below.

[georgewkenny]

@Stylezg,

It appears the source of your protection group is simply an OU that contains only user accounts. We don't source the data in this fashion - we're typically seeking a resource that denotes "machines" (IP address, host name, OU/AD machines).

As you explain - this is for an endpoint solution, so dependent on your design/requirements, a suitable route would be to protect all devices (thus protecting all of the machines/users/profiles inclusively) and you can either reduce your storage footprint with something like ReFS or exclude certain file types from the backup. Alternatively, maybe a group-policy script to clean up those idle user profiles so that VAW doesn't sweep them up might be an alternative for you?....