thank you for you prompt answer,
The society i am working for prefer to not join this server on an active directory domain but i think, as you, to use active directory credential is the best solution to make users the only owner of their backup. It the only solution i see to solve this security issue.
Non admin user depend of support to restore their data and admins will be able to access only to their backup.
Can you tell me if i am wrong?