-
- Influencer
- Posts: 12
- Liked: 1 time
- Joined: Apr 20, 2015 2:41 pm
- Contact:
Truncate Exchange logs, what type of permission?
I am looking to enable Application Aware on our exchange server, so we can truncate the logs. I would like to set up a user account to be able to handle that request. What type of permissions does that account need to have in order to process that?
Thanks
Thanks
-
- Veeam Software
- Posts: 21139
- Liked: 2141 times
- Joined: Jul 11, 2011 10:22 am
- Full Name: Alexander Fogelson
- Contact:
Re: Truncate Exchange logs, what type of permission?
Account with local administrator rights is required.
-
- Influencer
- Posts: 12
- Liked: 1 time
- Joined: Apr 20, 2015 2:41 pm
- Contact:
Re: Truncate Exchange logs, what type of permission?
Thanks for the quick reply. I did create a local account that has local admin rights, as well as verifying it. I am trying to log in as ComputerName\UserName with the password, and I am getting a "Do not have access rights" during the credential test. The user is a part of the local admin group too.
-
- Veteran
- Posts: 635
- Liked: 174 times
- Joined: Jun 18, 2012 8:58 pm
- Full Name: Alan Bolte
- Contact:
Re: Truncate Exchange logs, what type of permission?
If this is your first time using the credentials tester, the output might be a little unclear. Does it show status for the VM in the left-hand column as 'warning' or 'error'? 'Warning' is more or less normal, because if you look closely there are two tests - connecting to guest OS via RPC, and connecting to guest OS via VIX. You only need one connection method for AAIP to work, but you get a warning from the tester if they don't both work.
"Do not have access rights" sounds like VIX isn't working.
RPC requires network connectivity from the backup server to the guest OS, as well as local administrator rights.
VIX does not require network connectivity, but requires either that UAC is completely disabled or that you specifically use the named "Administrator" account with SID ending in -500; in some cases you have to use that account regardless of UAC.
Note that you can use domain accounts, they just have to have appropriate local permissions.
"Do not have access rights" sounds like VIX isn't working.
RPC requires network connectivity from the backup server to the guest OS, as well as local administrator rights.
VIX does not require network connectivity, but requires either that UAC is completely disabled or that you specifically use the named "Administrator" account with SID ending in -500; in some cases you have to use that account regardless of UAC.
Note that you can use domain accounts, they just have to have appropriate local permissions.
-
- Influencer
- Posts: 24
- Liked: never
- Joined: May 29, 2017 5:13 am
- Full Name: MS Sunil
- Contact:
[MERGED] Permissions needed for Exchange 2016 backup
Hi,
Case #0244235
We are trying to provide the lease required permission for Exchange 2016 application aware backup and restore process.
We created a new role group with roles ApplicationImpersonation, View-Only Configuration & View-Only recipients. As of now for testing the backup, we created a dedicated account and added to the newly created Role group as well with Organization management role group. Also added this account to local administrators group on both the Exchange 2016 MB servers.
With security point of view , here do we need to provide all the above mentioned permissions with the account used for application aware backup? Shall we remove the permission Organization management Role group for this account or it’s required? Also what about local admin privilege for this account?
Do we get a KB article / recommendation describing the required permissions for Exchange application aware backup?
Thanks in advance
Case #0244235
We are trying to provide the lease required permission for Exchange 2016 application aware backup and restore process.
We created a new role group with roles ApplicationImpersonation, View-Only Configuration & View-Only recipients. As of now for testing the backup, we created a dedicated account and added to the newly created Role group as well with Organization management role group. Also added this account to local administrators group on both the Exchange 2016 MB servers.
With security point of view , here do we need to provide all the above mentioned permissions with the account used for application aware backup? Shall we remove the permission Organization management Role group for this account or it’s required? Also what about local admin privilege for this account?
Do we get a KB article / recommendation describing the required permissions for Exchange application aware backup?
Thanks in advance
-
- Product Manager
- Posts: 6551
- Liked: 765 times
- Joined: May 19, 2015 1:46 pm
- Contact:
[MERGED] Permissions needed for Exchange 2016 backup
Hi,
Account with local administrator rights is required for AAIP to succeed.
As for restore:
Thanks
Account with local administrator rights is required for AAIP to succeed.
As for restore:
Also, it seems that your support case number is missing one digit, would you double-check that please?helpcenter wrote:Full access to Microsoft Exchange database and its log files for item recovery. The account you plan to use for recovery should have both read and write permissions to all files in the folder with the database.
Thanks
Who is online
Users browsing this forum: Baidu [Spider], Bing [Bot], Semrush [Bot] and 55 guests