Truncate Exchange logs, what type of permission?

Availability for the Always-On Enterprise

Truncate Exchange logs, what type of permission?

Veeam Logoby jweave » Wed Oct 07, 2015 2:46 pm

I am looking to enable Application Aware on our exchange server, so we can truncate the logs. I would like to set up a user account to be able to handle that request. What type of permissions does that account need to have in order to process that?

Thanks
jweave
Influencer
 
Posts: 12
Liked: 1 time
Joined: Mon Apr 20, 2015 2:41 pm

Re: Truncate Exchange logs, what type of permission?

Veeam Logoby foggy » Wed Oct 07, 2015 2:47 pm

Account with local administrator rights is required.
foggy
Veeam Software
 
Posts: 16271
Liked: 1302 times
Joined: Mon Jul 11, 2011 10:22 am
Full Name: Alexander Fogelson

Re: Truncate Exchange logs, what type of permission?

Veeam Logoby jweave » Wed Oct 07, 2015 5:03 pm

Thanks for the quick reply. I did create a local account that has local admin rights, as well as verifying it. I am trying to log in as ComputerName\UserName with the password, and I am getting a "Do not have access rights" during the credential test. The user is a part of the local admin group too.
jweave
Influencer
 
Posts: 12
Liked: 1 time
Joined: Mon Apr 20, 2015 2:41 pm

Re: Truncate Exchange logs, what type of permission?

Veeam Logoby alanbolte » Wed Oct 07, 2015 6:55 pm

If this is your first time using the credentials tester, the output might be a little unclear. Does it show status for the VM in the left-hand column as 'warning' or 'error'? 'Warning' is more or less normal, because if you look closely there are two tests - connecting to guest OS via RPC, and connecting to guest OS via VIX. You only need one connection method for AAIP to work, but you get a warning from the tester if they don't both work.

"Do not have access rights" sounds like VIX isn't working.
RPC requires network connectivity from the backup server to the guest OS, as well as local administrator rights.
VIX does not require network connectivity, but requires either that UAC is completely disabled or that you specifically use the named "Administrator" account with SID ending in -500; in some cases you have to use that account regardless of UAC.

Note that you can use domain accounts, they just have to have appropriate local permissions.
alanbolte
Expert
 
Posts: 635
Liked: 172 times
Joined: Mon Jun 18, 2012 8:58 pm
Full Name: Alan Bolte

[MERGED] Permissions needed for Exchange 2016 backup

Veeam Logoby LMS » Mon Jan 01, 2018 6:02 am

Hi,

Case #0244235

We are trying to provide the lease required permission for Exchange 2016 application aware backup and restore process.

We created a new role group with roles ApplicationImpersonation, View-Only Configuration & View-Only recipients. As of now for testing the backup, we created a dedicated account and added to the newly created Role group as well with Organization management role group. Also added this account to local administrators group on both the Exchange 2016 MB servers.

With security point of view , here do we need to provide all the above mentioned permissions with the account used for application aware backup? Shall we remove the permission Organization management Role group for this account or it’s required? Also what about local admin privilege for this account?

Do we get a KB article / recommendation describing the required permissions for Exchange application aware backup?

Thanks in advance
LMS
Influencer
 
Posts: 17
Liked: never
Joined: Mon May 29, 2017 5:13 am
Full Name: MS Sunil

[MERGED] Permissions needed for Exchange 2016 backup

Veeam Logoby PTide » Mon Jan 01, 2018 12:15 pm

Hi,

Account with local administrator rights is required for AAIP to succeed.

As for restore:
helpcenter wrote:Full access to Microsoft Exchange database and its log files for item recovery. The account you plan to use for recovery should have both read and write permissions to all files in the folder with the database.

Also, it seems that your support case number is missing one digit, would you double-check that please?

Thanks
PTide
Veeam Software
 
Posts: 3998
Liked: 336 times
Joined: Tue May 19, 2015 1:46 pm


Return to Veeam Backup & Replication



Who is online

Users browsing this forum: Bing [Bot], georgewkenny, Google [Bot], Google Feedfetcher, Yuuki Masui and 69 guests