Networker
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: [Networker] How to control access for recovers?

2007-08-17 13:06:31
Subject: Re: [Networker] How to control access for recovers?
From: Maarten Boot <mboot AT MBOOT DOT ORG>
To: NETWORKER AT LISTSERV.TEMPLE DOT EDU
Date: Fri, 17 Aug 2007 18:56:23 +0200 
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

I dont think that is posible but remember that cross platform recovery
does not really work anyway as far as I remember.

maarten

George Sinclair wrote:
> I would like to be able to grant access to one or more Windows
> administrators to be able to recover *any* data backed up from Windows
> machines, but is there a way to grant them this access without giving
> them permission to also recover data backed up from Unix machines?
> 
> We're using 7.2.2 on a Solaris server, backing up both Unix and Windows
> clients.
> 
> Under nwadmin, I see the "User Groups", featuring 'Users' and
> 'Administrators'. It seems that these two groups are identical with the
> exception of the privileges granted but could be made equivalent by
> simply selecting everything, but otherwise you have *@* with 1 of the 8
> privileges selected: 'Monitor NetWorker'.
> 
> 1. If I change "*@* to the specific Windows admins. and add 'Recover
> local data' then they would only be able to recover data that was backed
> up on the host they're running the recover program from, correct?
> 
> 2. If they're a Windows administrator on that system then they would be
> able to recover all the data; otherwise, only data that they had read
> access to?
> 
> 3. If I want them to be able to recover data from Windows machine A to
> Windows machine B then I assume I have to also select: 'Remote access
> all clients'?
> 
> 4. What would prevent them then from recovering data that had been
> backed up on a Unix box to a Windows box?
> 
> The problem I see here is that there's no way apparent way to customize
> things on a per user basis. What ever options you select apply to all
> the listed users. So, maybe I want everyone to be able to monitor
> NetWorker, so I have *@* listed under the Users Group  with only
> 'Monitor NetWorker' selected, but as soon as I want specific people to
> be also be able to recover data then I'm granting everyone permission to
> recover data wherein before they only had monitoring capability.
> Furthermore, there doesn't appear to be any way to segregate Windows and
> Unix permissions. And it looks as if as soon as I grant a user
> permission to be able to recover from any Windows box to any Windows
> box, I'm then allowing them to recover from any box period, Unix or
> Windows. Seems like this should be more granular.
> 
> George
> 
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.7 (MingW32)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org

iD8DBQFGxdM3FlCJIGdXPQsRAtJJAJ46RrVWzLp92k94roYeZCu6U4sRPACfU9lc
Uwuz0/TDTHaRBC2SKEYzU64=
=sL7u
-----END PGP SIGNATURE-----

To sign off this list, send email to listserv AT listserv.temple DOT edu and 
type "signoff networker" in the body of the email. Please write to 
networker-request AT listserv.temple DOT edu if you have any problems with this 
list. You can access the archives at 
http://listserv.temple.edu/archives/networker.html or
via RSS at http://listserv.temple.edu/cgi-bin/wa?RSS&L=NETWORKER
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: [Networker] Windows 2003_SP2_SAN_Legato issues, Kantor, Adam
Next by Date:  Re: [Networker] Windows 2003_SP2_SAN_Legato issues, Kantor, Adam
Previous by Thread:  [Networker] How to control access for recovers?, George Sinclair
Next by Thread:  [Networker] Oracle RMAN recovery error?, George Sinclair
Indexes:  [Date] [Thread] [Top] [All Lists]