Hi,
Please have a look at this powerlink solution. Hope this helps.
http://solutions.emc.com/emcsolutionview.asp?id=esg75186
Fact: NetWorker 7.3
Error: 'nsrd: Impersonation was requested by: "User@machine_name", but the
user does not have enough privileges to impersonate'
Cause:
By Default, User Authentication for NetWorker is configured at the console
level (via Setup, Setup Menu->System Options). This setting allows only
users in the NetWorker administrator list to send requests to the NetWorker
server via the console window (ie to change a schedule etc). These request
will appear to come from the user running the console gui as opposed to the
gstd process owner on the console server (ie local system account on a
Windows Console servers)
The user mentioned in the message is the user that started a Console server
(gstd) and does not have enough privileges for impersonation.
Impersonation means that a user is allowed to pretend that they are another
user. Impersonation is needed because sometimes requests are sent to one
daemon and then forwarded to another and this requires special priveleges.
The account that is requesting the right to impersonate another user, need
the "Change Security Settings" privilege set.
Solution:
Give the account that was used to start the EMC Legato GST
service"Administrator" access in NetWorker
1. From command line on the NetWorker server, add the account account which
starts the gstd service to the administrators list. By default this is the
SYSTEM account in windows and the root account on UNIX
Windows:
nsraddadmin -u user=SYSTEM,host=console_servername
UNIX:
nsraddadmin -u user=root,host=console_servername
Thanks!
-Shyam
On 5/12/08, stornewer <networker-forum AT backupcentral DOT com> wrote:
>
> daemons.log file contains information below :
>
>
> 05/12/08 10:56:04 nsrd: Impersonation was requested by: "SYSTEM@client1",
> but the user does not have enough privileges to impersonate.
> 05/12/08 10:56:04 nsrd: Impersonation was requested by: "SYSTEM@client1",
> but the user does not have enough privileges to impersonate.
> 05/12/08 10:56:04 nsrd: Impersonation was requested by: "SYSTEM@client1",
> but the user does not have enough privileges to impersonate.
> 05/12/08 10:56:05 nsrd: Impersonation was requested by: "SYSTEM@client1",
> but the user does not have enough privileges to impersonate.
> 05/12/08 11:03:00 nsrd: savegroup info: starting advgrp (with 1 client(s))
> 05/12/08 11:03:01 nsrexecd: Authentication Warning: The user's OS groups
> cannot be verified and will not be included in the credential. This means
> that remote hosts may not see the user as being a member of any OS groups.
> Domain: NT AUTHORITY, User: SYSTEM.
>
>
> how should I do to get priviledge?
>
> +----------------------------------------------------------------------
> |This was sent by hotclarcli AT hotmail DOT com via Backup Central.
> |Forward SPAM to abuse AT backupcentral DOT com.
> +----------------------------------------------------------------------
>
> To sign off this list, send email to listserv AT listserv.temple DOT edu and
> type
> "signoff networker" in the body of the email. Please write to
> networker-request AT listserv.temple DOT edu if you have any problems with
> this
> list. You can access the archives at
> http://listserv.temple.edu/archives/networker.html or
> via RSS at http://listserv.temple.edu/cgi-bin/wa?RSS&L=NETWORKER
>
To sign off this list, send email to listserv AT listserv.temple DOT edu and
type "signoff networker" in the body of the email. Please write to
networker-request AT listserv.temple DOT edu if you have any problems with this
list. You can access the archives at
http://listserv.temple.edu/archives/networker.html or
via RSS at http://listserv.temple.edu/cgi-bin/wa?RSS&L=NETWORKER
|