Group: Forum Members
I have the same complaint as dertoni and I have not found the offered solution to be satisfactory.
As dertoni correctly points out, to protect one's backups against ransom-ware such as 'Locky', one must be careful to not have read/write access to the backup storage location with their main user account. (The one most likely to be infected.) Therefore, a separate set of credentials should be used by Reflect that allows R/W access for backup purposes.
Trying to implement this policy with Reflect however, means backups cannot be manually run from the main user account, since, by definition, that user really should not have R/W access to the destination. On the other hand, with a scheduled backup using the Windows task scheduler, one can run Reflect under an administrative user account that has access to the source and destination files, however, I have been annoyed by one idiosyncrasy of Reflect:
If the local PC credentials used to run a scheduled task are valid, but only have ReadOnly privileges on the destination, then Reflect WILL NOT look for any other credentials in its "Network logon credentials for server shares" configuration list and, as a result, the backup fails. So, you have to be careful to run the task with credentials that EITHER have full R/W at both ends OR are invalid for the destination so as to force Reflect to check its "Network logon credentials for server shares" list for an alternate set of credentials. This is a fact that Macrium does not explain in their documentation and which cost me several hours of head-pounding!
The obvious solution to this situation (IMHO) would be to have the Reflect backup definition file contain credentials to be used for accessing the destination. In this way, both manual and scheduled backups would work in all cases. This is exactly how many other backup programs I have used over the years have worked.
I hope Macrium will consider doing this in a future release.