Backup to Network Share - without CachedCredentials


Author
Message
dertoni
dertoni
New Member
New Member (11 reputation)New Member (11 reputation)New Member (11 reputation)New Member (11 reputation)New Member (11 reputation)New Member (11 reputation)New Member (11 reputation)New Member (11 reputation)New Member (11 reputation)
Group: Forum Members
Posts: 6, Visits: 28
Hi,

i make my backup to a network share. Actually Reflect is using the Windows cached credentials to access network device.

When my PC gets infected with locky, it can also encrypt my backups. I think it´s better when MacriumReflect saves the Credentials and don´t use Windows cached credentials.


Nick
Nick
Macrium Representative
Macrium Representative (2.7K reputation)Macrium Representative (2.7K reputation)Macrium Representative (2.7K reputation)Macrium Representative (2.7K reputation)Macrium Representative (2.7K reputation)Macrium Representative (2.7K reputation)Macrium Representative (2.7K reputation)Macrium Representative (2.7K reputation)Macrium Representative (2.7K reputation)
Group: Administrators
Posts: 1.5K, Visits: 8.5K
@dertoni

Thanks for posting. Please see here:

http://knowledgebase.macrium.com/display/KNOW/Network+logon+credentials


Kind Regards

Nick - Macrium Support

DSCoe
DSCoe
New Member
New Member (4 reputation)New Member (4 reputation)New Member (4 reputation)New Member (4 reputation)New Member (4 reputation)New Member (4 reputation)New Member (4 reputation)New Member (4 reputation)New Member (4 reputation)
Group: Forum Members
Posts: 3, Visits: 12
I have the same complaint as dertoni and I have not found the offered solution to be satisfactory.

As dertoni correctly points out, to protect one's backups against ransom-ware such as 'Locky', one must be careful to not have read/write access to the backup storage location with their main user account. (The one most likely to be infected.) Therefore, a separate set of credentials should be used by Reflect that allows R/W access for backup purposes.

Trying to implement this policy with Reflect however, means backups cannot be manually run from the main user account, since, by definition, that user really should not have R/W access to the destination. On the other hand, with a scheduled backup using the Windows task scheduler, one can run Reflect under an administrative user account that has access to the source and destination files, however, I have been annoyed by one idiosyncrasy of Reflect:

If the local PC credentials used to run a scheduled task are valid, but only have ReadOnly privileges on the destination, then Reflect WILL NOT look for any other credentials in its "Network logon credentials for server shares" configuration list and, as a result, the backup fails. So, you have to be careful to run the task with credentials that EITHER have full R/W at both ends OR are invalid for the destination so as to force Reflect to check its "Network logon credentials for server shares" list for an alternate set of credentials. This is a fact that Macrium does not explain in their documentation and which cost me several hours of head-pounding!

The obvious solution to this situation (IMHO) would be to have the Reflect backup definition file contain credentials to be used for accessing the destination. In this way, both manual and scheduled backups would work in all cases. This is exactly how many other backup programs I have used over the years have worked.

I hope Macrium will consider doing this in a future release.

D.Coe













GO

Merge Selected

Merge into selected topic...



Merge into merge target...



Merge into a specific topic ID...




Similar Topics

Reading This Topic

Login

Explore
Messages
Mentions
Search