I don't see any reason you couldn't use the same local account information as on your live server. As mentioned, as long as the username and password match up then WIndows is good to go with it.
Apparently I can't use a local account from another machine as the impersonation account, I was hoping it could magically authenticate these credentials but it can't. I repeat, FML.
Anyway, why does the impersonation account even need rights to that backup?? As long as it can see it, copy from it, it's on an open share...! It's simply just copying from that area... not writing to it?
It sounds like you just need to create a local account with the same username and password as the remote server. Windows will authenticate the user automatically (workgroup authentication).
In ADMS all file access (filestore and backup/restore) is done with the impersonation user - the exception is database backup and restore which requires the SQL service user. The reasoning is that using a common account avoids the need to have various administrators individually requiring access to the backup location.
But how can I create a local account on the local machine with the same username as the remote machine?
Local server name is UNIT1664
Remote server name is TW4
I create a user on local machine called AutodeskVault, and the same on the remote machine, it tries to authenticate against the remote machine as UNIT1664\AutodeskVault whereas the account with the same name on the remote machine is TW4\AutodeskVault...? Both accounts have the same name and password, but it won't authenticate as it isn't really the same account. Or am I missing your point there?
I'm really puzzled why authentication is working from your live server but not your test machine. If you look at the security settings on the backup server, permissions should be just to the 'autodeskvault' account (i.e. windows doesn't really have a notion of security for a user on a specific different machine). So it isn't clear why one machine would work with these credentials and not the other.
It may be that setting up a domain account is the best bet here - even though (as you mention) it could take some time for propagation of permission.
How far down the backup structure do the permissions need to propagate? Do they need to just be at top level? Could I propagate down the entire structure but just do folders only, or do the permissions need to be against absolutely every object in the backup set?
I had a feeling you'd say that! Rather than chomp at the live backup, I'll just wait a day for it to copy the whole set locally, then apply the permissions locally.
Thanks for your help anyway
Log into access your profile, ask and answer questions, share ideas and more. Haven't signed up yet? Register
Start with some of our most frequented solutions to get help installing your software.