Accounts and Roles Overview

In this article

    Accounts

    Administrators can add accounts to Veeam Backup Enterprise Manager to grant users access to the website. Enterprise Manager offers the following account types: User, Group, External User and External Group.

    Type

    Description

    How to Sign In

    Name Format

    User

    Local or AD user

    By specifying a user name and password

    DOMAIN\Username

    Domain is optional

    Group

    Local or AD group

    By specifying a user name and password

    DOMAIN\Groupname

    Domain is optional

    External User

    IdP user

    By using single sign-on*

    Username@Suffix

    External Group

    IdP group

    By using single sign-on*

    Free-form string

    * For more information on the single sign-on capability, see SAML Authentication Support.

    Roles

    To provide an account with permissions, administrators assign one of the following roles to the account: Portal Administrator, Portal User or Restore Operator.

    Role

    How Is Assigned

    Access to Configuration

    Permissions

    Portal Administrator

    • Initially by default to the users listed in the local Administrators group and the user who installed Enterprise Manager
    • By Portal Administrator in Configuration > Roles

    Yes

    Full access to all available operations on all tabs of the web UI

    Portal User

    By Portal Administrator in Configuration > Roles

    No

    • Access machines from the restore scope on the Machines and Files tabs
    • Run Quick Backup for machines from the restore scope on the Machines tab
    • Perform restore operations as permitted by the delegation settings
    • View information about all backup servers and jobs on the Dashboard, Reports, Jobs and Policies tabs

    Restore Operator

    By Portal Administrator in Configuration > Roles

    No

    • Access machines from the restore scope on the Machines and Files tabs
    • Perform restore operations as permitted by the delegation settings

    Users with the Portal User or Restore Operator role can access their restore scope — a list of machines that can be recovered by appropriate personnel. For example, the restore scope of database administrators is database servers (SQL, Oracle or other), the restore scope of Exchange administrators is Exchange server machines, and so on. For more information on configuring restore scope, see Configuring Restore Scope.

    Important

    You can customize the restore scope if you have the Enterprise Plus edition of Veeam Backup & Replication. In other editions, this list includes all machines and cannot be customized. However, you can delegate recovery of entire machines, guest files, or selected file types. For more information, see Configuring Restrictions for Delegated Restore.

    I want to report a typo

    There is a misspelling right here:

     

    I want to let the Veeam Documentation Team know about that.