Veeam Backup Enterprise Manager allows users with local administrative rights for infrastructure machines to browse, search and restore guest OS files within restore points of those machines. This capability is supported by Veeam’s runtime process which performs guest system indexing and also identifies local administrative accounts.
This approach streamlines delegation of restore capabilities: instead of multiple role assignments and restore scope fine-tuning, Enterprise Manager administrator can simply provide users with a link to Veeam Self-service File Restore portal - web UI displaying exactly the controls required for file-level restore of their machines. Communication with that personalized web page is performed using HTTPS or HTTP. In enterprise deployments, such delegation capabilities and Self-Service web portal can be used, in particular, to elevate the 1st line support to perform in-place restores without administrative access.
This functionality is supported in Veeam Backup & Replication Enterprise Plus edition. Guest OS files restore from storage snapshots is not supported by Veeam Backup Enterprise Manager. You can use Veeam Backup & Replication management console instead.
To provide a user account with the ability to access self-restore web UI and functionality, check the following:
- The account belongs to the trusted or same domain as Enterprise Manager server (for user account to be resolved to SID). Users from untrusted domains cannot utilize self-restore.
- The account has local administrative rights for the required machine guest OS, local user rights are insufficient.
User access is supported as follows: after a user is assigned local administrative rights, s/he will be able to access the restore points created from that moment forward.
Also, consider that machine restore points will stay available for self-restore to a user account whose local administrative rights were revoked after restore point creation until the next restore point is created (then that user will not be able to access guest files any longer).
To access the guest files in machine backup:
- Start the Veeam Self-Service File Restore portal by clicking its icon in the list of applications or on the Desktop; alternatively, in the web browser address bar, enter the corresponding URL, for example:
Users with assigned Enterprise Manager roles can access both Enterprise Manager web UI and self-restore page, while users without such roles will be always forwarded to the self-restore page upon the login.
- Log in when prompted, entering domain\username and password.
- The web page including the Files tab will be displayed. By default, it shows you guest OS files as of the latest restore point of the machine to which you logged in with local administrative rights.
- To view guest files as of earlier restore point, use the select an earlier date link. To view guest files of another machine (if available to you), use the pick a different VM link.
- Then you can perform all operations supported for machine guest files by Veeam Backup Enterprise Manager. For details on file browsing, search and restore, please refer to the corresponding sections of this guide.
If no guest OS files are visible to user, this may be due to the following reasons:
- Veeam backup server managing the corresponding job was not added to Enterprise Manager. Add Veeam backup server, as described in the Adding Veeam Backup Servers section.
- Recent data about backup jobs has not been yet collected from Veeam backup server (default time interval is every 15 min). You can run data collection manually, as described in the Collecting Data from Backup Servers section.
- The Enable guest file system indexing option was turned off in the machine backup job. Edit the job setting and run the job anew, with indexing enabled.
- When the machine restore point was created, the user was not assigned local administrative rights.