Help Center
Choose product document...
Veeam Backup & Replication 9.5 Update 4
Enterprise Manager User Guide

Using Self-Service File Restore Portal to Restore Machine Guest Files

Veeam Backup Enterprise Manager streamlines delegation of restore capabilities: instead of multiple role assignments and restore scope fine-tuning, Enterprise Manager administrator can provide users that have local administrator rights on a Windows-based machine with a link to Self-Service File Restore Portal — a web UI that displays the controls for file-level restore of the protected machines.

This capability is supported by the Veeam’s runtime process which performs guest system indexing and also identifies local administrative accounts. Communication with the self-service web page is performed using HTTPS or HTTP. In particular, such delegation capabilities and self-service web portal can be used in enterprise deployments to elevate the 1st line support to perform in-place restores without administrative access.

Considering the Limitations

Using Self-Service File Restore Portal to Restore Machine Guest Files Note:

Consider the following:

  • This functionality is supported only in the Veeam Backup & Replication Enterprise Plus Edition.
  • Self-Service File Restore Portal is available only for users of Microsoft Windows machines. For Linux-based machines, guest OS file restore is performed in the Veeam Backup Enterprise Manager UI under a user account configured in Enterprise Manager. For more information, see Managing Accounts and Roles.
  • Veeam Backup Enterprise Manager does not support guest OS files restore from storage snapshots. You can use Veeam Backup & Replication management console instead.

To provide a user account with the ability to access the Self-Service File Restore Portal UI and functionality, make sure the following prerequisites are met:

  1. The account belongs to the trusted or same domain as the Enterprise Manager server (for the user account to be resolved to SID). Users from untrusted domains cannot utilize self-restore.
  2. The account has local administrative rights for the required machine guest OS, local user rights are insufficient.

Using Self-Service File Restore Portal to Restore Machine Guest Files Important!

A Self-Service File Restore Portal user has access only to restore points created after the user is assigned with local administrator rights.

Machine restore points will stay available for self-restore to a user account whose local administrative rights were revoked after the restore point creation until the next restore point is created (then that user will not be able to access guest files any longer).

Browsing Guest OS Files Through Self-Service Portal

To access the guest files in a machine backup:

  1. Start the Self-Service File Restore Portal by clicking its icon in the list of applications or on the Desktop; alternatively, in the web browser address bar, enter the corresponding URL, for example:


  1. Enter the account credentials to log in. Use the DOMAIN\USERNAME format to specify the user name. The Files tab will open. By default, it displays guest OS files as of the latest restore point of the machine to which you logged in with local administrative rights.

Browsing Protected Machine with Self-Service Portal

  1. To view guest files as of earlier restore point, click the calendar icon and select the restore point. To view guest files of another machine (if available to you), use the Search field or the Pick from List link.
  2. You can perform all operations supported for machine guest files by Veeam Backup Enterprise Manager. For more information on file browsing, search and restore, see Browsing Machine Backups for Guest OS Files, Searching Machine Backups for Guest OS Files, Performing 1-Click File Restore.

If no guest OS files are visible to the user, check the following reasons:

  • A Veeam backup server managing the corresponding job was not added to Enterprise Manager. For more information on how to add a Veeam backup server, see Adding Veeam Backup Servers.
  • The recent backup job data has not been yet collected from a Veeam backup server (default time interval is every 15 min). For more information on how to run data collection manually, see Collecting Data from Backup Servers.
  • The Enable guest file system indexing option was turned off in the machine backup job. Edit the job setting and restart the job with indexing enabled.
  • When the machine restore point was created, the user was not assigned local administrative rights. To access the guest OS files the user must be a part of the guest OS local administrator group.

If you can not find your machine from the Pick from List window, you can select the I don't see my machine option to rebuild a security scope for your user account. Once complete, this action will reveal machines that were added to your security scope.

Veeam Large Logo

User Guide for VMware vSphere

User Guide for Microsoft Hyper-V

Enterprise Manager User Guide

Veeam Cloud Connect Guide

Veeam Agent Management Guide

Veeam Explorers User Guide

Backup and Restore of SQL Server Databases

Veeam Plug-ins for Enterprise Applications

PowerShell Reference

Veeam Explorers PowerShell Reference

RESTful API Reference

Required Permissions Reference

Veeam Availability for Nutanix AHV Documentation

Veeam Backup for Microsoft Office 365 Documentation

Veeam ONE Documentation

Veeam Agent for Windows Documentation

Veeam Agent for Linux Documentation

Veeam Management Pack Documentation