Configuring Restore Scope
Default restore scope for users with non-administrative role includes All machines from available backups. If you have Enterprise Plus edition of Veeam Backup & Replication deployed in your environment, you can customize restore scope for non-administrative users.
To narrow the restore scope, when creating or editing the profile of a Portal User or Restore Operator, do the following in the Add Role or Edit Role window:
- In the Restore scope section, select the Selected machines only option, and click Choose.
- In the Manage Scope Objects window, click Add object and select what objects to display: Hyper-V, vSphere, vCloud or Protection Groups.
- In the Add Objects window, select the objects you allow the user to restore.
Note: |
For setting up self-service recovery restore scope, consider that reverse DNS lookup on Veeam Backup Enterprise Manager server must be functional. Otherwise, the Add Objects window will display incomplete infrastructure. |
Tip: |
Consider the following:
|
- Click OK to save the settings.
Users then will be able to view the machines and/or files included in their scope on the corresponding tabs after they log in to Enterprise Manager.
Note: |
The Machines tab displays only machines that have been backed up, and the Files tab displays guest OS files only for machines that have been backed up with guest file indexing enabled. For more information on indexing, see Preparing for File Browsing and Searching. |
Restore scope is automatically refreshed daily on built-in schedule and also after any role modification. It may happen that some newly created machines and backups are not yet presented to users in the Machines or Files tab right after the login to Enterprise Manager. If you cannot find a VM after making a search query, click the link I don’t see my VM to refresh the view. This link, however, will not be visible until you have made an unsuccessful search.
Administrative user can click Rebuild Roles in the Roles section of Configuration page to refresh all scopes of all accounts manually. Consider that this operation will affect all configured roles.
Portal Administrators can watch the progress of security scope rebuild process on the Sessions page.