If you want to store in the backup repository backups of virtual and physical machines created with additional components of Veeam Backup & Replication, for example, Veeam Agent for Microsoft Windows, Veeam Agent for Linux and so on, you need to set up access permissions on backup repositories.
Access permissions are granted to security principals such as users and AD groups by the backup administrator working with Veeam Backup & Replication. Users with granted access permissions can target Veeam Agent backup jobs at this backup repository and perform restore from backups located in this backup repository.
If you plan to create backups in a Veeam backup repository with Veeam Agent backup jobs configured in Veeam Backup & Replication, you do not need to grant access permissions on the backup repository to users. In the Veeam Agent management scenario, to establish a connection between the backup server and protected computers, Veeam Backup & Replication uses a TLS certificate. To learn more, see the Configuring Security Settings section in the Veeam Agent Management Guide.
Right after installation, access permissions on the default backup repository are set to Allow to everyone for testing and evaluation purposes. If necessary, you can change these settings.
After you create a new backup repository, access permissions on this repository are set to Deny to everyone. To allow users to store backups in the backup repository, you must grant users with access permissions to this repository.
To grant access permissions to a security principal:
- In Veeam Backup & Replication, open the Backup Infrastructure view.
- In the inventory pane, click one of the following nodes:
- The Backup Repositories node — if you want to grant access permissions on a regular backup repository.
- The Scale-out Repositories node — if you want to grant access permissions on a scale-out backup repository.
- In the working area, select the necessary backup repository and click Set Access Permissions on the ribbon or right-click the backup repository and select Access permissions. If you do not see the Set Access Permissions button on the ribbon or the Access permissions command is not available in the shortcut menu, press and hold the [CTRL] key, right-click the backup repository and select Access permissions.
- In the Access Permissions window, specify to whom you want to grant access permissions on this backup repository:
- Allow to everyone — select this option if you want all users to be able to store backups in this backup repository. Setting access permissions to Everyone is equal to granting access rights to the Everyone Microsoft Windows group (Anonymous users are excluded). Note, however, this scenario is recommended for demo environments only.
- Allow to the following accounts or groups only — select this option if you want only specific users to be able to store backups in this backup repository. Click Add to add the necessary users and groups to the list.
- To encrypt backup files created in the backup repository by Veeam Agents operating in the standalone mode, select the Encrypt backups stored in this repository check box and choose the necessary password from the field below. If you have not specified a password beforehand, click Add on the right or the Manage passwords link to add a new password. Veeam Backup & Replication will encrypt files at the backup repository side using its built-in encryption mechanism.
If you want to encrypt backup files created by Veeam Agents operating in the managed mode, you must configure encryption in the backup job settings. For example, to learn how to encrypt backup files created by managed Veeam Agent for Microsoft Windows, see the Storage Settings section in the Veeam Agent Management Guide.