Granting Permissions to Users
When you install Veeam Plug-in for Microsoft SQL Server, full access rights to the plug-in configuration file are automatically granted to all users. To protect sensitive information that is stored in the configuration file from unwanted access, we recommend limiting access to the configuration file to a dedicated group of users.
By default, theVeeam Plug-in configuration file (veeam_config.xml) is located in the %PROGRAMFILES%\Veeam\Plugins\Microsoft SQL folder on the machine where Veeam Plug-in is installed.
- To perform this procedure, the OS user account must have local administrator privileges.
- Add only trusted users to the group.
- After a user is added to the group, they must log out, then log in to the system again to activate the group permissions.
Granting Permissions to the Plug-In Configuration File
$newACL = New-Object System.Security.AccessControl.FileSecurity #creates a dedicated ACL $newACL.SetAccessRuleProtection($true,$false) #disables inheritance and deletes all inherited permissions $newACL.AddAccessRule( (New-Object System.Security.AccessControl.FileSystemAccessRule("groupName","Read","Allow"))) # allows read $newACL.AddAccessRule( (New-Object System.Security.AccessControl.FileSystemAccessRule("groupName","Write","Allow")))# allows write |