Required Permissions

Mind the required permissions for the following user accounts:

OS User That Configures Veeam Plug-in

The account used for configuring Veeam Plug-in must have the following permissions.

To configure Veeam Plug-in on a Linux or Unix machine, use an account which is a member of the OSDBA (typically called as “dba”) group and has SYSDBA privileges.

To configure Veeam Plug-in on a Microsoft Windows machine, use an account which is a member of the ORA_DBA group and has SYSDBA privileges.

User That Launches Backup/Restore in RMAN

The account used for starting Oracle RMAN backup and restore processes Veeam Plug-in must have the following permissions.

To launch RMAN backup or restore, you can use any user account that has required set of privileges for backup operations on the Oracle side. Starting from Oracle Database 12c, Oracle recommends to use the SYSBACKUP role. For details, see the Configuring Privilege and Role Authorization section of the Oracle Database Security Guide.

During the backup process, Veeam Plug-in connects to the database to get DB properties. Thus, Linux/Unix user that started the RMAN client must be a member of the OSDBA (typically called as “dba”) group and has SYSDBA privileges.

  • For Microsoft Windows:

To launch RMAN backup or restore, you can use any user account that has required set of privileges for backup operations on the Oracle side. Starting from Oracle Database 12c, Oracle recommends to use the SYSBACKUP role. For details, see the Configuring Privilege and Role Authorization section of the Oracle Database Security Guide.

During the backup process, Veeam Plug-in connects to the database to get DB properties. Thus, the Oracle Home user must be a member of the ORA_DBA group and the OS authentication must be enabled for this user.

Veeam Backup Server User

The account which is used to authenticate against Veeam Backup & Replication must have access permissions on required Veeam repository servers. To learn how to configure permissions on repositories, see Granting Access to Repositories.

The Veeam Plug-in for Oracle RMAN uses Windows authentication methods of the Veeam Backup & Replication server to establish a connection to this server and to the backup target. It is recommended to create one user for each Veeam Plug-in server or RAC.

To work with backups created by Veeam Plug-in, you can use only the account used for creating the backup. If you want to use another account, assign the Veeam Backup Administrator role or Veeam Backup Operator and Veeam Restore Operator roles to the account. To learn how to assign Veeam Backup & Replication roles, see the Roles and Users section of the Veeam Backup & Replication Guide.

I want to report a typo

There is a misspelling right here:

 

I want to let the Veeam Documentation Team know about that.