Mind the required permissions for the following user accounts:
- OS User that Configures Veeam Plug-in
- User that Launches Backup/Restore in RMAN
- Veeam Backup Server User
- For Linux and Unix machines:
To configure Veeam Plug-in on a Linux or Unix machine, use an account which is a member of the OSDBA (typically called as “dba”) group and has SYSDBA privileges.
- For Windows machines:
To configure Veeam Plug-in on a Microsoft Windows machine, use an account which is a member of the ORA_DBA group and has SYSDBA privileges.
To launch RMAN backup or restore, you can use any user account that has required set of privileges for backup operations on the Oracle side. Starting from Oracle Database 12c, Oracle recommends to use the SYSBACKUP role. For details, see the Configuring Privilege and Role Authorization section of the Oracle Database Security Guide.
The account which is used to authenticate against Veeam Backup & Replication must have access permissions on required Veeam repository servers. To learn how to configure permissions on repositories, see Granting Access to Repositories.
The Veeam Plug-in for Oracle RMAN uses Windows authentication methods of the Veeam Backup & Replication server to establish a connection to this server and to the backup target. It is recommended to create one user for each Veeam Plug-in server or RAC.
To work with backups created by Veeam Plug-in, you can use only the account used for creating the backup. If you want to use another account, assign the Veeam Backup Administrator role or Veeam Backup Operator and Veeam Restore Operator roles to the account. To learn how to assign Veeam Backup & Replication roles, see the Roles and Users section of the Veeam Backup & Replication Guide.