You need to set up access permissions on backup repositories if you you want to store the following backups on the backup repository:
- Backups of virtual and physical machines created with Veeam Agent for Microsoft Windows or Veeam Agent for Linux
- Backups of Nutanix AHV virtual machines created with Veeam Backup & Replication AHV Backup Proxy
- Backups of Oracle and SAP HANA databases created with Veeam Plug-ins for Enterprise Applications.
Access permissions are granted to security principals such as users and AD groups by the backup administrator working with Veeam Backup & Replication. Users with granted access permissions can target Veeam Agent backup jobs at this backup repository and perform restore from backups located on this backup repository.
If you plan to create backups on a Veeam backup repository with Veeam Agent backup jobs configured in Veeam Backup & Replication, you do not need to grant access permissions on the backup repository to users. In the Veeam Agent management scenario, to establish a connection between the backup server and protected computers, Veeam Backup & Replication uses a TLS certificate. To learn more, see the Configuring Security Settings section in the Veeam Agent Management Guide.
Right after installation, access permissions on the default backup repository are set to Allow to everyone for testing and evaluation purposes. If necessary, you can change these settings.
After you create a new backup repository, access permissions on this repository are set to Deny to everyone. To allow users to store backups on the backup repository, you must grant users with access permissions to this repository.
To grant access permissions to a security principal:
- In Veeam Backup & Replication, open the Backup Infrastructure view.
- In the inventory pane, click one of the following nodes:
- The Backup Repositories node — if you want to grant access permissions on a regular backup repository.
- The Scale-out Repositories node — if you want to grant access permissions on a scale-out backup repository.
- In the working area, select the necessary backup repository and click Set Access Permissions on the ribbon or right-click the backup repository and select Access permissions. If you do not see the Set Access Permissions button on the ribbon or the Access permissions command is not available in the shortcut menu, press and hold the [CTRL] key, right-click the backup repository and select Access permissions.
- In the Access Permissions window, specify to whom you want to grant access permissions on this backup repository:
- Allow to everyone — select this option if you want all users to be able to store backups on this backup repository. Setting access permissions to Everyone is equal to granting access rights to the Everyone Microsoft Windows group (Anonymous users are excluded). Note, however, this scenario is recommended for demo environments only.
- Allow to the following accounts or groups only — select this option if you want only specific users to be able to store backups on this backup repository. Click Add to add the necessary users and groups to the list.
- If you want to encrypt Veeam Agent backup files stored on the backup repository, select the Encrypt backups stored on this repository check box and choose the necessary password from the field below. If you have not specified a password beforehand, click Add on the right or the Manage passwords link to add a new password. Veeam Backup & Replication will encrypt files at the backup repository side using its built-in encryption mechanism.