6 acronis security groups – Acronis Backup for Windows Server Essentials - User Guide User Manual

Page 344

Advertising
background image

344

Copyright © Acronis International GmbH, 2002-2014

2. Add the names of the non-root users, whom you want to allow to connect to the machine

remotely, to the Acronis_Trusted group. For example, to add the existing user user_a to the
group, run the following command:

usermod -G Acronis_Trusted user_a

3. Edit the file /etc/pam.d/acronisagent-trusted as follows:

#%PAM-1.0
auth required pam_unix.so
auth required pam_succeed_if.so user ingroup Acronis_Trusted
account required pam_unix.so

Example 2

The above authentication policy might not work on Linux distributions with kernel version
2.4—including Red Hat Linuх—because the pam_succeed_if.so module is not supported there.

In this case, you can use the following authentication policy.

1. As the root user, create the file /etc/pam.d/Acronis_trusted_users
2. Add the names of the non-root users whom you want to allow to manage the machine, to this

file, one user name per line. For example, if you want to add the users user_a, user_b, and user_c,
add the following three lines to the file:

user_a
user_b
user_c

If necessary, also add the root user to the file.

3. Edit the file /etc/pam.d/acronisagent-trusted as follows:

#%PAM-1.0
auth required pam_unix.so
auth required pam_listfile.so item=user sense=allow
file=/etc/pam.d/Acronis_trusted_users onerr=fail
account required pam_unix.so

15.1.2.6 Acronis security groups

On a machine running Windows, Acronis security groups determine who can manage the machine
remotely and act as Acronis Backup Management Server administrator.

These groups are created when Acronis Backup Agents or Acronis Backup Management Server are
being installed. During installation, you can specify what users to include in each group.

Acronis Backup Agents

When Acronis Backup Agent for Windows is being installed on a machine, the Acronis Remote Users
group is created (or updated).

A user who is a member of this group can manage the machine remotely by using Acronis Backup
Management Console, according to the management rights described in Users' privileges on a
managed machine (p. 35).

By default, this group includes all members of the Administrators group.

Acronis Backup Management Server

When Acronis Backup Management Server is being installed on a machine, two groups are created
(or updated):

Advertising
This manual is related to the following products:

Backup Advanced - User Guide

Popular Brands
Popular manuals