On 2016-01-14 15:06, Stefan Peter wrote: > On 14.01.2016 00:13, Adam Goryachev wrote: >> On 14/01/16 07:11, Andreas Piening wrote: >>> I wonder what the easiest / best way is to create a „read everywhere“ >>> user on ms windows to create backups with via CIFS / SMBFS. >>> >>> Ideally I would like to run a short .cmd script or do a couple of >>> clicks to give a local windows user (let’s assume ‚backuppc‘) full >>> read access to everything under c:\Users. Even better with write >>> access to be able to restore in place. >>> I know that I can enable inheritance for permissions in c:\Users and >>> overwrite all permissions on subfolders with the current one. But >>> this would also enable read for everyone for every user on other >>> users profiles which I don’t like. And even this does not work >>> everywhere, even not with an administrative account. I need to take >>> ownership recursively in order to do that and I don’t want to own >>> other users files. >>> >>> Is there a better way? >> >> Isn't there a specific "Backup Operator" account on windows which has >> "super" permissions for exactly this reason? I'm not sure if that >> account will work over samba though? > > Additionally, isn't there something like junction points on windows > that > can not be read by an ordinary user? I seem to remember that there have > been lists floating around on this mailing list with directories to > exclude for the various windows versions. > > A list of failure messages encountered by you may help, btw. > > With kind regards > > Stefan Peter
There may be some confusion in the difference between what NTFS/Windows supports and what is supported through CIFS/Samba and its protocols (which, I should note, differs from version to version.) For example, NTFS supports hard links and soft links -- though hard links show up simply as additional copies of the files, and soft links only work when using SMB2 or later (you'll get a permission error on earlier versions.) You're probably thinking of directory junctions, which are soft links, but newer versions of Windows also came with default directory junctions which by default are generally restricted to being opened only by the system account and local administrators. Unlike *nix symbolic directory links, a directory junction in Windows can have its own security settings (and routinely do, in this case) though a better practice is probably to back up the link itself and back up the data from its actual location. (The latter, at least, is possible via samba.) ------------------------------------------------------------------------------ Site24x7 APM Insight: Get Deep Visibility into Application Performance APM + Mobile APM + RUM: Monitor 3 App instances at just $35/Month Monitor end-to-end web transactions and take corrective actions now Troubleshoot faster and improve end-user experience. Signup Now! http://pubads.g.doubleclick.net/gampad/clk?id=267308311&iu=/4140 _______________________________________________ BackupPC-users mailing list BackupPC-users@lists.sourceforge.net List: https://lists.sourceforge.net/lists/listinfo/backuppc-users Wiki: http://backuppc.wiki.sourceforge.net Project: http://backuppc.sourceforge.net/