My Case:
Here in my company everybody has an user-account. This account is used to login on a computer, via a domain. I have as a system-admin on every computer an admin account. If somebody is logging in on a computer, a network drive is automatically mounted.
The computers are on Windows 10.
The Aim:
I want an automatically backup of the user-data on the computer to this private network-drive of the user. This backup should be silent, if no errors are occurring. If a critical error is occurring, I should receive an E-Mail about this, so I can go to this user, and solve this problem. At the moment I am not sure, if I want a popup-error-message at the user or not. Both has pros and cons. But my tendency is that I would like to show the user the warnings and errors.
Additionally it should be possible for me to access the Backup software, to help the user, if problems are occurring.
The Problem:
Depending on the installation type (local or service) I have a problem for my wished approach.
A. Local Installation:
- Good: The network drive of the user can be chosen directly, without giving duplicati the user’s password.
- Problem: If a backup is made, and a file is opened (so it is locked), duplicati gives a popup-warning. This would annoy the user.
B. Service-Installation:
- Good: The warnings for opened files are not there (thanks to snapshot-policy).
- Problem: I could not write to the network drive, without using the users password in “plain text”*. So I could access the user’s password, which I don’t want (as this is a very important password for other services like E-Mail, …).
*It is hidden for setting up the backup routine, but I could export the settings as plain text, and this would give me the possibility to access the user’s password in plain text.
The Dilemma:
For me, it does not seem possible to achieve my approach. With both options I always get half of what I want. And both “problems” I mentioned in A and B are crucial. Meaning as they are, they are a no go.
Possible Solutions:
- A + having a filter that excludes locked windows-files, to suppress the annoying popup-warnings. Problem: If a file is not closed regularly, there might be the possibility of lost data.
- A + supress somehow the warning-popup-messages for the user. Additionally, it is possible, that I get only an Error-Mail on real errors (not on warnings).
- A + suppress somehow the popup-messages for the user completely. Additionally, it is possible, that I get only an Error-Mail on real errors (not on warnings).
- B + make it somehow impossible to get on the users password in plain text.
- B + make it somehow possible to access the local-user-network-drive, without typing in the users password.
Help:
For me it was not possible to achieve one of my “solutions”. So I would be very happy, if somebody has an idea and could help me! This problem has been bothering me for weeks, and I have not been able to solve it.
Thank you very much in advance!
Done so far:
Just short. I tried the following installation methods. But without success.
- Local Installation
- Installation as a service
- Installation as a service with localuser (Service for /localuser)
- Local Installation, with a task with elevated privileges (Ignore locked files and administrator - Schedule a task with admin privileges without a user prompt in windows 7 - Super User)