Problem with OEM backing up on windows system.

10-11  Source: Network gathering  Views:0 

Hi to all,
I have a problem with backing up with a specific user.
I am currently running various "test" db's and am planning to back them up.
The Setup:
Host OS is windows 2003 server s2
Grid control
Target Db is running on a windows 2003 server
The Situation:
From grid control I locate the db in question and go to the maintenance page and the backup settings. First of all I want to test the backup using the tab. Before this of course I enter the Host OS credentials into the system, let’s say "jamie", and add the appropriate password. By this point I have made sure that the user "jamie" is in the local security policy setting "log on as batch job" and that is in the group ora_dba (This is on both the machine I am backing up from and the target db machine.). For security reasons I have limited the share folder location to the user "jamie", making sure that sharing and security has the appropriate privileges to access the share.
I run a test backup using the tab within backup settings and await the results. The results come back unsuccessful. Reading through the log I see that the path to backup share is denied.
So to further the test I change the privileges within the share to "everyone" and that is for both sharing and security, just to see whether or not it’s the path itself rather than restrictions to the user. It is then a success. I checked to see who actually owned the file that was used within the test. It belonged to the local system on the target db, not to the user that I had specified within "Host OS Credentials".
Can anyone explain to me why and what is the reason behind putting in Host OS Credentials when the agent that is committing the back up is using the local domain system user account. I am aware that the Agent is part of a service within windows and belongs to the local domain. Ergo, why have host credentials.
And can anyone help me out with getting round this predicament if I still want security within the systems. I can’t just leave access to the share under "everyone", that'd be a really big hole in the system?!
Any help at all will be gratefully received.
If you’ve got any questions to help me solve the problem, please fire away.
You may want to take a look at these metalink notes:
Subject:      ERROR in RMAN to Write to Shared Drives on Windows NT/2000
     Doc ID:      Note:246107.1      Type:      PROBLEM
     Last Revision Date:      08-JUL-2004      Status:      PUBLISHED
Subject:      How to Configure RMAN to Write to Shared Drives on Windows NT/2000
     Doc ID:      Note:145843.1      Type:      BULLETIN
     Last Revision Date:      21-OCT-2005      Status:      PUBLISHED
~ Madrid
Related articles