Help Center
            Knowledge Base Cloudberry Lab General Backup software

            Backup for Windows - Backup Service explained

            Most of Backup functionality is performed by Backup Service. Quick reference to Windows services - Wiki.

            By default, the service runs under .\SYSTEM account that does not have access to many system files, to user directories et cetera.
            Also, to connect to a network share (CIFS resource) it may require to specify network credentials.

            In some cases Backup Service is not allowed to impersonate as another user while connecting to a network share due to local or domain security policies.
            In rare cases the service is stopped by third party software and/or its startup type changes from Automatic to Manual.
            Sometimes, interaction with VSS fails by the same reason – Backup Service does not have enough permission for either files or their shadow copies.

            Most of times the aforementioned issues are resolved by running Backup Service under a local or domain admin account and specifying network credentials for network shares. Please find the screenshot below.

            It is generally recommended to use local administrator's account name because domain administrator is not always a local admin on the host machine.

            To add domain administrator as local administrator on the domain controller please open command line prompt and execute following command:
                   net localgroup Administrators /add domain\user

            There are also other cases when this kind of errors may occur:

            1. The files that cause this type of error are encrypted.
            In case Windows native encryption (EFS) is used - you might want to follow the measures described on this website. Please note that Backup Service account might be running under another account, not .\SYSTEM
            In case a third party (such as an application internal) encryption is used - the data should be decrypted first.

            EFS reference:

            2. Backup Service account does not have read permission for the files (despite being an admin).

            This is possible and it happens from time to time. The instruction below addresses this case.

            Please navigate to [parent folder for the item in error] and do the following:
            - Right click [denied folder] and choose Properties,
            - Choose Security tab and press Advanced,
            - Make sure [denied folder] has an owner, even if it's not Backup Service account
            - Apply Full Control permissions for [denied folder] Backup Service account.
            - Please make sure to check ON "Replace all child object permission entries ..." option - as shown on the screenshot

            After the operation is finished Backup Service account should be able to read the data and upload it to the storage.

            NTFS permissions reference:

            Updated: 09 Feb 2018 02:45 AM
            Help us to make this article better
            0 1