About backup mode issues with Backup Exec agent for Enterprise Vault

Article:TECH192822  |  Created: 2012-07-12  |  Updated: 2012-07-12  |  Article URL http://www.symantec.com/docs/TECH192822
Article Type
Technical Solution



In order to protect any version of Enterprise Vault, the Backup Exec agent for Enterprise Vault requests that entities (partitions, index locations etc) are put in backup mode before starting the backup and taken out of backup mode once the backup has completed.

As Enterprise Vault and Backup Exec versions have evolved this is achieved in different ways:

Starting with Enterprise Vault 7.x and Backup Exec 12.5, this requests is performed via a DCOM component. Because the Windows account used to administer Enterprise Vault might be different than the Windows account used to manage Backup Exec or perform EV (Enterprise Vault) backups, it is important to verify that the logon account used in Backup Exec has suitable DCOM rights on the EV server.

Backup Exec 2010 supports Enterprise Vault version 8.x, 9.0 and 10.x, backup mode requests with these versions are still made through DCOM and the same DCOM permisions apply.

Backup Exec 2012 takes advantage of Enterprise Vault Powershell environment to request backup mode for EV version 10.x and future versions of EV. In this scenario backup mode requests do not need extra DCOM permissions.

Note: Enterprise Vault 8.x and above use the concept of role based account, protecting these versions with Backup Exec 2010 or 2012 requires to configure an account with backup role as defined per Enterprise Vault documentation (see related article below).  


Checking DCOM rights for the Backup Exec logon account used to protect Enterprise Vault:

  1. On the Enterprise Vault server, click on Start, select run, then type dcomcnfg. The component services window will start
  2. In the component services window, expand component services, computers, My Computer, DCOM config
  3. Under DCOM config, select DirectoryService, right click and select properties 
  4. In the DirectoryService properties windows, click on the Security tab
  5. Under section Launch and Activation permissions click on Customize then Edit
  6. Make sure that the logon account is allowed all 4 permissions (local/remote launch, local/remote activation) then click OK
  7. Under section Access Permission, click on Customize then Edit
  8. Make sure that the logon account is allowed Local Access and Remote Access then click OK
  9. Click OK again to close the DirectoryService properties window

For Backup Exec 2012 and Enterprise Vault 10.x, if putting an index location or a partition in backup mode from the Vault Administration Console completes successfully (and providing a role based account has been created for the Backup Exec logon account used to protect Enterprise Vault), no more configuration is required.

Article URL http://www.symantec.com/docs/TECH192822

Terms of use for this information are found in Legal Notices