[Guide] How to configure the 3 x DataCenter 8.x services to specify the Log On As user that matches the credentials of the network device that is either the source UNC network path to backup or the destination UNC network path to backup to
Note: For the matching guide for DataCenter 7.x services, read the article here.
DataCenter 8.x utilizes a "Log On As" user of 'Local System' by default for all of its own installed services, unless you are upgrading from an older version and had already specified the services Log On As setting, in that case it will retain the old services Log On As settings during the upgrade. If you will utilize a NAS device or other type of network based storage location as either the source UNC network path in your file set selection for a file backup, OR the destination UNC network path storage location for DataCenter to backup to, then you will likely need to follow these instructions on how to specify the 3 x DataCenter services to run as that user that the network device is configured for. Because DataCenter utilizes 'Local System' user to run all of its services by default, know that 'Local System' is not going to be recognized for Linux based file systems and the UNC path you are utilizing is not likely to be open to everyone and is likely protected with permissions even if it is a Windows file system / file share, if you do this it is most likely that due to the UNC path (file share) for source file set selection, or the target UNC path network location to backup to will not allow DataCenter to talk to it, at least to have full write access to it. Without assigning the 3 x DataCenter services to the particular user that is added to the source share (whether that be a Linux network share, server system or NAS, or a Windows network share, server system or NAS), and since all of the services will be running as "Local System" by default without you changing it, then the failure to either backup from a network share based file selection (UNC path in the backup job) or the failure to write to a network share (UNC path assigned to a disk pool) will likely fail unless that share is wide open to everyone for read/write access. For instance, we see most people that utilize NAS devices with DataCenter need to have this set otherwise they won't be able to even add the NAS to a Disk Pool to be utilized as a backup destination, since the service(s) that DataCenter uses are running as 'Local System', the NAS device does not know what 'Local System' is and will deny access to it. Unless the NAS is fully wide open to the public, meaning no restrictions, then you will need to do this step. You will need to know what username and password is utilized by your NAS / network storage device to allow for full read/write capability which DataCenter will require for backups to store to that network location.
First of all we need to create a user that matches the username and password of the network location such as a network share or NAS device. The user can either be a local user created on the backup server node in question where the disk pool exists that points to the network device location via UNC path, or it can be a domain user, in either case that user needs to be added to the Administrators group on the local machine containing the disk pool where the disk pool exists for the backup server node. If that is not in place then the DataCenter services that talk to the NAS device, via whatever node contains the disk pool that connects to the NAS device, won't be able to have appropriate admin rights to talk to the NAS. Since by default all DataCenter services utilize 'Local System' user for the Log On As user property, the NAS or other network device probably won't know what that 'Local System' user is to get enough access to write to it.
In this example when looking at our Buffalo NAS we already have a local user on the NAS named 'admin', and so we now need to create a local user on the backup server enabled node (Windows machine) in question, as 'admin' using the 'lusrmgr.msc' command in Windows on that backup server node. If the backup server enabled client node where your disk pool is that talks to the network device via UNC path acts as a Domain Controller then you will need to create that user instead using the Active Directory Users and Computers app. The Disk Pool located on the Backup Server node in question is what communicates to the NAS device, and so in that case it needs Administrator Read/Write access to that location which it cannot obtain when DataCenter's 3 services are using 'Local System' as the user, as the NAS does not know what that user is. Creating the user this way on the Backup Server node, then allows DataCenter to have administrator access to the NAS device to store backups there. It may be best practice to create a new user on the network device, like the NAS in this example, which will never be touched or utilized by anything but DataCenter, in that case you may want to create a user "Novastor" or "DataCenter" on the network device and on the backup server node that talks to that network device (in the Users area of Windows), which contains the same exact username and password on both ends. This will possibly help in environments that enforce password changes for users accessing the network device. In this case you could never provide the credentials to anyone for this special DataCenter only user, as if the password ever changes on either end it will cause backups to fail. Make sure that on the network device end, like the NAS in our example, that for the user you set the 3 x Services to Log On As, that same user on the NAS that is in place is added to the Administrators role on the NAS itself, and that user has R/W access to the Shared folder in question where your disk pool is pointing to utilize via UNC path.
In this example we utilize the 'lusrmgr.msc' command (or the 'Control Panel > User Accounts > Manage User Accounts > Advanced > Advanced > Users > New User') function to create a new local administrator user, named 'admin', then we tell it "Password never expires" and then assign it to the Administrators group by clicking on "Member Of" tab and add that user to the Administrators group. The user is required to be in the Administrators group as 1 out of 3 of DataCenter's services requires that to be able to start the service, that being the 'nbksrv' service, otherwise named the 'NovaStor DC VM Backup Server' service. Please verify the user you are creating is in the Administrators group (that being either the local Administrators or Domain Administrators group, depending on your case as DataCenter can work with either).
This is how all of the DataCenter 8.2.x (and newer) services will look by default, take note that by default all services are installed to run as the "Local System" user for the Log On As setting. We will need to change that on 3 of the 7 services, otherwise backups to your network share or NAS device will fail. Note: For DataCenter versions older than 8.2.x, but still in the 8.0.x and 8.1.x range, there is 1 service out of the 3 here that will contain a different name than what is seen in the example v8.2.x screenshot below, in that case the "NovaStor DC VM Backup Server" service name will be named "NovaStor DC Backup Server" instead. Note: In DataCenter 7.x this service will be listed as "NBK DC Backup Server Service".
After modifying the 3 x DataCenter 8.2.x (and newer) services to edit them to change the Log On As setting on, it will look like this:
Now double-click on each of the above three services, and click on "Log On As" and specify that username and password (and domain if needed). Most NAS type network storage devices are not configured with Active Directory and so they utilize local users, created on the NAS device itself, so in that case be sure to leave the Domain Name field blank. If the network storage device, such as a NAS, has been integrated with a Windows Active Directory domain, you can go ahead and specify the Domain / User / Password now on the Log On As setting for the services without having to create any user locally. If the network storage device, such as a NAS, utilizes local users and is not connected to AD, then in that case you will need to create a matching user with the same password in Windows on the machine that you are configuring the Disk Pool to use with this network storage device. Create the local user using 'lusrmgr.msc', the lusrmgr - [Local Users and Groups (Local)], command in Windows on that machine, and specify the same password as the network storage device, and then you can go to Windows Services and configure the 3 x DataCenter services displayed above to select that user and specify that password on those services so that the backup software can actually get to that network storage device.
Finally, after configuring the 3 x DataCenter services for the Log On As setting and saving the changes, you will need to restart those 3 x services that were changed and make sure that the status message after restarting each service informs you that the service was started properly. If you get an error verify the user that you specified for the Log On As setting was correct with the same password as how you created the user as. Note: The username and password here is case sensitive. Make sure to enter a blank Domain Name for the Log On As setting if it is a local account. Windows Services does not check that the password is proper until it goes to restart / start the service that was modified.
Note: For the matching guide for DataCenter 7.x services, read the article here.