Administering IBM Tivoli Continuous Data Protection for Files or IBM Tivoli Storage Manager FastBack for Workstations for Non-Privileged Users

Resolving The Problem

There are several things to consider when administering the software: installation, permissions, and specific setting for particular backup locations. The respective application will work correctly for users with limited privileges (that is, users without administration rights). However, it requires administrator rights to install the software because there are driver components and registry updates.

If installing as an Administrator and not as the intended user of the software certain install parameters need to be configured.

Installation using command-line parameters
When installing Tivoli Continuous Data Protection for Files or Tivoli Storage Manager FastBack for Workstations the installation process can be controlled by adding specific command-line parameters.
General syntax:
Tivoli...windows.exe [parameter]
Parameters:
/v - The /v command-line parameter enables you to pass parameters supported
by the Windows Installer through setup.exe to the MSI package.
Supported parameters are:

/l*v - The /l*v parameter enables verbose logging. A distinct log file name and
location can be specified.
specific installation options
INSTALLDIR=Folder - folder If you want to install to a location other then the default folder, use this option and specify the folder.
REBOOT=ReallySuppress - Suppress system reboot after installation.
DONT_LAUNCH_FILEPATHSRV=1 - Use this option to suppress
launching the FilepathSrv.exe process. It is not recommended that you launch the FilepathSrv.exe process as any other user then the user the installation is intended for. Running the process as a different user can lead to failures when backing up files, or failures
later when a user tries to restore files.

For more information on install options and syntax refer to Tivoli Continuous Data Protection Users Guide 3.1 or Redbooks Deployment Guide Series: Tivoli Continuous Data Protection for Files V3.1
RedBooks:
http://www-01.ibm.com/support/search.wss?rs=2339&tc=SS3PE6&dc=DA4A20+DA700&dtm
User Guide:
http://publib.boulder.ibm.com/infocenter/tivihelp/v12r1/topic/com.ibm.itsm.fbws.doc_3.1.9/CDP31_UGuide.pdf

The Information Center also has documentation on later versions of Tivoli Continuous Data Protection for files and Tivoli Storage Manager FastBack for Workstations:
CDP Information Center Link:
http://publib.boulder.ibm.com/infocenter/tivihelp/v12r1/index.jsp?toc=/com.ibm.itstorage.doc/toc.xml
Tivoli Storage Manager FastBack for Workstation Information Center link:
http://pic.dhe.ibm.com/infocenter/tsmfbinf/v6/index.jsp?topic=/com.ibm.itsm.fbws.doc/UG/welcome/fbws_welcome.htm


The location of the Data directory depends on the application and type of install:
The location of the data directory varies depending on what software was installed, the type of installed (fresh install, upgrade install), and the Windows OS it was installed on. The drive letter will also vary depending on where the installer was instructed to install to.

Locations to check for Continuous Data Protection for Files on XP and Window Server OS

C:\Documents and Settings\All Users\Application Data\Tivoli\CDP_for_Files.
C:\Program Files\Tivoli\CDP_for_Files
Note: \Application Data\ is a hidden folder, and to see it you must to modify your view preferences in Explorer to show hidden files and folders.

Locations to check for Continuous Data Protection for Files on Windows Vista or Windows 7:

C:\ProgramData\Tivoli\CDP_for_Files
Note: ProgramData is a hidden folder, and to see it you must to modify your view preferences in Explorer to show hidden files and folders.

Locations to check for Tivoli Storage Manager FastBack for Workstation 6.1 installations on Windows XP:

C:\Documents and Settings\All Users\Application Data\Tivoli\TSM\FastBack_for_Workstations
C:\Documents and Settings\All Users\Application Data\Tivoli\CDP_for_Files
C:\Program Files\Tivoli\CDP_for_Files
Note: \Application Data\ is a hidden folder, and to see it you must to modify your view preferences in Explorer to show hidden files and folders.

Locations to check for Tivoli Storage Manager FastBack for Workstations 6.1 installations on Windows Vista or Windows 7:

C:\ProgramData\Tivoli\TSM\FastBack_for_Workstations
C:\ProgramData\Tivoli\CDP_for_Files
Note: ProgramData is a hidden folder, and to see it you must to modify your view preferences in Explorer to show hidden files and folders.

In order for the application to run as a user with limited privileges the user ,or the group they are in, must be granted full access to all existing files in the application data directory. Also, the user will need to have full access to any file that they create in the applications data directory. The location of the data directory depends on the application and type of install, reference the table above for your particular install.

Some potential errors that may be seen in the Event or Application log that can indicate a permission problem for the user would be:

Error 2/26/2010 9:47:42 AM IBM Tivoli Storage Manager FastBack for Workstations Application 6000 None FilePath ERROR error opening scan file

Error 2/26/2010 2:15:24 PM IBM Tivoli Storage Manager FastBack for Workstations Application 6002 None Function: process_queue Failed to open file: [C:\ProgramData\Tivoli\TSM\FastBack_for_Workstations\replication-active.3] Reason: The current operation is denied by the operating system due to permission.

(The above errors are from a Tivoli Storage Manager FastBack for Workstations install)

On Vista this should be applied regardless of UAC being enabled or disabled.

One way to accomplish this is to use the cacls command.

>>cacls "C:\Documents and Settings\All Users\Application Data\Tivoli\CDP_for_Files" /T /E /G Users:F

The “/T” means do the specified directory and all of its sub-directories.
The "/E" means edit the ACL, that will change the ACL to include full access to users.
The “/G” means “grant the following users the specified privilege” and the “F” means full access.

On Windows Vista although the cacls command is still included it is deprecated. Explorer should be used to ensure that the proper users have access to the application's data directory.

Clients backing up to a TSM Server
When using a Tivoli Storage Manager Server as the backup target, the application password prompt keeps popping up if the User account on the Client machine does not have administrative privileges. The reason is because Tivoli Storage Manager needs full access to every key in the following registry path in order to save the password:
HKEY_LOCAL_MACHINE\SOFTWARE\IBM\ADSM

To fix the problem, use regedit to grant full access to the user running FastBack for Workstations. Full access must be granted to the following keys:
HKEY_LOCAL_MACHINE\SOFTWARE
HKEY_LOCAL_MACHINE\SOFTWARE\IBM
HKEY_LOCAL_MACHINE\SOFTWARE\IBM\ADSM

NOTE: For Tivoli Continuous Data Protection for Files 3.1.7.0 and Higher or

Tivoli Storage Manager FastBack for Workstations 6.1.1.0 and Higher Full access must be granted only to the following key:
HKEY_LOCAL_MACHINE\SOFTWARE\IBM\ADSM