In order to keep the Backup Agent secure, connections are only accepted from specified Backup Managers. To authorize a Backup Manager to backup the Server, you must first add a key of the Backup Manager to the Backup Agent. The Windows Backup Agent Configuration Utility allows users to add an encryption key that allows the Backup Manager to connect to the Windows Backup Agent.
Adding the Backup Manager public key to the Backup Agent means creating a text file on the server (Backup Agent machine). The default directory is C:\Program Files\Idera Server Backup\conf\server.allow.
Follow the instructions below to add the Manager Public Key to the Backup Agent on your Server using the Windows Backup Agent Utility.
Make sure the Backup Manager is running and the Manager port (default 80) and Backup Agent port (default 1167) are not busy by other applications. See also: Restart Backup Manager, Configure Backup Manager ports, and Configure Backup Agent port.
1. Run the Windows Backup Agent Utility. Read more in Launch Windows Backup Agent Configuration Utility.
2. The main window of the Windows Backup Agent Utility will be displayed. Switch over to the "Authorized Server Backup Managers" tab.
3. Click on the "Add..." button located on the right to authorize a Backup Manager.
4. The "Add Server Key" dialog will be displayed.
5. Enter the following information to inform the Utility how to contact the Backup Manager.
- Filename - Enter Host name that will be shown in the "Installed Keys" list. The file containing Encryption Key will have this name.
There is backup configuration setting IPAuthentication that allows the system to check if the Filename matches IP. If IPAuthentication is "0," then the "Filename" value can be different from the "Server Backup Manager" value. See Change Windows Backup Agent configuration.
- Protocol - Select "http" or "https" from the drop-down menu.
- Server Backup Manager - Enter the IP address or DNS Host Name that the Backup Manager uses.
6. Click on the "OK" button.
7. Once this information is entered and verified, the backup manager will be contacted to find its Public Key and the IP address that it will use for outbound connections. During this process, the Windows Backup Agent Configuration Utility uses the current Backup Agent port settings.
If you have defined the appropriate Backup Manager properties, the Manager Key will be successfully added to the Backup Agent database and the requests from the Backup Manager will be allowed. The Key name will appear on the "Authorized Server Backup Managers" tab.
After the Server Key is added, requests from the Backup Manager should be accepted.
During the Key adding the following error message can appear. Eliminate issues connected for example with a firewall permissions and repeat the procedure.