I hope I simply just missed this and someone can post a link to the data.
How does Urbackup know which computer to restore individual files on? Does it go by computer name or some kind of security key?
If so then in an environment where people have admin rights to their own machines (cannot be changed at this moment) then what keeps someone from changing their computer name and “Restoring” someone else’s files.
Example: 20 user company (no domain, everyone roams, all apps are online for the most part and can be accessed from any computer, wont be changing anytime soon). Want to stay with Urbackup and not use another backup tool. What keeps say Bob (new hire in, reception) from restoring files from Jeff (CEO) or Gary (Security and product development) by updating the name of the computer and restoring the user profile?
Please dont pick apart the example above to much, its a simple very toned down version of my complicated situation that I got thrown into. Having to slowly change managers/owners mindsets to get to where we need but will take way to long compared to present need.
It is a good question and one that my team thought about in our testing environment. I am sure uroni can offer a more comprehensive explanation that what I provide below. In short, though, the machine name is tied to a key (that you can set uniquely for each machine). So Bob would need to have both Jeff’s machine’s name and the key for Jeff’s machine. I think Bob would also need to power off Jeff’s machine and then rename their machine’s client to the same as Jeff’s otherwise there’d be the possibility of two machines with the same name and key trying to get to the server at the same time.
With all that done they might be able to restore Jeff’s files.
Thats Great! That actually sums up what I was hoping for.
So I guess my next questions would be
How to I update that key on the client/server?
In case someone gets physical access for a SHORT period of time. (not enough time to copy files to a usb stick) can someone get the key off a client’s machine? Is it stored in a registry or config file…
If this key is changed will I have to redo the whole backup for the client?
The keys to access file backups are in C:\Program Files\UrBackup\tokens . If you delete them UrBackup will generate new ones with the next file backup and the user will not be able to access the old backups.
In addition to the per-user keys there is a per-server machine key (client access key) in C:\Program Files\UrBackup\urbackup\access_keys.properties. This one is changed every week during a file backup. You need both to access the file backups on the server.
You can copy the tokens and the access key and will then be able to access the files until the client access key changes. Unfortunately, a client can also change it’s name and change the client access key to something it knows currently.
