Acronis Backup & Recovery 10: Adding Necessary Rights

How to add the necessary rights to users for Acronis Backup & Recovery

This article applies to:

Acronis Backup & Recovery 10 Advanced Server (Agent for Windows)
Acronis Backup & Recovery 10 Server for Windows (Standalone)
Acronis Backup & Recovery 10 Advanced Server - Small Business Server Edition (Agent for Windows)
Acronis Backup & Recovery 10 Advanced Workstation (Agent for Windows)
Acronis Backup & Recovery 10 Workstation (Standalone)
Acronis Backup & Recovery 10 Advanced Server - Virtual Edition (Agent for Windows)

Symptoms

You install Acronis Backup & Recovery 10 and you specify an existing user account(s) for Acronis services;

Advanced:	Standalone:

The installation fails. In installation log (see Creating an MS Installer Log of Acronis Software and Analyzing Installation Logs of Acronis Products Based on MSI Technology) you see a message similar to the following one:

1: MSIGEN:GrantUserPrivileges: started for user 'Computer\User'
1: MSIGEN:GrantUserPrivileges: List of priviledges to grant: 'SeServiceLogonRight'
1: MSIGEN:GrantUserPrivileges: Failed to grant priviledge 'SeServiceLogonRight' to user 'Computer\User' with error code '1780'
1: MSIGEN:AddExistingUserToServiceUsers: failed
Action ended 13:09:50: InstallFinalize. Return value 3.

or

you receive a warning from the installation wizard that it was impossible to grant the necessary rights to the specified account.

Cause

The setup program cannot assign the necessary rights to existing account(s). See Acronis Backup & Recovery 10: Required User Permissions for Local and Remote Management.

Solution

Add the necessary rights to the user account manually. See appropriate section:

If the machine is not a part of the domain

Edit the Local Security Policy on the machine:

Go to Start -> Control Panel -> Administrative Tools -> Local Security Policy;
Browse down to Local Policies -> User Rights Assignment -> and find the following policies:
- Log on as service
- Adjust memory quotas for a process
- Replace a process level token
Double click on the selected policy and click on Add User or Group:
Click Advanced:
Click Find Now and select from list the user that you specify for Acronis services:
Click OK several times to finish applying the policy:
Repeat the steps for the three necessary policies:
- Log on as service
- Adjust memory quotas for a process
- Replace a process level token

(!) If the Add User or Group button is grayed out, then it means that the machine is a part of the domain, and the Replace a process level token policy is defined via domain security settings. In this case, please follow the steps from appropriate section.

If the machine is a part of a domain and it is a usual domain member machine (not a domain controller)

Ensure that necessary rights are added to the Acronis Services user in the Domain Security Policy:

On the domain controller go to Start -> Control Panel -> Administrative Tools -> Domain Security Policy
Browse down to Local Policies -> User Rights Assignment -> and find the followingA policies:
- Log on as service
- Adjust memory quotas for a process
- Replace a process level token
Double click on the policy, enable the box Define these policy settings and click on Add User or Group:
Do not click Browse – instead manually type the name of Acronis services account and please do not add the computer name before the account, leave it as shown below. Then click OK:
Repeat the steps for the three necessary policies:
- Log on as service
- Adjust memory quotas for a process
- Replace a process level token

The updated policy must be applied to the domain members: either wait for some time – defined for your domain – for the domain policy to be refreshed and applied to all machines; or force domain policy update to be applied immediately on a particular domain machine:

Go to Start -> Run -> cmd
Execute the command:

gpupdate /force

If the machine is a part of a domain and it is a domain controller

Ensure that Replace a process level token right is added to the <DOMAIN>\<Acronis_services_user> (where <DOMAIN> is the name of your domain and <Acronis_services_user> is the user account that you specify for Acronis services) account in the Domain Controller Security Policy:

On the domain controller go to Start -> Control Panel -> Administrative Tools -> Domain Controller Security Policy;
Browse down to Local Policies -> User Rights Assignment -> and find the following policies:
- Log on as service
- Adjust memory quotas for a process
- Replace a process level token
Double click on this policy, enable the box Define these policy settings and click on Add User or Group:
Click Browse -> Advanced;
Click on Locations and make sure your domain is selected as the location to look for the users;
Click OK, then click Find now and select the necessary user from the list;
Click OK several times to finish applying the policy;
Repeat the steps for the three necessary policies:
- Log on as service
- Adjust memory quotas for a process
- Replace a process level token

After adding the necessary rights, reattempt the installation.

Knowledge Base

Similar Content

15276: Acronis Backup & Recovery 10: Adding Necessary Rights

Symptoms

Cause

Solution

More information

Language