|Subject:||Best Way to Share a Secret String Between Member Servers?|
|Posted by:||Will (firstname.lastname@example.org)|
|Date:||Tue, 6 Feb 2007|
I am looking at issues around having each computer do its own backups using
the native Windows backup application to a file server.
Rather than having a custodial domain account used by the computers, and
with that all of the hassles of dealing with how to secure the password, I
am wondering if there is a way to do the DACL permissions to the target
share / file system based on just authentication by Windows domain system of
the target computer itself. Could you put the machine object of the
computer doing the backup into the DACL of the target share\folder-path, and
then run the backup process as SYSTEM on the client computer?
I did try this as an experiment and the scheduled task refused to run.
That could be a problem with the implementation or with the theory, and
that's why I am checking.