• JoeyDumont
    0
    Hi,

    I would like to know if there is a way to set up a custom build such that there is already a default backup plan in place, and some other configuration options, such as requiring client-side encryption and enforcing policies on the passphrase. I would like to bundle installers with this configuration to Windows, MacOS and Linux users.

    Cheers,
  • David Gugick
    12
    You can set up default configurations for settings and backup plans from the web console in Remote Deploy - Configurations and Rules. In this case, the settings and jobs are applied when you register the client and an existing rule recognizes it. You can update the configuration at any time and changes are pushed to the client automatically.
  • JoeyDumont
    0
    Oh ok cool, I seem to have missed this option entirely when going through the UI! This does pretty much everything I need. Thanks!
  • JoeyDumont
    0
    Is this functionality exposed through the API? I'd like to automate the creation of configuration deployments.
  • JoeyDumont
    0
    Hmm, there seems to be no way to force a user to use client-side encryption though. In my case, I would want to manage the encryption for the user, so I wouldn't even want the user to be able to turn off that option in a given backup plan, and reject the creation of backup plans that do not use client-side encryption.
  • David Gugick
    12
    I assume you mean backup encryption, which you can add to the default Backup plan in the Configuration in the Compression and Encryption options section. To prevent someone from firing up the agent remotely, you can enable a master Password on the client (from Settings in Configurations - General - Protect Console with Master Password).
  • JoeyDumont
    0
    Thank you David for the answers. If I understand correctly, setting a master password would preclude a user from opening the client on their own computer (please correct me if I'm wrong). I'm looking for something more granular, say: the user can change the contents of the backup (include/exclude), but not the remote storage or the client-side encryption setting.

    If it's not granular, it means I need to setup a master password and manage all backup plans myself.

    Moreover, I'd like for the API to have all the features of the management console, so I can automate pretty much all management tasks. Is that something you're looking to do in the future?
  • David Gugick
    12
    Unfortunately, it's not possible to do what you are asking - enforce some backup options like encryption while allowing editing of others. I'll add a feature request for this.

    As far as the API, it's pretty comprehensive (https://mspbackups.com/v2.0/Swagger/#/Provider) but I do not think the Configuration and Rules options are exposed by the API. I'll verify with the team and create a feature request for you. The Config/Rules option is very high-level as is, meaning it's easy to edit a configuration and have the changes automatically deployed to clients. Can you expand on your desired use of the API as it pertains to Config/Rules?
  • JoeyDumont
    0
    Good, thanks! In my use case, we'd like to enforce some basic settings, like the storage destination, the use of client-side encryption, but leave the include/exclude options to the user, for example.

    In general, it would be nice to have granular "permissions" for users on backup plans. For instance, the user could be allowed to create new plans as long as it follows some rules, or not have permission to create new plans and be allowed to edit only some settings of an existing plan.

    As for the API, I would like to create new configurations, edit configurations, create new rules and edit existing rules with the API. In short, I'd like to do everything I can do with the console with the API.

    Thank you so much for your responsiveness, it means a lot!
bold
italic
underline
strike
code
quote
ulist
image
url
mention
reveal
youtube
tweet
Add a Comment

Welcome to CloudBerry Lab Forum!

Thank you for visiting! Please take a moment to register so that you can participate in the discussions!