Veeam
      Back to home
      1. Support
      2. Troubleshooting & Help
      3. Veeam

      Why Use a Dedicated Service Account for the Myota VSPC?

      To ensure Veeam has full access to all files, folders, and system resources during backups—especially on protected or restricted volumes—it’s best to run Veeam services under a dedicated service account with elevated privileges.

      To ensure that Veeam can access all files, folders, and system resources during backup and recovery processes—particularly on protected, system-critical, or access-restricted volumes—it is highly advisable to operate Veeam services using a dedicated service account with elevated privileges. This practice mitigates common problems related to permission denials, inaccessible directories, and user-specific access controls that can disrupt or hinder backup effectiveness.

      Utilizing a service account with administrative rights allows Veeam to consistently access user profile data, hidden system files, locked folders, and other resources that are often restricted to standard or non-administrative accounts. This not only enhances the uniformity of multiple backup jobs but also streamlines permission management and strengthens auditing and security by confining Veeam’s access to a single, controlled entity.

      This approach is particularly vital in environments characterized by:

      • Strict NTFS or ACL configurations
      • Multiple user profiles or roaming profiles
      • Network-mapped drives or DFS shares
      • Compliance-driven security models

      Establishing a well-configured service account greatly enhances Veeam’s ability to monitor and manage operations within your environment. This approach reduces the likelihood of encountering incomplete backups, missing files, or unsuccessful restores that may arise from permission issues. Additionally, by ensuring consistent and elevated access to all files and directories, it can significantly reduce enumeration time, particularly in environments with complex directory structures or large volumes of small files. This results in faster, more efficient backup processing and improved overall performance.

      Steps to Set Up a Dedicated Veeam Service Account

      1. Create and Configure the Service Account

      • Create a domain user account, e.g., veeam_svc.

      • Add veeam_svc to the local Administrators group on the protected machine(s).

      • Grant the account the “Log on as a service” right:

        • Open Local Security Policy (secpol.msc)

        • Navigate to: Local Policies > User Rights Assignment

        • Double-click Log on as a service

        • Click Add User or Group and add veeam_svc

      2. Assign the Account to Veeam Services

      • Open Services (services.msc)

      • Locate: Veeam Agent for Microsoft Windows (VeeamEndpointBackupSvc)

      • Right-click > Properties > switch to the Log On tab

      • Select This account, enter .\veeam_svc (or domain\veeam_svc), and provide the password

      • Click OK, then restart the service