The backup and recovery of files are successful but the recovered files are still encrypted
3 years ago
Originally Published: 2010-04-28
Article Number
000061367
Applies To
RSA File Security Manager 2.2.1
Microsoft Windows Server 2003 SP2
Microsoft NTBackup
EMC NetWorker
 Volume Snapshot Service (VSS)
Issue
The backup and recovery of files are successful but the recovered files are still encrypted
FSM policy setup so that backup could read files unencrypted during backup, only reading files encrypted

Having issues with the backup software on some of the Adapters where it is backing up the encrypted form of the file instead of the decrypted version.


Files encrypted using RSA FSM will not be backed up as decrypted despite the granted permissions (using either NetWorker or NTBackup)
Cause
FSM does not support backups using VSS (Volume Shadow Copy Service). The snapshots created by VSS contain encrypted data because VSS file system filter driver runs below FSM filter driver. Any file system filter driver that runs below FSM filter driver will get encrypted data despite any permission granted in the FSM Policy Manager.
Resolution

Turning off VSS resolves the problem.

In NetWorker use VSS:*=off

In NTBackup use the following command line options:

 

ntbackup backup <path_to_folder_to_backup> /j "Test Backup" /snap:off /m normal /f <path_to_target_file>

 

For example to backup "D:\My Folder" directory and save it in C:\temp folder in a file called vssoffbackup.bkf run the following command:

 

ntbackup backup "D:\My Folder" /j "Test Backup" /snap:off /m normal /f C:\temp\vssoffbackup.bkf



Also reference solution Would like to allow access to a "backup" account that can read the encrypted files (not decrypt them) and archive that to tape. for information on configuring FSM policy for backup applications. 


Notes
EMC solution ID: esg113342

Related Articles

Trending Articles

Don't see what you're looking for?