I have created a user group with limited rights. What Policies would allow them to to save a backup? To be clear, not to export a script .rsc. I backup pulls the passwords, so even if they dumped it onto the same model they would not have access, right? Even if the backup was functional on the new hardware which I doubt it would be.
edit - upon further thought… I suspect this is not possible and would require “full” admin rights. True? It would be nice to have a policy that would allow a custom group to have the ability to make a backup.
edit ii - Sensitive information
Starting with RouterOS v3.27, the following information is regarded as sensitive, and can be hidden from certain user groups with the ‘sensitive’ policy unchecked.
Also, since RouterOS v4.3, backup files are considered sensitive, and users without this policy will not be able to download them in any way.
Ok - I gave the users “sensitive” rights and tested, but that did not work either - nor do I want them to be able to download anyway. In any event - thought it may work.
Seems like allowing this backup only/ now download setting may be nice to have. Automated backups… .this is the way.
If all you want to do is create a binary backup, but leave it on the router, you don’t need to allow that for your limited user group. Create a script to create the file and then a schedule that runs the script at whatever interval that you want. You can also have your script send the file somewhere (FTP, SCP, E-Mail, etc). I do that every evening. Your limited group does not need to be involved at all. Or am I missing what you are trying to do?
Hey Jim - you are spot on. I will look into doing something like an automated backup and email. I have seen some of these on the forum. I will have a look. I really just one to capture one after it is deployed.