Older Encryption Management Server backups are not removed from a remote system

book

Article ID: 224370

calendar_today

Updated On:

Products

Gateway Email Encryption Encryption Management Server

Issue/Introduction

By default, Encryption Management Server stores its backups on the local disk. Clearly, this is not recommended.

By opening the administration console and navigating to System / Backups and clicking on the Backup Location button, you can configure the backup files to be stored on a remote system.

The files are uploaded to the remote system using one of the following protocols:

  1. FTP - not recommended because the credentials are passed over the network in clear text.
  2. SCP Password Authentication
  3. SCP Keypair Authentication

After configuring the remote location you may see the following error in the Backup logs under Reporting / Logs in the administration console:

Failed to remove older backups: file operation error

Environment

Symantec Encryption Management Server 10.5 and above.

Resolution

The account that is used to upload the backup files to the remote location needs to have deletion rights on the remote directory in order to be able to delete old backup files.

Note that by default only 5 backups are retained. Therefore if you wish to implement a grandfather-father-son or similar backup rotation scheme, the remote system will need to copy certain backup files to a different location.