Chapter 6: Diagnostics

6.1 Service Report

To help our service analyze unexpected behavior of our software, you can generate a service report by selecting the menu item “File >> Generate Service Report." All service information is stored in the file "C:ProgramDataGrauDataBlockyBlockyforVeeam®_Diag.zip." Generating a service report is also available via the BlockyCLI.

When using the Central GUI, the service report is generated on the active connected target server and must be collected from there once finished.

6.2 Missing privileges

The Blocky GUI requires certain privileges to run properly, so you have to make sure the user is able to gain such privileges.

The required privileges are:

• SE_BACKUP (SeBackupPrivilege)

• SE_RESTORE (SeRestorePrivilege)

• SE_TAKE_OWNERSHIP (SeTakeOwnershipPrivilege)

• SE_LOAD_DRIVER (SeLoadDriverPrivilege)

• SE_SECURITY_NAME (SeSecurityPrivilege)

In standard installations, any local or domain admin user is allowed to gain these privileges by default. It is possible to restrict these privileges via local security policies or domain group policies. Please make sure to not restrict these policies for users who need to run the Blocky GUI.

6.3 System clock tampering

BlockyforVeeam® monitors the system clock and detects backward time manipulations. Once such system clock tampering is detected, it will be reported in the Windows event log, and access control will refuse any write access, even from whitelisted applications.