Configure Long-Term Archive Account

An account used to write data to the Long-Term Archive and upload report subscriptions to shared folders. By default, the LocalSystem account is used for the archive stored locally and the computer account is used for archive stored on a file share.

If you want to store the Long-Term Archive on a file share, you can specify custom account in Settings Long-Term Archive in Netwrix Auditor.

Starting with version 9.96, you can use Group Managed Service Account (gMSA) as the account for accessing Long-Term Archive.

The custom account must be granted the following rights and permissions:

  • Advanced permissions on the folder where the Long-Term Archive is stored:
    • List folder / read data
    • Read attributes
    • Read extended attributes
    • Create files / write data
    • Create folders / append data
    • Write attributes
    • Write extended attributes
    • Delete subfolders and files
    • Read permissions
  • On the file shares where report subscriptions are saved:

    • Change share permission
    • Create files / write data folder permission

    NOTE: Subscriptions created in the Netwrix Auditor client are uploaded to file servers under the Long-Term Archive service account as well.