Alerts can be useful to inform you regarding any issues with agents. These should be reviewed by performing the following:

[ In the Acronis Cloud console - customer view ]

1. Left menu, select Monitoring > Alerts.

2. Use the list in the left pane to filter by alert type. Important alert types to review inlcude:

   • Backup failed.

   • Incident detected (Antivirus / EDR incidents).

   • Agent installation failed due to lack of space.

Once reviewed, these can be cleared in bulk by performing the following:

[ In the Acronis Cloud console - customer view ]

3. Left menu, select Monitoring > Alerts.

4. In the right pane, in the top-right, select Clear all.

If devices are removed from the network, or if they are rebuilt with a different name then there there will be an orphaned device that should be removed. If the agent remains in the console, the school will be charged for an AV licence.

[ In the Acronis Cloud console - customer view ]

1. Left menu, select Devices > All Devices.

2. Select the column header titled Name to sort the column.

3. Scan the list for any devices with duplicate names and tick the checkbox to the left for each one.

4. In the right menu, select Delete.

Note: If an agent is deleted by accident, agents can be forced to register  in the console again by changing the number GPO file _forceRegCommand.txt. This will not create duplicates, just register missing agents.

[ In the Acronis Cloud console - customer view ]

1. Left menu, select Devices > click the header Last backup twice to sort by backed up device.

2. Select the device to check > right menu, select Protect.

3. Next to IIT Backup Plan for Servers, next to backup, click the expand ( ... ) button > select Edit.

Updating Backup Selection List

4. Under Items to backup > Specify > Select files and folders.

Default selections for K9 systems:

• D:\Shared Folders

• H:\Profiles (but exclude H:\Profiles\Pupils)

• H:\Users

5. Under Items to back up, select the blue text with folder paths.

6. Select Select files and folders > add / remove selections as required > Done > OK.

Updating Backup Configuration

7. The following setting should be configured:

• Continuous data protection (CDP): Off

• Schedule: Every day at 01:00 (Always incremental)

• How long to keep: Monthly: 4 months / Weekly: 8 weeks / Daily: 56 days.

• Encryption: Off

• Notarization: Off

8. Once checked, at the top select Save.

Cause

Orphaned objects can occur when objects (Mailboxes, OneDrives, Sites, or Teams) are deleted from the Microsoft 365 tenant. Within Acronis, the backups for the user will continue to exist and use storage space as an orphaned objects.

Duplicate objects can occur in a Microsoft 365 tenant if protection plans have been active and the plan has since been revoked or deleted. The data from the previous plans will continue to exist and use storage space.

The instructions below will provide steps on how to identify and delete these accounts.

Procedure

The instructions below will provide steps on how to identify and delete these accounts.

[ In the Acronis Cloud console - customer view ]

1. In left menu, Backup Storage > Backups.

2. Select Cloud applications backups > click the column header Last change.

If the last change date is not showing a recent date, then it's likely that the backup is orphaned. You can confirm this by:

• Checking for a duplicate backup of the object by using the search bar and seaching for the name of the orphaned object with a recent backup date.

• Confirming if the object can be deleted with a responsible member of staff.

• Checking the user's status in the school's MIS (SIMS / Arbor).

3. To delete the backup, tick the accounts to delete > in right menu, select Delete > tick I confirm the deletion... > select Delete. The status window can be closed during the delete operation.

Note: Up to 50 items can be selected at a time for deletion - to do this, tick the top item and press Shift + ⬇️

These steps will automatically apply AV and antimalware protection to all agents.

[ In the Acronis Cloud console - customer view ]

1. Left menu, select Management > Protection plans > check if IIT Protection Plan (EDR) for Endpoints v1.2 exists. If not, complete the section Importing protection plans.

2. Left menu, select Devices > Machines with agents > expand the Machines with agents tree, select All item > right menu, select Protect Group > under IIT Protection Plan for Endpoints, select Apply.

The guidance below provides details on the recommended backup plans that should exist dependant on the school's services.

Interm IT Protection Plan Templates

• IIT Backup Plan for Device (Files)

For backing up specific files and folders on a standalone device (e.g. user documents on a Headteacher's laptop).

• IIT Backup Plan for Servers (Files)

For backing up specific files and folders on a server.

• IIT Backup Plan for Servers (Device)

For backing up the entire server including user and system data.

Warning: This backup plan will use a lot of storage and should be discussed with the school before use.

• IIT Backup Plan for Microsoft SQL

For backing up SQL databases (e.g. SIMS, FMS, Paxton).

• IIT Protection Plan (EDR) for Endpoints

For providing antivirus, antimalware protection for workstations.

• IIT Protection Plan for Servers

For providing antivirus and antimalware protection for servers (includes monitoring of network drives).

Registration tokens can only be created with a maxiumum validity of 12 months. Expired Please follow the guidance below to 

Interm IT Protection Plan Templates

• IIT Backup Plan for Device (Files)

For backing up specific files and folders on a standalone device (e.g. user documents on a Headteacher's laptop).

• IIT Backup Plan for Servers (Files)

For backing up specific files and folders on a server.

• IIT Backup Plan for Servers (Device)

For backing up the entire server including user and system data.

Warning: This backup plan will use a lot of storage and should be discussed with the school before use.

• IIT Backup Plan for Microsoft SQL

For backing up SQL databases (e.g. SIMS, FMS, Paxton).

• IIT Protection Plan (EDR) for Endpoints

For providing antivirus, antimalware protection for workstations.

• IIT Protection Plan for Servers

For providing antivirus and antimalware protection for servers (includes monitoring of network drives).

Manual installation should be used to configure an agent on servers, but can also be used for deployment on workstations.

[ In the Acronis Cloud console - customer view ]

1. Left menu, select Devices > All devices (if this is a new Acronis tenant, close the Add device popup) > in the top-right, select + Add

• If logged into Acronis Cloud on the device to be configured:

Under Workstations / Servers, select Windows.

• If logged into Acronis Cloud remotely on another device:

Under Workstations / Servers, right-click Windows > Copy link address > paste the link into a browser on the device to be configured.

[ If installing on a Domain Controller, complete this section ]

2. Select Start > Run > type dsa.msc.

3. Select the Users OU > on the right, right-click Administrator > select Copy. Type the following:

   • Full name: AcronisAdmin

   • User logon name: AcronisAdmin

4. Next > Interm IT consultants - set a strong password of at least 20 characters using uppercase, lowercase, numbers, and symbols (this can be reset later if needed).

5.  > Next > Finish.

[ On the device to be configured ]

6. Open the downloaded CyberProtect_AgentForWindows_web.exe file.

   • If you encounter a Cannot connect to server error:

Select Show proxy settings > tick User an HTTP proxy server > enter the least restrictive proxy settings in Name/IP and Port textboxes > select Retry.

• If you encounter Logon account for the agent server (Required) message:

Select Specify > enter <Domain>\AcronisAdmin and the password above > Done.

7. Select Customise installation settings.

   • If you have been provided with a token, complete this step:

Under Registration settings, select Specify > select Use credentials > enter the following:

• Username: acronis

• Password: acronis

> Done > select Use registration token > enter the following:

• Replace https://cloud.acronis.com with https://eu-cloud.acronis.com

• In the text box, enter the registration token.

8. Select Done > Install.

Note: The agent may take a moment to appear in the console. Progress can be viewed in Monitoring > Activities.

Sources:

• Acronis Cyber Protect Cloud: Agent installer doesn't accept registration token

[ On K9Server / Group Policy Management server ]

1. Open a web browser and navigate to Interm IT Deployment files

2. Select and download the latest version of GPO - Acronis Cyber Protect Agent to D:\Interm IT.

3. Open File Explorer and Navigate to D:\Interm IT > right-click the downloaded file > select Extract All…

4. Select Extract.

5. Open the extracted folder > open Shortcut to _regToken.txt change XXXX-XXXX-XXXX to a valid registration token > save the file.

6. Start > Run > type gpmc.msc > OK.

[ In Group Policy Management ]

7. Left pane, expand Domains > {domainName} > right-click Group Policy Objects > New.

8. Under Name, type IIT Deploy Acronis > OK.

9. Expand the Group Policy Objects tree > right-click IIT Deploy Acronis > select Import Settings > Next > Next > Browse > browse to D:\Interm IT\GPO - Acronis Cyber Protect Agent > Next x 3 > Finish.

10. Left pane, expand Domains > {domainName} > Managed > right-click Computers > Link an Existing GPO > select the IIT Deploy Acronis GPO > OK. 

[ On K9Server / Group Policy Management server ]

1. Open a web browser and navigate to Interm IT Deployment files

2. Select and download the latest version of Acronis Cyber Protect to D:\Interm IT.

3. Open File Explorer and navigate to D:\Interm IT > right-click the downloaded file > select Extract All…

4. Select Extract.

5. Open the extracted folder > open Shortcut to _regToken.txt change XXXX-XXXX-XXXX to a valid registration token > save the file.

Note: To generate a new registration token, follow the section under Common Tasks named Generating Registration Tokens.

6. Start > Run > type gpmc.msc > OK.

[ In Group Policy Management ]

7. Left pane, expand Domains > {domainName} > right-click Group Policy Objects > right click the existing IIT Deploy Acronis GPO > select Import Settings.

8. Select Next x 2 > Browse > browse to D:\Interm IT\GPO - Acronis Cyber Protect folder > OK > Next x 3 > Finish.

9. Check that the GPO is linked to the Managed \ Computers OU to install the software.

Ensure that K9Server has an agent installed and operational before continuing.

[ In the Acronis Cloud console - customer view ]

1. Left menu, select Devices > All devices > in the top-right, select + Add

2. Under Multiple devices, select Windows only > change Discovery agent to K9Server (or the server hosting AD) > Next.

3. Expand the tree - [ DomainName ] > Managed > select Computers > OK.

4. Select the computers to deploy to > Next.

5. Select Install agents and register machines, then Select the components. Select only the following:

   • Cyber Protect Monitor.

> Select.

6. Toggle on Apply protection plan > select Specify protection plan > select IIT Endpoint Protection Plan > Select > Next > enter domain admin credentials in the format <Domain>\<Username> > Next > Install.

Note: Installation can be monitored from the console in Monitoring > Activities. Devices may require a restart before they appear in the console.

[ In the Acronis Cloud console - customer view ]

1. Left menu, select Devices > All devices > in the top-right, select + Add

2. Scroll down and select Microsoft 365 Business.

3. Login with the school’s intermit@ credentials > Accept > wait for the registration to complete.

4. Expand the tree and complete the following for each product type as required:

Groups (Sharepoint sites)

1. Select Groups tree > select the groups to include (or tick All groups to include all) > select Backup.

2. What to back up > select Sharepoint sites.

3. How long to keep > set to 4 months / 8 weeks / 56 days > Done.

Site collections (legacy Sharepoint sites)

1. Select Site collections tree > select the sites to include, (or tick All site collections to include all) > select Backup.

2. How long to keep > set to 4 months / 8 weeks / 56 days > Done.

Teams Configuration (mailboxes and OneDrive)

1. Select Teams tree > select the Teams to include (or tick All teams to include all) > select Backup.

2. How long to keep > set to 4 months / 8 weeks / 56 days > Done.

Users Configuration (mailboxes and OneDrive)

There are multiple options for selecting items to backup. Choose one of the following and follow the instruction set below:

• Custom Azure AD Group - backup specific users with a custom Acronis Azure AD group (lowest cost / storage usage, covers critical user data).

• Existing Azure AD Group - backup specific users within existing AD groups. e.g.Cloud 9 Staff / Cloud 9 Admin (moderate cost / storage usage, covers staff user data).

• All users / OneDrives - blanket includes all user data (largest cost / storage usage, covers all user data).

Custom Azure AD Groups

[ In the Microsoft 365 Admin Centre ]

1. Click here OR Navigate to Teams & Groups > Active Teams & Groups > select the Security Groups tab > + Add a security group.

2. Enter Acronis Backup - Mailbox OR Acronis Backup - OneDrive > Next (if Next is not selectable, select the Description box first).

3. Tick Azure AD roles can be assigned to the group > Next > Create group > Close.

4. Repeat from step 1 to create a group for the other product.

At this point, the groups will need to sync in Acronis overnight. Then continue with the following:

[ In the Acronis Cloud console - customer view ]

5. Left menu, select Devices > Microsoft 365.

6. Expand Microsoft > [ School Name ] > Users > select All Users.

7. At the top of the user list, select Select an Azure AD Group > search for and select one of the groups selected in the previous step > Add.

8. Select Save as > enter the name as Acronis Backup - Mailbox OR Acronis Backup - OneDrive > OK.

9. Right meny, select Group backup.

10. What to back up > select Microsoft 365 mailboxes or OneDrive.

11. How long to keep > set to 4 months / 8 weeks / 56 days > Done > Apply.

12. Repeat from step 7 to create a backup plan for the other product.

Existing Azure AD Group

1. Expand the Users tree > select All users > select Select an Azure AD Group > select the group to backup (e.g. Cloud9 Staff) > Add.

2. Select Save as > enter the group name (e.g. Cloud9 Staff) > OK.

3. Left pane, under users, select the created group > right pane, select Group Backup.

4. What to back up > select Microsoft 365 mailboxes or OneDrive.

5. How long to keep > set to 4 months / 8 weeks / 56 days > Done.

6. Toggle off Encryption.

7. Select Add Backup Plan > Repeat from step b to backup the other products.

All user Mailboxes / OneDrives

1. Select Users tree > tick All users (or individual users if preferred) > select Backup.

2. What to back up > select Microsoft 365 mailboxes or OneDrive.

3. How long to keep > set to 4 months / 8 weeks / 56 days > Done.

4. Select Add Backup Plan > Repeat from step b to backup the other products.

Create To add a Google Workspace organization to the Cyber Protection solution via a dedicated Google Cloud project, follow the steps below:

• Create a new Google Project and enable the required APIs for said project.

• Configure the credentials for the project - the OAuth consent screen and the service account for the Cyber Protection solution.

• Allow access to the new project to your Google Workspace account.

Create a new Google Cloud Project:

1. Create a new Google Cloud Project (GCP) by either:

• Navigating to https://console.cloud.google.com/projectcreate > Login as intermit@

OR

• Navigate to https://console.cloud.google.com > Login as intermit@ > top-left, select the navigation menu > Cloud Hub > Home > right pane, select Create project.

2. Enter the Project Name as Acronis-<SchoolName> > Create.

Disable APIs

1. Navigate to the Enabled APIs and Services page by either:

   • Navigating to https://console.cloud.google.com/apis/dashboard

OR

1. • Top-left, select the navigation menu > under Products, APIs and Services > select Enabled APIs and services.

2. Right pane, select each API in the table > top menu, select Disable API > Disable (also select Confirm if prompted).

Note: You can use Ctrl + select each entry to open them in new tabs and then disable them in each tab.

3. Still within APIs & Services, left pane, select Library > right pane, scroll down to the section Google Workspace > open each of these APIs > select Enable:

• Admin SDK API

• Gmail API

• Google Calendar API

• Google Drive API

• Google People API

Note 1: You can use Ctrl + select each entry to open them in new tabs and then enable them in each tab.

Note 2: You may need to select View all to the right to see some options.

Configure OAuth Consent Screen

• Select "APIs and services" -> "OAuth consent screen" from the GCP navigation menu.

• In the following window, select "Internal" for user type -> click "Create".

• Specify a name for your application in the "App name" field.

• Enter the Super Administrator email in the "User support email" field.

• Enter the Super Administrator email in the "Developer contact information" field.

• Leave all other fields blank -> click "Save and continue".

• Then, go to the "Scopes" page and select "Save and continue" without changing anything.

• Verify your chosen settings on the "Summary" page -> click "Back to dashboard".

To create and configure the Cyber Protection service account, follow the steps below:

• Select "IAM & Admin" -> "Service accounts" from the GCP navigation menu.

• Click "Create service account" and specify a name for the service account. (you can also set the service account description if you wish)

• Click "Create and continue".

• Don't change anything in the "Grant this service account access to the project" and "Grant users access to this service account" steps -> click "Done" to open the "Service accounts" page.

• On the "Service account" page, select your new service account - click "Manage keys" under "Acronis".

• Under "Keys", select "Add key" -> "Create new key" -> select the "JSON" key type -> click "Create". This action will create an automatically downloadable JSON file containing the private key for the service account. Once downloaded onto your machine, you must store the file securely to add your Google Workspace organization to the Cyber Protection service.

To grant your new project access to the Google Workspace account, follow the steps below:

• Select "IAM & Admin" -> "Service Accounts" from the GCP navigation menu.

• In the following list, find the newly created service account -> copy the client ID shown in the OAuth 2.0 Client ID column.

• Sign in as a Super Administrator to the Google Admin console.

• Select "Security" -> "Access and data control" -> "API controls" from the navigation menu.

• Scroll down the "API controls" page -> under the "Domain-wide delegation" line, select "Manage domain-wide delegation" to open the "Domain-wide delegation" page. On said page, select "Add new" to open the "Add a new client ID" window page.

• Enter the client ID of your service account client in the "Client ID" field.

• Copy and paste the following comma-delimited list of scopes in the "OAuth scopes" field:

https://mail.google.com,https://www.googleapis.com/auth/contacts,https://www.googleapis.com/auth/calendar,https://www.googleapis.com/auth/admin.directory.user.readonly,https://www.googleapis.com/auth/admin.directory.domain.readonly,https://www.googleapis.com/auth/drive,https://www.googleapis.com/auth/gmail.modify

• Click "Authorise". Following successful authorization, your newly created project can access your Google Workspace account data. To create a complete Google Workspace backup, you must link the new project to the Cyber Protection service. We will discuss how to do so below.

How to add a Google Workspace organization to Acronis Cyber Protect?

Now that you've created a personal Google Cloud project, you can add a Google Workspace organization to the Cyber Protection solution. To do so, follow the steps below:

• Log in to your Cyber Protect console as a company administrator.

• Select "Devices" -> "Add" -> "Google Workspace"

• Enter a valid email address of a Super Administrator of the Google Workspace account.

• Browse the JSON file containing the private key for the service account created in your Google Cloud project. You can also paste the file's contents as text -> click "Confirm". Once done, your Google Workspace organization will appear under the "Devices" tab in the Cyber Protect console.

Important notes regarding Google Workspace backup via Acronis Cyber Protect

• After successfully adding your Google Workspace organization, you can back up data from multiple domains. User data and "Shared" drives in the primary domain and all secondary domains (if available) will be backed up. Backup data will be displayed in a single list and not grouped by its domain.

• The cloud backup agent will systematically sync with Google Workspace (every 24 hours), starting from the moment you've added the organization to your Cyber Protection service. If you add or remove users or Shared drives, the changes won't be reflected in the Cyber Protection console instantly. To sync them immediately, select the organization on the "Google Workspace" page and click "Refresh".

• If you employed a protection plan for "All users" or "All Shared drives", all newly-added items will be included to backup only after syncing.

• Following Google policy, when a user (or Shared drive) is removed from the Google Workspace GUI, it remains available (via an API) for several days. During this period, the item will be grayed out (inactive) in the Cyber Protect console and not backed up. When the removed user or Shared drive becomes unavailable via the API, it will disappear from the Cyber Protect console. If you need to restore it from a backup (if available), you can find existing backups at "Backup storage" -> "Cloud applications backups".

[ In the Acronis Cloud console - customer view ]

For On-premise Backups

1. Left menu, select Management> select Protection Plans.

2. Select a backup protection plan > right menu, select Edit.

3. Under How long to keep, select the duration on the right > set the following:

   1. At the bottom, if Switch to individual rules for each backup set is present, select it, otherwise continue to the next step.

   2. Set the following:

      • Monthly 4 months

      • Weekly 8 weeks

      • Daily 56 days

4. Select Done > Save.

5. Repeat from step 2 for any other backup protection plans.

For Cloud-to-Cloud Backups:

1. Left menu, select Management> select Cloud applications backup.

2. Select a backup protection plan > right menu, select Edit.

3. Under How long to keep, select the duration on the right > set the following:

Set the following:

3. • • Monthly 4 months

     • Weekly 8 weeks

     • Daily 56 days

4. Select Done > Save changes.

5. Repeat from step 2 for each backup protection plan.

[ In the Acronis Cloud console - customer view ]

1. Left menu, select Devices > click the column header Last Backup twice to sort > locate and select the device to modify > right menu, select Protect > next to IIT Backup Plan for Servers, click the ... button > Edit.

2. Under Items to backup, select the items to the right.

3. Select Select files and folders and select / deselect items to include.

Default selections for K9 systems:

• D:\Shared Folders

• H:\Profiles (but exclude H:\Profiles\Pupils)

• H:\Users

4. Select Done > OK.

5. To exclude file types from the backup selection, under Backup options, select Change > select File filters > under Exclude the files..., add the file types > select Done.

6. Save > Proceed.

Follow these instructions to ensure that backup archives are correct. 

[ In the Acronis Cloud console - customer view ]

1. In left menu, Backup Storage > Backups.

2. Select IIT<DfE Number> to check on-premise backups. There should only be one archive per server.

3. To delete, select the entry > Delete.

Note: If the archive is for a server / device that is no longer online or has an Acronis agent installed, you will encounter the error Protection agent not found. Perform the following:

1. Select Cancel.

2. Machine to browser from, select Change > select any active Acronis agent > OK.

3. Select the backup archives to delete again and proceed to the next step.

4. Tick I Confirm > Delete.

Source: https://care.acronis.com/s/article/Acronis-Cyber-Protect-how-to-delete-backups-from-Cloud-Storage?language=en_US

INCOMPLETE - N PROGRESS

The instuctions below will check that all elements of the Microsoft 365 tenant are being backed up, as well as how to specify specific objects to include within the backup.

[ In the Acronis Cloud console - customer view ]

1. In left menu, Management > Cloud applications backup.

2. 
   

Please send the rules in the table below to the ISP to allow Aconis's service to function:

Acronis Firewall Rules

Protection Plans are applied to an installed agent to enable various Acronis services. This can include antivirus, antimalware, patch management. One device can have multiple Protection Plans applied.

[ In a web browser ]

1. Download the latest version of the following protection plans depending on the school’s needs:

Interm IT Protection Plan Templates

• IIT Backup Plan for Device (Files)

For backing up specific files and folders on a standalone device (e.g. user documents on a Headteacher's laptop).

• IIT Backup Plan for Servers (Files)

For backing up specific files and folders on a server.

• IIT Backup Plan for Servers (Device)

For backing up the entire server including user and system data.

Warning: This backup plan will use a lot of storage and should be discussed with the school before use.

• IIT Backup Plan for Microsoft SQL

For backing up SQL databases (e.g. SIMS, FMS, Paxton).

• IIT Protection Plan (EDR) for Endpoints

For providing antivirus, antimalware protection for workstations.

• IIT Protection Plan for Servers

For providing antivirus and antimalware protection for servers (includes monitoring of network drives).

[ In the Acronis Cloud console - customer view ]

1. Left menu, select Management > Protection plans > on the right, select Import > browse to the downloaded protection plan from step 1 > select Open.

2. Repeat step 1 for each protection plan to be used.

These steps will automatically apply AV and antimalware protection to both new and existing agents.

[ In the Acronis Cloud console - customer view ]

1. Left menu, select Management > Protection plans > check if IIT Endpoint Protection plan exists. If not, complete the section Importing protection plans.

2. Left menu, select Devices > Machines with agents > expand the Machines with agents tree, select All item > right menu, select Protect Group > under IIT Protection Plan for Endpoints, select Apply.

This view is used to manage deployments of Acronis at your schools.

• Monitoring

  • Usage - quota usage for each product.

  • Operations - summaries and events for all of your schools.

  • Audit log - all user activities are documented here.

• Clients - displays a list of your schools. Each school portal can be accessed from here.

• Company Management - view and create additional users at your  partner level.

[ In the Acronis Cloud console - company view ]

1. Left menu, select Clients.

2. Select a school from the list > select Manage Service.

You will now be taken to the school portal (customer view) to manage their services.

[ In a web browser ]

Navigate to https://eu-cloud.acronis.com.

Enter your email / username > Next.

Enter your password > Next.

Enter your MFA code (or setup if first login) > Sign In.

Registration tokens can be valid for up to 12 months and are used to associate the agent with the correct school.

[ In the Acronis Cloud console - company view ]

1. In the top-right, use search to find and select the school to configure.

2. Select Manage service.

[ In the Acronis Cloud console - customer view ]

3. Left menu, select Devices > All devices > in the top-right, select + Add

4. Scroll down to the bottom, under Registration Token, select Generate.

• Token lifetime: 12 Months

• Select user: IIT<DfE Number>

5. Select Generate Token > Copy > the copied token should be recorded as it can only be viewed once. This can then be:

   • Entered into a GPO for deployment.

   • Used for a standalone agent installation.

Acronis displays alerts

[ In a web browser ]

Navigate to https://eu-cloud.acronis.com.

Enter your email / username > Next.

Enter your password > Next.

Enter your MFA code (or setup if first login) > Sign In.

These steps will automatically apply AV and antimalware protection to both new and existing agents.

[ In the Acronis Cloud console - customer view ]

1. Left menu, select Protection > Quarantine > tick the items to restore > Restore.

[ In the Acronis Cloud console - customer view ]

1. Left menu, select Management > Protection plans > check if IIT Backup Plan for Servers exists. If not, complete the section Importing protection plans.

2. Left menu, select Devices > locate and select the device to backup > (if the IIT Backup Plan for Servers is not visible, at the top, select + Add Plan) > next to IIT Backup Plan for Servers, click the expand button > under Backup, select the expand button.

3. Under Items to backup > Specify > Select files and folders.

Default selections for K9 systems:

• D:\Shared Folders

• H:\Profiles (but exclude H:\Profiles\Pupils)

• H:\Users

5. Select OK.

6. Scroll to top and select Create.

This should be installed on any devices that are using Microsoft SQL Server databases including SIMS, FMS, Paxton.

[ On server to be configured ]

1. Proceed to the next step if the Acronis agent has been installed on the server.

Note: The SQL installer is a separate add-on installer to the base Acronis Agent. If you don't install it, you'll be waiting for a long time for Microsoft SQL to appear in the console.

2. Copy the download link from here.

3. Run the downloaded file on the server > select Install.

[ In the Acronis Cloud console - customer view ]

3. Left menu, select Management > Protection plans > check if IIT Microsoft SQL Backup Plan exists. If not, complete the section Importing protection plans.

4. Left menu, select Devices > Microsoft SQL.

5. Expand Microsoft SQL > select the server to backup (optionally, select individual databases) > right menu, select Protect Group.

5. Under IIT Microsoft SQL Backup Plan, select Apply. 

Acronis support will likely ask you to perform a connection test using their Acronis Connection Verification Tool. For this process, you will require credentials for a user created directly under the site.

For Interm IT schools, each school will have a login beginning with IIT e.g. IIT9191234. To check this, perform the following:

[ In the Acronis Cloud console - customer view ]

1. Within the customer list, select the text of the school that you will be testing > on the left, select My Company > the username should appear. If you do not know the password, proceed to step 2.

2. If you have user credentials specific to the site (for Interm schools, this will start with IIT), skip to 

3. Hover over the user in the list, then select the 3 dots menu and select Reset password > Reset.

4. An email will be sent to SD@ (inform a member of the SD that the email will be located in the folder # Automated Emails > Acronis). Ask them to forward it to you. 

5.  them that it inform Mark Whitman or Service Desk and they will reset the password to the current IntermAdmin password.

[ On the affected device ]

6. Download and extract the Acronis Connection Verification Tool to a known location.

7. Right-click run_test.bat and select Run as administrator.

8. Enter the username obtained in step 1.

9. Enter the password

• Has the broadband provider changed where a proxy has been added or removed? Uninstall and reinstall agent.

• Does agent show as offline? Update agent.

• Update agent failed. Uninstall and reinstall agent.

• Uninstall agent failed. Run Windows uninstall

• Does error include not being able to connect to storage server? Connection Test.

Acronis support will likely ask you to perform a connection test using their Acronis Connection Verification Tool. For this process, you will require credentials for a user created directly under the site.

For Interm IT schools, each school will have a login beginning with IIT e.g. IIT9191234. To check this, perform the following:

[ In the Acronis Cloud console - customer view ]

1. Within the customer list, select the text of the school that you will be testing > on the left, select My Company > the username should appear. If you do not know the password, proceed to step 2.

2. If you have user credentials specific to the site (for Interm schools, this will start with IIT), skip to 

3. Hover over the user in the list, then select the 3 dots menu and select Reset password > Reset.

4. An email will be sent to SD@ (inform a member of the SD that the email will be located in the folder # Automated Emails > Acronis). Ask them to forward it to you. 

5.  them that it inform Mark Whitman or Service Desk and they will reset the password to the current IntermAdmin password.

[ On the affected device ]

6. Download and extract the Acronis Connection Verification Tool to a known location.

7. Right-click run_test.bat and select Run as administrator.

8. Enter the username obtained in step 1.

9. Enter the password

• Has the broadband provider changed where a proxy has been added or removed? Uninstall and reinstall agent.

• Does agent show as offline? Update agent.

• Update agent failed. Uninstall and reinstall agent.

• Uninstall agent failed. Run Windows uninstall

• Does error include not being able to connect to storage server? Connection Test.

• Has the broadband provider changed where a proxy has been added or removed? Uninstall and reinstall agent.

• Does agent show as offline? Update agent.

• Update agent failed. Uninstall and reinstall agent.

• Uninstall agent failed. Run Windows uninstall

• Does error include not being able to connect to storage server? Connection Test.

[ On affected Domain Controller ]

1. Start > Run > type services.msc > OK.

2. Locate the service Acronis Managed Machine Service.

3. Check the following column values are showing - if they are not, follow the instructions below each item on how to fix the issue.

   • Status: Running

Right-click Acronis Managed Machine Service > Start. (If you receive an error regarding a logon failure, complete the steps below for Log On As.

3. • Startup Type: Automatic (Delayed)

Right-click Acronis Managed Machine Service > Properties > under Startup type, select Automatic (Delayed Start) > OK.

3. • Log On As: {Domain}\AcronisAdmin

Right-click Acronis Managed Machine Service > Properties > Log On tab > paste the following password into the Password fields:

<Redacted>

> OK.

Then, select Start > Run > type dsa.msc > OK.

Under {domain.internal} \ Users > locate and right-click AcronisAdmin (if AcronisAdmin doesn't exist, complete the steps below) > Reset Password > paste password from above > OK.

[ If AcronisAdmin doesn't exist ]

Right-click Administrator > Copy > enter the following:

• Full name: AcronisAdmin

• User logon name: AcronisAdmin

> Next > set password as above > Next > Finish.

Return to the Services window > Right-click Acronis Managed Machine Service > Start.

[ On affected server ]

1. Start > Run > type services.msc > OK.

2. Locate the service Acronis Managed Machine Service.

3. Check the following column values are showing - if they are not, follow the instructions below each item on how to fix the issue.

   • Status: Running

Right-click Acronis Managed Machine Service > Start. (If you receive an error regarding a logon failure, complete the steps below for Log On As.

3. • Startup Type: Automatic (Delayed)

Right-click Acronis Managed Machine Service > Properties > under Startup type, select Automatic (Delayed Start) > OK.

3. • Log On As: Local System

Right-click Acronis Managed Machine Service > Properties > Log On tab > select Local System account > OK.

Error Message

Backup failed because a third-party VSS provider had an unexpected error.

Solution

[ In Acronis Portal - Customer View ]

1. Devices > All Machines > select the affected server.

2. Right menu, select Protect > select ... > Edit.

3. Under Backup Options, select Change.

4. Left menu, scroll down and select Volume Shadow Copy Service (VSS).

5. Select the radio button Use Microsoft Software Shadow Copy provider.

6. Select Done > select Save.

Symptoms

Connection has been lost to an existing client. When reinstalling the latest web installer, the following error shows:

Installation files are not available. Cannot connect to server...

Solution

[ On the affected server ]

1. Download the latest web installer here > run the installer.

2. Select Show proxy settings > modify the proxy settings as required > Retry > close the installer.

3. Run the installer again > select Update.

If the server already has the IIT Deploy Acronis GPO in Group Policy Objects, skip the section below and continue from the Linking GPO section.

Importing / Deploying GPO

[ On K9Server / Group Policy Management server ]

1. Open a web browser and navigate to Interm IT Deployment files

2. Select and download the latest version of GPO - Acronis Cyber Protect Agent to D:\Interm IT.

3. Open File Explorer and Navigate to D:\Interm IT > right-click the downloaded file > select Extract All…

4. Select Extract.

5. Start > Run > type gpmc.msc > OK.

[ In Group Policy Management ]

6. Left pane, expand Domains > {domainName} > right-click Group Policy Objects > New.

7. Under Name, type IIT Deploy Acronis > OK.

8. Expand the Group Policy Objects tree > right-click IIT Deploy Acronis > select Import Settings > Next > Next > Browse > browse to D:\Interm IT\GPO - Acronis Cyber Protect Agent > Next x 3 > Finish.

9. Right-click IIT Deploy Acronis > Edit > expand Computer Configuration > expand Windows Settings > select Scripts (Startup / Shutdown) > right pane, double-click Startup > select Show Files.

10. Open RegToken.txt and change XXXX-XXXX-XXXX to a valid registration token > Close > Yes to save > close both windows.

Note: If you do not have a valid registration token, please generate another by following the instructions below "Generating registration tokens".

Linking GPO

[ In Group Policy Management ]

11. Left pane, expand Domains > {domainName} > Managed > right-click Computers > Link an Existing GPO > select the IIT Deploy Acronis GPO > OK.

These steps will automatically apply AV and antimalware protection to both new and existing agents.

[ In the Acronis Cloud console - customer view ]

1. Left menu, select Management > Protection plans > check if IIT Endpoint Protection plan exists. If not, complete the section Importing protection plans.

2. Left menu, select Devices > Machines with agents > expand the Machines with agents tree, select All item > right menu, select Protect Group > under IIT Endpoint Protection Plan, select Apply.

Where Acronis agents have been deployed successfully, Panda can be removed.

[ On K9Server (If the system is On-Prem / Hybrid K9) ]

1. Select Start > Microsoft Deployment Toolkit folder > Deployment Workbench.

2. Left pane, under K9 Deployment Share, select Applications.

3. Right pane, find entries referring to Panda or Interm AV > right-click the entry > Delete > Next x 2 > Finish.

Only complete this step once you have confirmed the that devices are appearing in the Acronis Customer portal. (When Panda is uninstalled, Acronis will check for conflicting AV every 5 minutes and take over).

[ In a web browser ]

1. Navigate to https://wg.pandacloud.pandasecurity.com/Login

2. Login with provided credentials.

3. Select Partner Center.

4. Open the console for a school from the list by clicking the icon  - check the column named Used to see if there are active installations at the school that need to be deleted.

5. At the top, select the Computers tab.

6. Tick the checkbox next to the computer column to select all devices > in the menu bar above select > tick Uninstall the Panda agent from this computer > Delete.

Note: If you receive the error “This computer could not be deleted because it is designated as a proxy or cache computer.” > Close > Settings tab > left menu, Network services > Cache tab > select bin icon on right > OK > continue from step 5.