Can anyone shed any light on the following:
My Symantec BackupExec service account is a member of the Domain Admins and Backup Operators groups, as is required by Symantec. Backup Operators has all the relevent User Rights Assignments set in Group Policy (Act as part of the operating system, Backup files and directories, Create a token object, Logon as a batch job, Logon as a service, Manage auditing and security log, Restore files and directories, Take ownership of files and other objects), yet my backups fail because the account is missing permissions. When I add the service account directly to these User Rights, it works.
Somewhere down the line the group membership isn't getting enumerated. Anyone got any thoughts on why this might be?