I would like to know if there is a way to set up a custom build such that there is already a default backup plan in place, and some other configuration options, such as requiring client-side encryption and enforcing policies on the passphrase. I would like to bundle installers with this configuration to Windows, MacOS and Linux users.
You can set up default configurations for settings and backup plans from the web console in Remote Deploy - Configurations and Rules. In this case, the settings and jobs are applied when you register the client and an existing rule recognizes it. You can update the configuration at any time and changes are pushed to the client automatically.
Hmm, there seems to be no way to force a user to use client-side encryption though. In my case, I would want to manage the encryption for the user, so I wouldn't even want the user to be able to turn off that option in a given backup plan, and reject the creation of backup plans that do not use client-side encryption.
I assume you mean backup encryption, which you can add to the default Backup plan in the Configuration in the Compression and Encryption options section. To prevent someone from firing up the agent remotely, you can enable a master Password on the client (from Settings in Configurations - General - Protect Console with Master Password).
Thank you David for the answers. If I understand correctly, setting a master password would preclude a user from opening the client on their own computer (please correct me if I'm wrong). I'm looking for something more granular, say: the user can change the contents of the backup (include/exclude), but not the remote storage or the client-side encryption setting.
If it's not granular, it means I need to setup a master password and manage all backup plans myself.
Moreover, I'd like for the API to have all the features of the management console, so I can automate pretty much all management tasks. Is that something you're looking to do in the future?
Unfortunately, it's not possible to do what you are asking - enforce some backup options like encryption while allowing editing of others. I'll add a feature request for this.
As far as the API, it's pretty comprehensive (https://mspbackups.com/v2.0/Swagger/#/Provider) but I do not think the Configuration and Rules options are exposed by the API. I'll verify with the team and create a feature request for you. The Config/Rules option is very high-level as is, meaning it's easy to edit a configuration and have the changes automatically deployed to clients. Can you expand on your desired use of the API as it pertains to Config/Rules?
Good, thanks! In my use case, we'd like to enforce some basic settings, like the storage destination, the use of client-side encryption, but leave the include/exclude options to the user, for example.
In general, it would be nice to have granular "permissions" for users on backup plans. For instance, the user could be allowed to create new plans as long as it follows some rules, or not have permission to create new plans and be allowed to edit only some settings of an existing plan.
As for the API, I would like to create new configurations, edit configurations, create new rules and edit existing rules with the API. In short, I'd like to do everything I can do with the console with the API.
Thank you so much for your responsiveness, it means a lot!