I've written an app that compresses then sends backup files to a remote destination via SFTP. It is written in .net4/C#.
I'd like to make an entry in the Windows scheduler to run this app at x o'clock every day.
I would like advice concerning how best to set up this schedule (especially with regards to the account that it runs under). The scheduler allows the scheduled task to be run under any user/group, right? So, if I'm not mistaken, I need to set up a really locked down account for it to run under and pass the credentials to the scheduler.
Ideally, I would like it to run in an environment where it has only got read/write access to the folder that requires backing up, and access to the network. I'd like everything else locked down. How might I go about setting up the schedule/user account to accomplish this?
The best way to do this is to make a local account on each box that has the same username. Make it a default user. Then, you're going to go modify permissions on the destination folder. You'll want to set the following: Stop inheritance, delete everything except 'system' and 'owner', then add: your regular user account (and permissions), the account built to run the task( read/write only), and save.
Then when you setup the scheduled task, you simply set that task to run under the user specified. By creating a new folder, and stopping the inheritance of permissions, you can create a location specialized for exactly this.