Duplicati

T wrote:
[...]
"OAuth2 (gmail, yahoo)".

Yes, you can disable it on gMail and Yahoo, but the ass holes
keep sending out robo eMail telling the user to "Turn off
untrusted apps" and it "scares" the users, so they eventually
turn it off, despite what I say, and it breaks those clients
not using AOuth2.

For Gmail, you can get around this problem by using an App Password
instead of OAuth2.

For how to do this, see Ralph Fox' 09SEP2018 post "Google screwed up
my Gmail acct in Thunderbird" in alt.windows7.general:


or
Message-ID:
or
http://al.howardknight.net/msgid.cgi?STYPE=msgid&A=0&MSGI=%3C0ud8pd5m6ler41kl %3E
or
Get a *real* newsreader! :-)

Ralph's post talks about POP (which I needed), but it's also
applicable to SMTP (which you need).

FWIW, I've no such problems with Yahoo, but I only POP from them, i.e.
no SMTP.

N.B. Thanks Ralph!

On 6/27/19 11:54 AM, T wrote:
On 6/26/19 9:47 PM, VanguardLH wrote:
Aren't the one still using the
8-year unsupported Cobian backup software?

Yup.Â* And I am looking for an alternative again.Â* Must be

1) open source

2) have plain backups able to be read by any reader

3) eMail reports OAuth2 would be a plus

4) pre and post events.



And I almost forgot, but

5) support Volume Shadow copy.

Some still don't. What a joke!

On 6/27/19 12:56 PM, Paul wrote:
T wrote:
On 6/27/19 11:54 AM, T wrote:
On 6/26/19 9:47 PM, VanguardLH wrote:
Aren't the one still using the
8-year unsupported Cobian backup software?

Yup.Â* And I am looking for an alternative again.Â* Must be

1) open source

2) have plain backups able to be read by any reader

3) eMail reports OAuth2 would be a plus

4) pre and post events.



I keep thinking I might have to break down and write this myself.
I really, really do not want to start that kind of project!
I just do not have the time


"A bottomless hole opens and swallows Todd"

It's a good thing you stepped around that hole like that.

Â*Â* Paul

That pretty much describes writing it myself!

On 6/27/19 1:14 PM, Frank Slootweg wrote:

If I were you, I would just continue to use Cobian Backup till it
breaks. (I sure will do so for our systems.)

That is what I am doing. The OAuth2 problem is starting
to become a pain in the ass.

As to your requirements:

1) open source

Should be irrelevant. Most other software your customer and you use
isn't open source either. (N.B. I've been doing Unix/UNIX/unix since
nearly four decades, but I'm no open source zealot (nor a free software
one).)

It is not. Open Source keeps old version around for you
if you need them. Paid softwaree only keep a certain amount
around and want you to upgrade. So you pay them and upgrade,
and guess what, your old version is too old and you lost
everything. But, wait for a fee, you can send it to them
and they will recover it for you. It is a scam.

Commercial backups are a lock in to use their services.
Not funny when disaster strikes.

Open source also typically is driven by need, not by what
locks you into paying for services.


3) eMail reports OAuth2 would be a plus

Gmail alternative solution described in my other response.

True. But you are not walking in my shoes. It does not
matter what I tell the custom, when they get those
constant eMailing to turn off less secure apps, the
eventually do.

Now, that means they don't get their eMail reports. BUT
SINCE WHEN DO THEY READ THEM ANYWAY. I have to Cc myself
on everything and check them for them.



2) and 4) are of course covered by Cobian Backup.

BTW, is the backup device always on/connected? If so, then why don't
you just use File History and be done with it? It wouldn't have 3) and
4), but there would be no need for those.


You are thinking of a fully functioning machine. Think hard drive
as paper weight.

On 6/27/19 1:14 PM, Frank Slootweg wrote:
T wrote:
[...]
"OAuth2 (gmail, yahoo)".

Yes, you can disable it on gMail and Yahoo, but the ass holes
keep sending out robo eMail telling the user to "Turn off
untrusted apps" and it "scares" the users, so they eventually
turn it off, despite what I say, and it breaks those clients
not using AOuth2.

For Gmail, you can get around this problem by using an App Password
instead of OAuth2.

For how to do this, see Ralph Fox' 09SEP2018 post "Google screwed up
my Gmail acct in Thunderbird" in alt.windows7.general:


or
Message-ID:
or
http://al.howardknight.net/msgid.cgi?STYPE=msgid&A=0&MSGI=%3C0ud8pd5m6ler41kl %3E
or
Get a *real* newsreader! :-)

Ralph's post talks about POP (which I needed), but it's also
applicable to SMTP (which you need).

FWIW, I've no such problems with Yahoo, but I only POP from them, i.e.
no SMTP.

N.B. Thanks Ralph!


Yes exactly, until the customer gets one too many turn off
less secure apps and then it comes down around your ears.
They lose their tape reports, but WHEN DO THEY EVER CHECK
THEM ANYWAY!

T wrote:

T wrote:

VanguardLH wrote:

Aren't [you] the one still using the 8-year unsupported Cobian
backup software?

Yup.* And I am looking for an alternative again.* Must be

1) open source
2) have plain backups able to be read by any reader
3) eMail reports OAuth2 would be a plus
4) pre and post events.

5) support Volume Shadow copy.

So, let's see what I can do with non-OSS software that you are spending
more time trying to figure out than deploy and would've had running a
long time ago for your customers ...

_ SyncbackFree _

- It is oriented to file backups which is what you want. No image
backups.
- Can do mirroring or one-way backups.
- Compress the backups into a .zip file.
o Each file can be saved in its own .zip file.
o Or you can have all files in the sync job stored in the same .zip
file.
o Free version only uses PKZIP passwording (weak), not AES256, but
this was not part of your criteria.
- Set priority level separately for when you run it versus when the job
runs when scheduled.
o I run at normal priority for when I manually start it. I want it to
start now and end soon.
o I run at lower priority for when it is scheduled to run because
other programs might be running then, and I'm not sitting at the
computer waiting for the job to complete, so it can take longer.
- Stop Windows from going into sleep mode while a job runs.
- Supports FTP (and obviously mapped drives). Stay away from
non-enterprise cloud setups, in your case.
- Looks to support shares.
- Supports NAS.
- Works with Task Scheduler. Once you schedule a backup, you can go
into Task Scheduler to tweak the scheduled event even further. There
are more options in a Task Scheduler event than most programs ever
take advantage of.
- Uses a neat trick to detect ransomware corruption: you put a bait file
in a common location that ransomware attacks, like the My Documents
folder. If SyncBack cannot find or read the folder, it pre-aborts the
sync/backup, so you aren't saving corrupted files atop your old
backups. You want your untouched backup copies to restore from.
- No cloud storage support, but you don't want that, anyway.
- Supports OAUTH2 to send e-mails for job status.
- No licensing limit. Install on however many hosts you want (payware
version has 5 devices for home and 1 device for work limits).
- Runs on Windows Vista, 7, 8, and 10.
- Uses a hashing compare method to determine if the same-named
same-pathed file has changed between source and destination folders.
Better but slower than relying on the timestamp or checking file
sizes. I'm sure they first check the timestamp and, if the same,
compare the hashes.
- Sync/Backup jobs grouped together can be ran concurrently or
sequentially. Sequentially eliminates any conflicts on file access
and doesn't flood as much the data bus, drives, or network.
- File integrity checking, but makes the job take longer.
- The free version doesn't have VSS, so, for example, it won't copy any
inuse or locked files which could include the e-mail client's local
database (e.g., .pst file for Outlook). However, they should already
be off POP3 and have moved to IMAP4, and the IMAP server constitutes
their backup. If they reinstall their IMAP client after a new OS
install or change to a different one, all their e-mails are still
sitting on the IMAP server to sync to the new IMAP client. If any of
your customers are running SQL[ite] databases, none of the free or
cheap programs are going to correctly back those up. You need backup
software designed to quiesce the dabatase after merging any pending
record changes. A purge of delete-flagged records would make the DB
file smaller to reduce bandwidth and copy time for backing up the DB
file.
- Does not support VSS. But with the pre-command that runs before the
sync/backup job, you can create your own shadow copy.

Can't tell if their freeware version support pre- and post-commands (to
run before and after a sync/backup). Not sure even after reading their
help. Mentions SyncBackLite in their help for the pre- and post-command
feature. SyncBackLite wasn't free (think it cost ~$20). They dropped
that edition, so now you can get Free, SE, or Pro editions. Even it not
included, once you schedule a sync/backup job, it uses Task Scheduler.
So you could copy the command it runs and replace the event's command
line with your own batch file to run the pre- and post commands around
their command you paste into the batch file. I use Macrium Reflect Home
which also uses Task Scheduler (no need to waste memory and CPU cycles
on another program scheduler), and I even use that scheme to modify the
batch file it creates for a backup job.

If the Free edition doesn't have pre- and post-commands to enhance
SyncBack, like creating shadow copies, you might just forego SyncBack
and use robocopy already bundled in Windows. robocopy doesn't support
VSS, either, but there are plenty of online articles guiding you through
the process to create a shadow copy and then use robocopy to save copies
of the files within.

https://blogs.msdn.microsoft.com/adi...-command-line/


_SyncBackSE (in addition to the features in SyncBackFree)_

- Add incremental/delta and differential backups which are obviously a
lot faster than full backups each time.
- Supports VSS. Not enabled by default when you define a job (aka
profile). When configuring the job, you turn it on. If you won't be
copying any inuse/locked files, it just a wasted overhead.
- In addition to the Windows platforms, runs on macOS, Android, and
Linux.
o You're posting in a Windows 10 newsgroup. No idea if your
"customers" use other OS platforms.
- Sends e-mail logs via SSL/TLS (in addition to job status).
o Don't use Gmail's SMTP server if Google doesn't like Syncback as the
MUA, or:
* Disable the "insecure" option in Gmail.
* The SMTP server used by SyncBack does NOT have to be the same
e-mail provider as to whom the logs get sent. Whatever e-mail
clients your customers are using now will work just fine to get
the e-mails from SyncBack. Only if SyncBack itself has a problem
with Gmail means disabling the "insecure option" or just go to a
different free e-mail provider. There are lots of them.
o As noted for the free version, OAUTH2 is supported. I'd still
disable the "insecure" option in Gmail, though.
o Compress the e-mailed logs to reduce impact on recipient's disk
quotas and reduce transport time.
- Monitor the profiles (jobs or groups of them) using an app on an
Android phone. No need to want for e-mailing of logs.
- Stronger AES256 encryption of .zip archives.
- SecureZip: not only are the files encrypted in the .zip file but so
are their filenames and folders. An intruder can't read the files but
the file hierarchy could reveal information.
- If you use NTFS file encryption, you have the option to backup/sync
those files in non-encrypted format. No worries about assigned a
secondary agent in case a user forgets the Windows login credentials.
- Job resumes after a lost connection (just errors in the free version).
- Real-time backup/sync when files or folders change. Instead of
getting snapshots of files at the granularity of of the scheduled
backup/sync jobs, you can immediately capture changed files.
- Job auto-starts upon insertion of device (e.g., USB drive).
o When the user inserts, say, a USB drive used for data-only backups,
a profile (job) will auto-start; i.e., you put the backup media into
a USB port and the job starts without you having to start it or wait
for a scheduled job to start.
- File Versioning.
o I want this one and may upgrade to get it.
o I've tried File History in Windows 10. Sucks.
* Forces backup of "special" folders (Documents, Pics, Music, Video,
etc) even if you don't want to include those (because your saving
them using something else).
* Misses some files. In my tests, when I finally got it working, it
still missed a file. Doesn't sound bad unless that's the critical
file that changed for which you need an old copy.
o SyncBack's File Versioning replaces Windows' File History.
o Renames the saved files using datestamping in their filename.
Easy to discern which day a file was copied.
o File History uses a tree hierarchy that's tough to figure out (but
I did and without documentation).
- Allows regex which can better define just what files are to be
included in a sync job.
- You can list programs that must be closed (requested to terminate)
before a job begins; e.g., getting Outlook to exit, so its .pst file
can get backed up. If locked/inuse files are due to programs having
them open at the time of a sync job, this tries to close them.


Sorry, but I do not believe a *company* cannot afford in their operating
costs the $40 for SyncBackSE or $55 for SyncbackPro or other payware to
protect their business. Unless these businesses are out in the field
harvesting crops by hand, losing data means losing their business. If
they're that cheap, they are NOT a business, and instead you're
supporting a bunch of independent home users (and even those users
manage to afford those prices if they really care about their data).

Also, seems this much of your criteria is just YOUR criteria, not that
of your customers'. Plus, your criteria never dictated the solution had
to be free. If I can afford $40 for my personal use of SyncbackSE (in
addition to backup payware) then your /*business*/ customers that are
paying you for tech support can also afford it. Back 20-30 years ago,
anyone saying they couldn't afford business cards or a separate phone
line just for business was NOT running a real business. They were
tinkering. There's something *fishy* about companies that cannot afford
even personal-use priced backup software. There are costs to running a
business.

Products don't self-destruct when support for them ends. This isn't
Mission Impossible. The products do not expire. Support expires. You
can continue to use them indefinitely, just like you have with Cobian.

SyncBack is foremost a mirroring or synchronization tool, and that's how
I've used it. To make into a backup program where several old copies of
files are retained, I'd have to do that in a post-command defined for
the job. However, the File Versionig feature in the $40 SE edition
would replace Windows' File History with something that works and
provides a decent backup solution.

As for OSS staying around forever, you know that's not true. Someone
has to host the product and its files on their dime. People die, get
disinterested, move, move on to new projects, so their OSS product dies,
too. Someone else has to take up the banner, and that doesn't always
happen. Look at all the donationware that disappears because
freeloaders never helped defray the costs.

Open source is not some magic bullet against malicious content. Other
than TrueCrypt, when was the last time you heard of an *independent*
technically capable research group doing code analysis on any of the OSS
products you use? When did Corbian ever get audited? Just because it's
open doesn't mean anyone outside the dev team ever looks inside. That
it can be audited doesn't mean it ever is.

Just so you don't think I'm some fanboy for SyncBack, there is also
FreeFileSync. I found it more clumsy to use. I just felt always
uncomfortable with it, and never quite sure if it was going to do what I
wanted or thought it to do. SyncBack will let you run a simulated run,
so you can see what would happen. I like saving money, too, but am not
averse to paying for something I can get working right. FreeFileSync
says it supports VSS, File Versioning, and RealTimeSync (to catch
files/folders as they change) which are all features in the payware
edition of SyncBackSE (not in its freeware edition). You could roll
your own solution around FreeFileSync. Same for robocopy, but it does
not support VSS, so you'll need to use batch commands to create a shadow
copy, use robocopy, and discard the shadow copy. FreeFileSync's manual
is only online, and no way to search through it, so I couldn't tell if
it supports .zip or whatever archive format to compress the backup files
at the destination folder. Nothing in their release history
(https://freefilesync.org/archive.php) mentions saving to .zip files.
However, since it has a CLI (command-line interface), you could use a
batch file to run FreeFileSync and follow with a zip archiver tool to
compress those backup copies.

If you use robocopy, make damn sure to severely lower its retry count on
failure. The default is one million retries (with a default retry
interval of 5 seconds) which robocopy will wait over a hundred years
trying to read or copy a file that always fails.

With your criteria, and I'm presuming "free" was omitted but is a
criteria, looks like you'll have to roll your own. Software used by a
business should be paid by the business, not you. If Cobian is failing
their expectation, they really cannot afford $40 to $55 for payware to
safeguard their data? If they don't care to pay, why are they even
considering deploying any backup strategy? Something fishy here.

Frank Slootweg wrote:

For Gmail, you can get around this problem by using an App Password
instead of OAuth2.

I just found:

https://support.google.com/mail/answer/185833?hl=en

If T thinks OAUTH2 improves on security and privacy, that is NOT what it
does. He should watch the Vimeo video by Hammer where he's disgusted
with what became of his offspring.

T wrote:

Frank Slootweg wrote:

T wrote:

Yes, you can disable it on gMail and Yahoo, but the ass holes keep
sending out robo eMail telling the user to "Turn off untrusted
apps" and it "scares" the users, so they eventually turn it off,
despite what I say, and it breaks those clients not using AOuth2.

For Gmail, you can get around this problem by using an App Password
instead of OAuth2.

Yes exactly, until the customer gets one too many turn off less
secure apps and then it comes down around your ears. They lose their
tape reports, but WHEN DO THEY EVER CHECK THEM ANYWAY!

If they are using an app password, why would there be such e-mails? The
app password takes the place of the OAUTH2 token. While OAUTH2 tokens
expire and have to get regenerated, app passwords do not.

Have you really ever seen these Gmail alert e-mails about the client
being insecure? Or is it something you read about in old online
articles? Are you maybe confusing their ¡Suspicious sign in prevented¢
email or conflating it with the 'insecure app' e-mail? There are other
alert alert message, so I used the following server-side rule in my
Gmail account:

Matches: from"New sign-in from"
OR "Security Alert")
Do this: Mark as read, Delete it

I could probably delete the subject conditional and just test on the
from header. That sender is always for those robo alerts.

Those are when Google thinks someone else logged into their Gmail
account. That's tied into some fingerprinting of your host to see when
some other host tries to gain access. When I travel and use my netbook,
a friends laptop, or the resort's computers, yep, I get those.
Everytime I configure another e-mail client to connect to my Gmail
account, I get a security alert e-mail. There's no user-configurable
option in the account to unsubscribe from these alerts. The only way to
unsubscribe is to filter out.

You sure these customers that you paint as morons are falling for phish
e-mails? Might be time to have these low-brows go into their Gmail
account and check on activity to ensure it's their own.

VanguardLH wrote:

If T thinks OAUTH2 improves on security and privacy, that is NOT what it
does. He should watch the Vimeo video by Hammer where he's disgusted
with what became of his offspring.

Linky?

searching vimeo for "oauth2 hammer" turns up no needles, searching for
just "oauth2" or just "hammer" turns up too many haystacks.

T wrote:
On 6/27/19 1:14 PM, Frank Slootweg wrote:

If I were you, I would just continue to use Cobian Backup till it
breaks. (I sure will do so for our systems.)

That is what I am doing. The OAuth2 problem is starting
to become a pain in the ass.

As I described in my other response, there is no such thing as "The
OAuth2 problem", at least not for Gmail. I will respond to your response
in that subthread. See also VanguardLH's response on the same issue.

As to your requirements:

1) open source

Should be irrelevant. Most other software your customer and you use
isn't open source either. (N.B. I've been doing Unix/UNIX/unix since
nearly four decades, but I'm no open source zealot (nor a free software
one).)

It is not. Open Source keeps old version around for you
if you need them. Paid softwaree only keep a certain amount
around and want you to upgrade. So you pay them and upgrade,
and guess what, your old version is too old and you lost
everything. But, wait for a fee, you can send it to them
and they will recover it for you. It is a scam.

Commercial backups are a lock in to use their services.
Not funny when disaster strikes.

Open source also typically is driven by need, not by what
locks you into paying for services.

The opposite of open source is closed source, not paid software. That
closed source *may* be paid software, but it can also be freeware (such
as Cobian Backup). (And then there is the case of paid open source
software.)

In any case, the whole point is moot, because 1) you are free to keep
using old copies and 2) your *own* requirement is

2) have plain backups able to be read by any reader

so there *cannot* be a case of "you lost everything".

3) eMail reports OAuth2 would be a plus

Gmail alternative solution described in my other response.

True. But you are not walking in my shoes. It does not
matter what I tell the custom, when they get those
constant eMailing to turn off less secure apps, the
eventually do.

False. See my response in the other subthread.

Now, that means they don't get their eMail reports. BUT
SINCE WHEN DO THEY READ THEM ANYWAY. I have to Cc myself
on everything and check them for them.

2) and 4) are of course covered by Cobian Backup.

BTW, is the backup device always on/connected? If so, then why don't
you just use File History and be done with it? It wouldn't have 3) and
4), but there would be no need for those.

You are thinking of a fully functioning machine. Think hard drive
as paper weight.

Just answer the question please. I assume you have the common sense to
backup to *another* disk (than the main/normal/whatever disk). Even if
that backup disk is in the same computer (not so smart), it won't be a
"paper weight" if the computer or/and main disk goes down.

T wrote:
On 6/27/19 1:14 PM, Frank Slootweg wrote:
T wrote:
[...]
"OAuth2 (gmail, yahoo)".

Yes, you can disable it on gMail and Yahoo, but the ass holes
keep sending out robo eMail telling the user to "Turn off
untrusted apps" and it "scares" the users, so they eventually
turn it off, despite what I say, and it breaks those clients
not using AOuth2.

For Gmail, you can get around this problem by using an App Password
instead of OAuth2.

For how to do this, see Ralph Fox' 09SEP2018 post "Google screwed up
my Gmail acct in Thunderbird" in alt.windows7.general:


or
Message-ID:
or
http://al.howardknight.net/msgid.cgi?STYPE=msgid&A=0&MSGI=%3C0ud8pd5m6ler41kl %3E
or
Get a *real* newsreader! :-)

Ralph's post talks about POP (which I needed), but it's also
applicable to SMTP (which you need).

FWIW, I've no such problems with Yahoo, but I only POP from them, i.e.
no SMTP.

N.B. Thanks Ralph!

Yes exactly, until the customer gets one too many turn off
less secure apps and then it comes down around your ears.
They lose their tape reports, but WHEN DO THEY EVER CHECK
THEM ANYWAY!

False. There won't be any "turn off less secure apps" messages,
because Gmail/Google considers App Passwords as secure as OAuth2.

Ralph's post clearly says:

RF An app password gives you two advantages
RF 1. You can turn off "allow less secure apps";

So don't reject advice before even reading it, let alone trying it.

On 6/28/19 6:14 AM, Frank Slootweg wrote:
T wrote:
On 6/27/19 1:14 PM, Frank Slootweg wrote:

If I were you, I would just continue to use Cobian Backup till it
breaks. (I sure will do so for our systems.)

That is what I am doing. The OAuth2 problem is starting
to become a pain in the ass.

As I described in my other response, there is no such thing as "The
OAuth2 problem", at least not for Gmail. I will respond to your response
in that subthread. See also VanguardLH's response on the same issue.

As to your requirements:

1) open source

Should be irrelevant. Most other software your customer and you use
isn't open source either. (N.B. I've been doing Unix/UNIX/unix since
nearly four decades, but I'm no open source zealot (nor a free software
one).)

It is not. Open Source keeps old version around for you
if you need them. Paid softwaree only keep a certain amount
around and want you to upgrade. So you pay them and upgrade,
and guess what, your old version is too old and you lost
everything. But, wait for a fee, you can send it to them
and they will recover it for you. It is a scam.

Commercial backups are a lock in to use their services.
Not funny when disaster strikes.

Open source also typically is driven by need, not by what
locks you into paying for services.

The opposite of open source is closed source, not paid software. That
closed source *may* be paid software, but it can also be freeware (such
as Cobian Backup). (And then there is the case of paid open source
software.)

In any case, the whole point is moot, because 1) you are free to keep
using old copies and 2) your *own* requirement is

2) have plain backups able to be read by any reader

so there *cannot* be a case of "you lost everything".

3) eMail reports OAuth2 would be a plus

Gmail alternative solution described in my other response.

True. But you are not walking in my shoes. It does not
matter what I tell the custom, when they get those
constant eMailing to turn off less secure apps, the
eventually do.

False. See my response in the other subthread.

Now, that means they don't get their eMail reports. BUT
SINCE WHEN DO THEY READ THEM ANYWAY. I have to Cc myself
on everything and check them for them.

2) and 4) are of course covered by Cobian Backup.

BTW, is the backup device always on/connected? If so, then why don't
you just use File History and be done with it? It wouldn't have 3) and
4), but there would be no need for those.

You are thinking of a fully functioning machine. Think hard drive
as paper weight.

Just answer the question please. I assume you have the common sense to
backup to *another* disk (than the main/normal/whatever disk). Even if
that backup disk is in the same computer (not so smart), it won't be a
"paper weight" if the computer or/and main disk goes down.


Frank,

I am not sure here we stand on this. I do believe this
was answered on other conversations. And yes, I am not stupid enough
not to use separate media.

-T

On 6/27/19 7:15 PM, VanguardLH wrote:
T wrote:

T wrote:

VanguardLH wrote:

Aren't [you] the one still using the 8-year unsupported Cobian
backup software?

Yup.Â* And I am looking for an alternative again.Â* Must be

1) open source
2) have plain backups able to be read by any reader
3) eMail reports OAuth2 would be a plus
4) pre and post events.

5) support Volume Shadow copy.

So, let's see what I can do with non-OSS software that you are spending
more time trying to figure out than deploy and would've had running a
long time ago for your customers ...

_ SyncbackFree _

- It is oriented to file backups which is what you want. No image
backups.
- Can do mirroring or one-way backups.
- Compress the backups into a .zip file.
o Each file can be saved in its own .zip file.
o Or you can have all files in the sync job stored in the same .zip
file.
o Free version only uses PKZIP passwording (weak), not AES256, but
this was not part of your criteria.
- Set priority level separately for when you run it versus when the job
runs when scheduled.
o I run at normal priority for when I manually start it. I want it to
start now and end soon.
o I run at lower priority for when it is scheduled to run because
other programs might be running then, and I'm not sitting at the
computer waiting for the job to complete, so it can take longer.
- Stop Windows from going into sleep mode while a job runs.
- Supports FTP (and obviously mapped drives). Stay away from
non-enterprise cloud setups, in your case.
- Looks to support shares.
- Supports NAS.
- Works with Task Scheduler. Once you schedule a backup, you can go
into Task Scheduler to tweak the scheduled event even further. There
are more options in a Task Scheduler event than most programs ever
take advantage of.
- Uses a neat trick to detect ransomware corruption: you put a bait file
in a common location that ransomware attacks, like the My Documents
folder. If SyncBack cannot find or read the folder, it pre-aborts the
sync/backup, so you aren't saving corrupted files atop your old
backups. You want your untouched backup copies to restore from.
- No cloud storage support, but you don't want that, anyway.
- Supports OAUTH2 to send e-mails for job status.
- No licensing limit. Install on however many hosts you want (payware
version has 5 devices for home and 1 device for work limits).
- Runs on Windows Vista, 7, 8, and 10.
- Uses a hashing compare method to determine if the same-named
same-pathed file has changed between source and destination folders.
Better but slower than relying on the timestamp or checking file
sizes. I'm sure they first check the timestamp and, if the same,
compare the hashes.
- Sync/Backup jobs grouped together can be ran concurrently or
sequentially. Sequentially eliminates any conflicts on file access
and doesn't flood as much the data bus, drives, or network.
- File integrity checking, but makes the job take longer.
- The free version doesn't have VSS, so, for example, it won't copy any
inuse or locked files which could include the e-mail client's local
database (e.g., .pst file for Outlook). However, they should already
be off POP3 and have moved to IMAP4, and the IMAP server constitutes
their backup. If they reinstall their IMAP client after a new OS
install or change to a different one, all their e-mails are still
sitting on the IMAP server to sync to the new IMAP client. If any of
your customers are running SQL[ite] databases, none of the free or
cheap programs are going to correctly back those up. You need backup
software designed to quiesce the dabatase after merging any pending
record changes. A purge of delete-flagged records would make the DB
file smaller to reduce bandwidth and copy time for backing up the DB
file.
- Does not support VSS. But with the pre-command that runs before the
sync/backup job, you can create your own shadow copy.

Can't tell if their freeware version support pre- and post-commands (to
run before and after a sync/backup). Not sure even after reading their
help. Mentions SyncBackLite in their help for the pre- and post-command
feature. SyncBackLite wasn't free (think it cost ~$20). They dropped
that edition, so now you can get Free, SE, or Pro editions. Even it not
included, once you schedule a sync/backup job, it uses Task Scheduler.
So you could copy the command it runs and replace the event's command
line with your own batch file to run the pre- and post commands around
their command you paste into the batch file. I use Macrium Reflect Home
which also uses Task Scheduler (no need to waste memory and CPU cycles
on another program scheduler), and I even use that scheme to modify the
batch file it creates for a backup job.

If the Free edition doesn't have pre- and post-commands to enhance
SyncBack, like creating shadow copies, you might just forego SyncBack
and use robocopy already bundled in Windows. robocopy doesn't support
VSS, either, but there are plenty of online articles guiding you through
the process to create a shadow copy and then use robocopy to save copies
of the files within.

https://blogs.msdn.microsoft.com/adi...-command-line/


_SyncBackSE (in addition to the features in SyncBackFree)_

- Add incremental/delta and differential backups which are obviously a
lot faster than full backups each time.
- Supports VSS. Not enabled by default when you define a job (aka
profile). When configuring the job, you turn it on. If you won't be
copying any inuse/locked files, it just a wasted overhead.
- In addition to the Windows platforms, runs on macOS, Android, and
Linux.
o You're posting in a Windows 10 newsgroup. No idea if your
"customers" use other OS platforms.
- Sends e-mail logs via SSL/TLS (in addition to job status).
o Don't use Gmail's SMTP server if Google doesn't like Syncback as the
MUA, or:
* Disable the "insecure" option in Gmail.
* The SMTP server used by SyncBack does NOT have to be the same
e-mail provider as to whom the logs get sent. Whatever e-mail
clients your customers are using now will work just fine to get
the e-mails from SyncBack. Only if SyncBack itself has a problem
with Gmail means disabling the "insecure option" or just go to a
different free e-mail provider. There are lots of them.
o As noted for the free version, OAUTH2 is supported. I'd still
disable the "insecure" option in Gmail, though.
o Compress the e-mailed logs to reduce impact on recipient's disk
quotas and reduce transport time.
- Monitor the profiles (jobs or groups of them) using an app on an
Android phone. No need to want for e-mailing of logs.
- Stronger AES256 encryption of .zip archives.
- SecureZip: not only are the files encrypted in the .zip file but so
are their filenames and folders. An intruder can't read the files but
the file hierarchy could reveal information.
- If you use NTFS file encryption, you have the option to backup/sync
those files in non-encrypted format. No worries about assigned a
secondary agent in case a user forgets the Windows login credentials.
- Job resumes after a lost connection (just errors in the free version).
- Real-time backup/sync when files or folders change. Instead of
getting snapshots of files at the granularity of of the scheduled
backup/sync jobs, you can immediately capture changed files.
- Job auto-starts upon insertion of device (e.g., USB drive).
o When the user inserts, say, a USB drive used for data-only backups,
a profile (job) will auto-start; i.e., you put the backup media into
a USB port and the job starts without you having to start it or wait
for a scheduled job to start.
- File Versioning.
o I want this one and may upgrade to get it.
o I've tried File History in Windows 10. Sucks.
* Forces backup of "special" folders (Documents, Pics, Music, Video,
etc) even if you don't want to include those (because your saving
them using something else).
* Misses some files. In my tests, when I finally got it working, it
still missed a file. Doesn't sound bad unless that's the critical
file that changed for which you need an old copy.
o SyncBack's File Versioning replaces Windows' File History.
o Renames the saved files using datestamping in their filename.
Easy to discern which day a file was copied.
o File History uses a tree hierarchy that's tough to figure out (but
I did and without documentation).
- Allows regex which can better define just what files are to be
included in a sync job.
- You can list programs that must be closed (requested to terminate)
before a job begins; e.g., getting Outlook to exit, so its .pst file
can get backed up. If locked/inuse files are due to programs having
them open at the time of a sync job, this tries to close them.


Sorry, but I do not believe a *company* cannot afford in their operating
costs the $40 for SyncBackSE or $55 for SyncbackPro or other payware to
protect their business. Unless these businesses are out in the field
harvesting crops by hand, losing data means losing their business. If
they're that cheap, they are NOT a business, and instead you're
supporting a bunch of independent home users (and even those users
manage to afford those prices if they really care about their data).

Also, seems this much of your criteria is just YOUR criteria, not that
of your customers'. Plus, your criteria never dictated the solution had
to be free. If I can afford $40 for my personal use of SyncbackSE (in
addition to backup payware) then your /*business*/ customers that are
paying you for tech support can also afford it. Back 20-30 years ago,
anyone saying they couldn't afford business cards or a separate phone
line just for business was NOT running a real business. They were
tinkering. There's something *fishy* about companies that cannot afford
even personal-use priced backup software. There are costs to running a
business.

Products don't self-destruct when support for them ends. This isn't
Mission Impossible. The products do not expire. Support expires. You
can continue to use them indefinitely, just like you have with Cobian.

SyncBack is foremost a mirroring or synchronization tool, and that's how
I've used it. To make into a backup program where several old copies of
files are retained, I'd have to do that in a post-command defined for
the job. However, the File Versionig feature in the $40 SE edition
would replace Windows' File History with something that works and
provides a decent backup solution.

As for OSS staying around forever, you know that's not true. Someone
has to host the product and its files on their dime. People die, get
disinterested, move, move on to new projects, so their OSS product dies,
too. Someone else has to take up the banner, and that doesn't always
happen. Look at all the donationware that disappears because
freeloaders never helped defray the costs.

Open source is not some magic bullet against malicious content. Other
than TrueCrypt, when was the last time you heard of an *independent*
technically capable research group doing code analysis on any of the OSS
products you use? When did Corbian ever get audited? Just because it's
open doesn't mean anyone outside the dev team ever looks inside. That
it can be audited doesn't mean it ever is.

Just so you don't think I'm some fanboy for SyncBack, there is also
FreeFileSync. I found it more clumsy to use. I just felt always
uncomfortable with it, and never quite sure if it was going to do what I
wanted or thought it to do. SyncBack will let you run a simulated run,
so you can see what would happen. I like saving money, too, but am not
averse to paying for something I can get working right. FreeFileSync
says it supports VSS, File Versioning, and RealTimeSync (to catch
files/folders as they change) which are all features in the payware
edition of SyncBackSE (not in its freeware edition). You could roll
your own solution around FreeFileSync. Same for robocopy, but it does
not support VSS, so you'll need to use batch commands to create a shadow
copy, use robocopy, and discard the shadow copy. FreeFileSync's manual
is only online, and no way to search through it, so I couldn't tell if
it supports .zip or whatever archive format to compress the backup files
at the destination folder. Nothing in their release history
(https://freefilesync.org/archive.php) mentions saving to .zip files.
However, since it has a CLI (command-line interface), you could use a
batch file to run FreeFileSync and follow with a zip archiver tool to
compress those backup copies.

If you use robocopy, make damn sure to severely lower its retry count on
failure. The default is one million retries (with a default retry
interval of 5 seconds) which robocopy will wait over a hundred years
trying to read or copy a file that always fails.

With your criteria, and I'm presuming "free" was omitted but is a
criteria, looks like you'll have to roll your own. Software used by a
business should be paid by the business, not you. If Cobian is failing
their expectation, they really cannot afford $40 to $55 for payware to
safeguard their data? If they don't care to pay, why are they even
considering deploying any backup strategy? Something fishy here.



Thank you! That was a LOT of work. I will tag this
and read over it very slowly.

-T

On 6/27/19 7:31 PM, VanguardLH wrote:
T wrote:

Frank Slootweg wrote:

T wrote:

Yes, you can disable it on gMail and Yahoo, but the ass holes keep
sending out robo eMail telling the user to "Turn off untrusted
apps" and it "scares" the users, so they eventually turn it off,
despite what I say, and it breaks those clients not using AOuth2.

For Gmail, you can get around this problem by using an App Password
instead of OAuth2.

Yes exactly, until the customer gets one too many turn off less
secure apps and then it comes down around your ears. They lose their
tape reports, but WHEN DO THEY EVER CHECK THEM ANYWAY!

If they are using an app password, why would there be such e-mails? The
app password takes the place of the OAUTH2 token. While OAUTH2 tokens
expire and have to get regenerated, app passwords do not.

Have you really ever seen these Gmail alert e-mails about the client
being insecure? Or is it something you read about in old online
articles? Are you maybe confusing their ‘Suspicious sign in prevented’
email or conflating it with the 'insecure app' e-mail? There are other
alert alert message, so I used the following server-side rule in my
Gmail account:

Matches: from"New sign-in from"
OR "Security Alert")
Do this: Mark as read, Delete it

I can't control what platform they use to read their eMail. Often
times I set them up to whatever platform they want, then find them
months later on some tother platform.

A lot of ties I don't ever have any idea that they have started
reading the gMail on their phones.

They just automatically delete teir eMail reports as if it was spam.
Seems to me thye need to stick their hands in the fire a few times ...


I could probably delete the subject conditional and just test on the
from header. That sender is always for those robo alerts.

Those are when Google thinks someone else logged into their Gmail
account. That's tied into some fingerprinting of your host to see when
some other host tries to gain access. When I travel and use my netbook,
a friends laptop, or the resort's computers, yep, I get those.
Everytime I configure another e-mail client to connect to my Gmail
account, I get a security alert e-mail. There's no user-configurable
option in the account to unsubscribe from these alerts. The only way to
unsubscribe is to filter out.

You sure these customers that you paint as morons are falling for phish
e-mails? Might be time to have these low-brows go into their Gmail
account and check on activity to ensure it's their own.


You know, it just occurred to me that I should create a new gMail
account to send out backup reports. If the customer does not
have access to the account, or easy access the can play with,
they won't see the less secure apps s. And, since the app won't
physically move about ...

Speaking of eMail reports, I have to do four go to assists
today to check on why eMail reports have stopped. None where
reported to me by the users. Only one wrote back to me when
I asked. You see, unless they are expecting something from me,
my eMail is just marketing spam to them and they delete
my eMail without even reading it.

On 6/28/19 6:29 AM, Frank Slootweg wrote:
T wrote:
On 6/27/19 1:14 PM, Frank Slootweg wrote:
T wrote:
[...]
"OAuth2 (gmail, yahoo)".

Yes, you can disable it on gMail and Yahoo, but the ass holes
keep sending out robo eMail telling the user to "Turn off
untrusted apps" and it "scares" the users, so they eventually
turn it off, despite what I say, and it breaks those clients
not using AOuth2.

For Gmail, you can get around this problem by using an App Password
instead of OAuth2.

For how to do this, see Ralph Fox' 09SEP2018 post "Google screwed up
my Gmail acct in Thunderbird" in alt.windows7.general:


or
Message-ID:
or
http://al.howardknight.net/msgid.cgi?STYPE=msgid&A=0&MSGI=%3C0ud8pd5m6ler41kl %3E
or
Get a *real* newsreader! :-)

Ralph's post talks about POP (which I needed), but it's also
applicable to SMTP (which you need).

FWIW, I've no such problems with Yahoo, but I only POP from them, i.e.
no SMTP.

N.B. Thanks Ralph!

Yes exactly, until the customer gets one too many turn off
less secure apps and then it comes down around your ears.
They lose their tape reports, but WHEN DO THEY EVER CHECK
THEM ANYWAY!

False. There won't be any "turn off less secure apps" messages,
because Gmail/Google considers App Passwords as secure as OAuth2.


You sure about that? Hmmmmmm .... Maybe they are getting
this on their eMail reader because another "less sure app" is
accessing their SMTP server. It is best not to make
blanket statements, like "WRONG" or "False". It is rude
and does not make you any friends. This is not a fight
between us. Don't turn it into one.



Ralph's post clearly says:

RF An app password gives you two advantages
RF 1. You can turn off "allow less secure apps";

So don't reject advice before even reading it, let alone trying it.

And you somehow thought I was not turning "less secure apps on"?
That is part of the routine. Then I have to go back and do
it several more times as the user turns it back off. Maybe
you are not reading or not following?

This is about using OAuth2 so as not to have to hassle with
the user turn the stinker back off.