By default, whenever any of the components of Novell Storage Manager 3.1.1 for Active Directory are installed on a computer in a domain, the NSMProxyRights universal security group is granted membership in that domain's Administrators built-in security group. This grants the product all of the necessary permissions to read and write attribute values on objects in the domain. This also eliminates the need for the
privilege to be granted to the NSMProxyRights group on each domain controller in the domain.By default, whenever any of the components of Novell Storage Manager 3.1.1 for Active Directory are installed on a member server in a domain, NSMProxyRights is granted membership in the built-in Administrators group on the member server.
On other servers in the domain that are hosting user or collaborative storage managed by Novell Storage Manager 3.1.1 for Active Directory, you must also grant NSMProxyRights group membership in the built-in Administrators group. This is necessary because there are many storage management actions performed that require membership in this group regardless of the LSA privileges that the user has been granted—in particular, managing file shares and directory quotas.
Additionally, the other servers in the domain that are not hosting components, but are hosting user or collaborative storage, must have the rights and privileges described in the table above, along with some file share and NTFS permissions. The easiest way of granting these rights and privileges is through Group Policy objects in Active Directory.
As explained in Setting Rights and Privileges on Managed Storage
and of the Novell Storage Manager 3.1.1 for Active Directory Installation Guide, you must grant Full Control sharing and security privileges to the NSMProxyRights group for each share that Novell Storage Manager 3.1.1 for Active Directory will manage.