Dell PowerProtect Data Manager User Manual
PowerProtect Data Manager
Version 19.2
Administration and User Guide
REV 03
October 2019
Copyright © 2016-2019 Dell Inc. or its subsidiaries. All rights reserved.
Dell believes the information in this publication is accurate as of its publication date. The information is subject to change without notice.
THE INFORMATION IN THIS PUBLICATION IS PROVIDED “AS-IS.” DELL MAKES NO REPRESENTATIONS OR WARRANTIES OF ANY KIND WITH RESPECT TO THE INFORMATION IN THIS PUBLICATION, AND SPECIFICALLY DISCLAIMS IMPLIED WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE. USE, COPYING, AND DISTRIBUTION OF ANY DELL SOFTWARE DESCRIBED IN THIS PUBLICATION REQUIRES AN APPLICABLE SOFTWARE LICENSE.
Dell Technologies, Dell, EMC, Dell EMC and other trademarks are trademarks of Dell Inc. or its subsidiaries. Other trademarks may be the property of their respective owners. Published in the USA.
Dell EMC
Hopkinton, Massachusetts 01748-9103 1-508-435-1000 In North America 1-866-464-7381 www.DellEMC.com
2 |
PowerProtect Data Manager Administration and User Guide |
CONTENTS
Preface |
|
9 |
Chapter 1 |
Getting Started |
13 |
|
Introducing PowerProtect Data Manager software........................................... |
14 |
|
Accessing the PowerProtect Data Manager UI.................................................. |
14 |
|
Replacing the default PowerProtect Data Manager certificate ............ |
15 |
|
Getting Started.................................................................................... |
16 |
|
UI tools and options ............................................................................. |
16 |
Chapter 2 |
Managing Users |
19 |
|
Managing user roles and privileges ................................................................... |
20 |
|
Managing users.................................................................................... |
20 |
|
Default admin user............................................................................... |
22 |
|
Roles.................................................................................................... |
22 |
|
Privileges............................................................................................. |
25 |
|
Resetting system-generated VM Direct credentials.......................................... |
30 |
|
Managing LDAP or AD groups........................................................................... |
30 |
|
Managing keychains.......................................................................................... |
31 |
|
Add credentials..................................................................................... |
31 |
|
LDAP or AD authentication................................................................................ |
31 |
|
Configuring LDAP or AD authorities and assigning roles....................... |
31 |
|
Example: Configuring an AD authority ................................................. |
35 |
|
Example: Configuring an LDAP authority............................................. |
36 |
|
Troubleshooting LDAP configuration issues......................................... |
37 |
Chapter 3 |
Managing Storage |
39 |
|
Add protection storage .................................................................................... |
40 |
|
Overview of PowerProtect Data Manager cloud tier......................................... |
41 |
|
Add Data Domain cloud protection storage........................................... |
41 |
|
Overview of PowerProtect Data Manager Cloud Disaster Recovery.................. |
41 |
Chapter 4 |
Enabling the Microsoft Application Agent for SQL |
43 |
|
About the Microsoft application agent for SQL................................................. |
44 |
|
Microsoft SQL Server data protection and replication requirements................ |
44 |
|
Protecting a stand-alone SQL Server................................................................ |
44 |
|
Protecting SQL Server clustered environments................................................ |
45 |
|
Install and configure the Microsoft application agent for SQL Server............... |
46 |
|
Prerequisites ....................................................................................... |
46 |
|
Install the Microsoft application agent................................................. |
46 |
|
Upgrade the Microsoft application agent............................................. |
48 |
|
Uninstall the Microsoft application agent with the setup file................ |
48 |
|
Required privileges for backup and recovery of a stand-alone server... |
49 |
|
Required privileges for backup and recovery of an Always On availability |
|
|
group................................................................................................... |
49 |
|
Required privileges for backup and recovery of a Failover Cluster |
|
|
Instance or Always On Failover Cluster Instance.................................. |
50 |
PowerProtect Data Manager Administration and User Guide |
3 |
Contents
|
Stagger SQL discovery jobs in host scale-out environments................ |
50 |
|
Manage the Microsoft application agent for SQL............................................. |
50 |
|
Support for existing SQL agent backups with PowerProtect Data Manager...... |
51 |
|
Supporting existing SQL agent backups with PowerProtect................ |
52 |
|
Use the backup discovery tool for PowerProtect Data Manager |
|
|
management of existing backups......................................................... |
53 |
Chapter 5 |
Enabling the Oracle RMAN Agent |
55 |
|
About the Oracle RMAN agent......................................................................... |
56 |
|
Review Oracle data protection and replication requirements............................ |
56 |
|
Prerequisites........................................................................................ |
56 |
|
Protecting a stand-alone Oracle server............................................................. |
57 |
|
Protecting Oracle RAC environments............................................................... |
57 |
|
Install and configure the Oracle RMAN agent................................................... |
58 |
|
Install the Oracle RMAN agent............................................................. |
58 |
|
Upgrade the Oracle RMAN agent......................................................... |
60 |
|
Uninstall the Oracle RMAN agent........................................................ |
62 |
|
Integration with PowerProtect Data Manager software....................... |
64 |
|
Install the PowerProtect Data Manager agent..................................... |
65 |
|
Uninstall the PowerProtect Data Manager agent................................. |
67 |
|
How the Oracle RMAN agent communicates with PowerProtect Data |
|
|
Manager............................................................................................... |
67 |
|
Verify the connectivity from ddbmcon.................................................. |
71 |
|
Discover the storage units.................................................................... |
74 |
|
Add or manage the Oracle application agent..................................................... |
74 |
|
Supporting existing Oracle RMAN agent backups with PowerProtect Data |
|
|
Manager............................................................................................................ |
75 |
|
Support existing Oracle RMAN agent backups with PowerProtect Data |
|
|
Manager............................................................................................... |
76 |
Chapter 6 |
Enabling the File System Agent |
79 |
|
About the File System agent............................................................................. |
80 |
|
File System agent prerequisites........................................................................ |
80 |
|
Roadmap for protection with the File System agent.......................................... |
81 |
|
Installing and configuring File System agent..................................................... |
82 |
|
Install the File System agent on Linux.................................................. |
82 |
|
Install the File System agent on Windows ........................................... |
82 |
|
Silent installation of File System agent................................................. |
83 |
|
Uninstalling the File System agent ...................................................... |
83 |
|
Upgrade the File System agent............................................................ |
84 |
|
Manage the File System agent.......................................................................... |
84 |
Chapter 7 |
Enabling the Storage Direct Agent |
87 |
|
About the Storage Direct agent........................................................................ |
88 |
|
Storage Direct agent prerequisites................................................................... |
88 |
|
Additional setup and configuration file requirements for existing Storage Direct |
|
|
users................................................................................................................. |
89 |
|
Roadmap for protection with the Storage Direct agent (new users)................. |
91 |
|
Roadmap for protection with the Storage Direct agent (existing Storage Direct |
|
|
users)............................................................................................................... |
93 |
|
Installing or Upgrading Storage Direct.............................................................. |
94 |
|
Install the Storage Direct agent on Linux............................................. |
94 |
|
Upgrade the Storage Direct agent on Linux......................................... |
95 |
|
Install or Upgrade the Storage Direct agent on Windows .................... |
97 |
4 |
PowerProtect Data Manager Administration and User Guide |
|
|
Contents |
|
Silent installation of the Storage Direct agent...................................... |
98 |
|
Uninstall the Storage Direct agent on Linux......................................... |
98 |
|
Uninstall the Storage Direct agent on Windows................................... |
98 |
|
Manage the Storage Direct agent..................................................................... |
98 |
Chapter 8 |
Managing Assets |
101 |
|
About asset sources, assets, and storage........................................................ |
102 |
|
Prerequisites for discovering asset sources..................................................... |
102 |
|
Adding a vCenter Server asset source............................................................. |
102 |
|
Add a VMware vCenter Server........................................................... |
102 |
|
Virtual asset discovery........................................................................ |
104 |
|
Creating a dedicated vCenter user account and assigning the role in vCenter.105 |
|
|
Specify the required privileges for a dedicated vCenter user account .... |
|
|
105 |
|
|
VM Direct protection engine overview............................................................ |
108 |
|
Add a VM Direct appliance.................................................................. |
108 |
|
Additional VM Direct actions.............................................................. |
109 |
|
Discovering an application or File System host ................................................ |
110 |
|
Discover an Oracle or SQL application host......................................... |
111 |
|
Discover a File System Host................................................................. |
111 |
|
Discover a Storage Direct agent host.................................................. |
112 |
|
Add and discover the SMIS server for the Storage Direct agent...................... |
113 |
Chapter 9 |
Managing Protection Policies |
115 |
|
Protection policies........................................................................................... |
116 |
|
Policy retention time considerations................................................... |
116 |
|
Data Domain protection considerations............................................... |
116 |
|
Before you a create protection policy.............................................................. |
118 |
|
Add a protection policy for virtual machine protection..................................... |
118 |
|
On-demand backups of virtual machines............................................. |
121 |
|
Additional options for managing virtual machine backups................... |
122 |
|
Add a protection policy for SQL database protection...................................... |
122 |
|
Add a protection policy for Oracle database protection................................... |
125 |
|
Add a protection policy for File System protection.......................................... |
129 |
|
Add a protection policy for Storage Direct protection..................................... |
132 |
|
Add a Cloud Tier protection policy................................................................... |
136 |
|
Edit a protection policy.................................................................................... |
137 |
|
Add or remove assets in a protection policy..................................................... |
137 |
|
Removing expired backup copies..................................................................... |
138 |
|
Export protection ........................................................................................... |
139 |
|
Delete a protection policy................................................................................ |
139 |
|
Add a Service Level Agreement....................................................................... |
140 |
|
Export Asset Compliance................................................................................. |
142 |
|
Dynamic filters ................................................................................................ |
143 |
|
Creating virtual machine tags in the vSphere Client............................ |
143 |
|
Add a dynamic filter............................................................................ |
144 |
|
Manually run a dynamic filter.............................................................. |
145 |
|
Edit or delete a dynamic filter ............................................................ |
146 |
|
Change the priority of the existing dynamic filter .............................. |
146 |
Chapter 10 |
Restoring Data and Assets |
147 |
|
View copies..................................................................................................... |
148 |
|
Restore a virtual machine or VMDK................................................................. |
148 |
|
Prerequisites to restore a virtual machine........................................... |
149 |
PowerProtect Data Manager Administration and User Guide |
5 |
Contents
|
Restore to original virtual machine...................................................... |
149 |
|
Restore individual virtual disks............................................................ |
151 |
|
Restore to new.................................................................................... |
151 |
|
Restore an instant access virtual machine.......................................... |
153 |
|
File level restore................................................................................. |
156 |
|
Direct Restore to ESXi....................................................................... |
158 |
|
Restore an application-aware virtual machine backup..................................... |
159 |
|
Performing centralized restore of a File System host...................................... |
159 |
|
Centralized restore of File Systems in PowerProtect Data Manager.. 159 |
|
|
Restore of Storage Direct backups in PowerProtect Data Manager................. |
161 |
|
Restore the PowerProtect Data Manager server ............................................ |
162 |
|
Restore operations for cloud tier..................................................................... |
163 |
|
Restore from cloud tier....................................................................... |
163 |
Chapter 11 |
Performing Self-service Backup and Restore of Application and File |
|
|
System Agents |
165 |
|
Performing self-service backups of Microsoft SQL databases........................ |
166 |
|
Performing self-service backups of Oracle databases..................................... |
166 |
|
Performing self-service backups of File Systems............................................. |
167 |
|
Performing self-service backups of Microsoft SQL databases........................ |
168 |
|
Restore a SQL application host....................................................................... |
168 |
|
Restore an Oracle application host.................................................................. |
168 |
|
Performing self-service restore of a File System host..................................... |
169 |
|
Using the ddfsadmin utility for File Systems....................................... |
169 |
|
Self-service image-level restore of File Systems................................ |
170 |
|
Self-service file-level restore of File Systems...................................... |
171 |
Chapter 12 |
Preparing for and Recovering from a Disaster |
173 |
|
Managing system backups............................................................................... |
174 |
|
Manage PowerProtect Data Manager backups for disaster recovery.............. |
174 |
|
Prepare the Data Domain recovery target....................................................... |
175 |
|
Configure backups for disaster recovery......................................................... |
175 |
|
Configure PowerProtect Data Manager server disaster recovery backups...... |
176 |
|
Record settings for disaster recovery.............................................................. |
176 |
|
Restore PowerProtect Data Manager from an external Data Domain system.. 177 |
|
Chapter 13 |
Managing Alerts, Jobs, and Tasks |
179 |
|
Configure Alert Notifications........................................................................... |
180 |
|
View and manage System Alerts...................................................................... |
180 |
|
View and manage System Alerts...................................................................... |
181 |
|
Monitoring and viewing jobs............................................................................. |
181 |
|
Monitor and view tasks.................................................................................... |
182 |
|
Restart a job or task........................................................................................ |
182 |
|
Cancel a job or task......................................................................................... |
183 |
|
Export logs for a job or task............................................................................. |
184 |
Chapter 14 |
Upgrading the PowerProtect Data Manager Software |
185 |
|
Upgrade the software from PowerProtect Data Manager version 19.1............ |
186 |
|
Upgrade PowerProtect Data Manager from version 19.2 and later.................. |
187 |
|
Managing certificates after upgrading from versions earlier than PowerProtect |
|
|
Data Manager version 19.1............................................................................... |
188 |
6 |
PowerProtect Data Manager Administration and User Guide |
|
Contents |
|
Chapter 15 |
Best Practices and Troubleshooting |
191 |
|
Compatibility information................................................................................ |
192 |
|
Power off the PowerProtect Data Manager OVA............................................ |
192 |
|
Creating a dedicated vCenter user account and assigning the role in vCenter.192 |
|
|
Specify the required privileges for a dedicated vCenter user account .... |
|
|
192 |
|
|
Best practices with the VM Direct appliance................................................... |
195 |
|
Software and hardware requirements................................................. |
196 |
|
PowerProtect Data Manager resource requirements on VMware |
|
|
environment........................................................................................ |
197 |
|
Configuration checklist for common issues......................................... |
197 |
|
VM Direct appliance performance and scalability................................ |
198 |
|
Increasing the number of instant access sessions............................... |
199 |
|
Enabling or disabling Changed Block Tracking.................................... |
199 |
|
Configure a backup to support vSAN datastores............................... |
200 |
|
Disable SSL certification on the vCenter Server................................ |
200 |
|
Troubleshooting backup configuration issues.................................................. |
200 |
|
Troubleshooting virtual machine backup issues............................................... |
201 |
|
VM Direct limitations and unsupported features................................. |
201 |
|
Managing command execution for VM Direct Agent operations on Linux |
|
|
.......................................................................................................... |
203 |
|
SQL Server application-consistent backups fail with error "Unable to |
|
|
find VSS metadata files in directory"................................................. |
203 |
|
Failed to lock Virtual Machine for backup: Another EMC VM Direct |
|
|
operation 'Backup' is active on VM ................................................... |
203 |
|
vMotion operations are not allowed during active backup operations.203 |
|
|
Backups fail if certain characters are used in the virtual machine name, |
|
|
datastore, folder, or datacenter names.............................................. |
203 |
|
Lock placed on virtual machine during backup and recovery operations |
|
|
continues for 24 hours if VM Direct appliance fails............................ |
204 |
|
Trailing spaces not supported in SQL database names....................... |
204 |
|
SQL databases skipped during virtual machine transaction log backup.... |
|
|
204 |
|
|
Accessing Knowledge Base Articles................................................... |
205 |
|
Recover a failed PowerProtect Data Manager backup.................................... |
205 |
|
Troubleshooting virtual machine restore issues............................................... |
205 |
|
Troubleshooting instant access restore failures................................. |
207 |
|
FLR Agent for virtual machine file-level restore................................. |
208 |
|
Supported platform versions for file-level restore.............................. |
209 |
|
File-level restore and SQL restore limitations..................................... |
210 |
|
Troubleshoot recovery of PowerProtect Data Manager.................................. |
212 |
|
Application agent and File System agent co-existence.................................... |
212 |
|
Microsoft application agent for SQL Server application-aware protection...... |
214 |
|
Troubleshooting Microsoft Application Agent discoveries on Windows 2008 and |
|
|
Application Direct............................................................................................ |
216 |
|
Supporting more than 50 database clients...................................................... |
216 |
|
File System agent limitations........................................................................... |
216 |
|
Storage Direct agent limitations...................................................................... |
218 |
|
Time synchronization required between PowerProtect Data Manager and the |
|
|
systems it interfaces with................................................................................ |
221 |
|
PowerProtect Data Manager allows completion of protection policy when |
|
|
storage unit on the Data Domain cannot be created........................................ |
221 |
|
Viewing the DD Boost storage unit password.................................................. |
221 |
Chapter 16 |
Modifying the System Settings |
223 |
PowerProtect Data Manager Administration and User Guide |
7 |
Contents
|
System settings.............................................................................................. |
224 |
|
Modify the network settings.............................................................. |
224 |
|
Modify the appliance time zone.......................................................... |
224 |
|
Change the system root user password............................................. |
224 |
|
Enable replication encryption............................................................. |
225 |
|
License types..................................................................................... |
225 |
|
PowerProtect Data Manager licenses................................................ |
226 |
|
System Support.............................................................................................. |
227 |
|
Register the Secure Remote Services gateway.................................. |
227 |
|
Callhome ........................................................................................... |
228 |
|
Set up the email server...................................................................... |
230 |
|
Add Auto Support............................................................................... |
231 |
|
Enable automatic upgrade package downloads................................... |
231 |
|
Add a log bundle................................................................................. |
231 |
|
Monitor system state and system health............................................ |
232 |
|
Configure PowerProtect Central reporting........................................ |
234 |
|
Modifying the PowerProtect Data Manager virtual machine disk settings...... |
235 |
|
Modify the virtual machine memory configuration............................. |
235 |
|
Modify the data disk size................................................................... |
235 |
|
Modify the system disk size............................................................... |
237 |
|
Configure the Data Domain system................................................................. |
237 |
Chapter 17 |
PowerProtect plug-in within the vSphere Client |
239 |
|
Overview of the PowerProtect plug-in within the vSphere Client................... |
240 |
|
Prerequisites to using the PowerProtect plug-in within the vSphere Client..... |
241 |
|
Monitor virtual machine protection copies...................................................... |
242 |
|
Restore a virtual machine protection copy in the vSphere Client.................... |
242 |
Chapter 18 |
VMware Cloud on Amazon Web Services (AWS) Support |
245 |
|
PowerProtect Data Manager image backup and recovery for VMware Cloud on |
|
|
AWS................................................................................................................ |
246 |
|
Configure the VMware Cloud on AWS web portal console.............................. |
246 |
|
Amazon AWS web portal requirements........................................................... |
247 |
|
Interoperability with VMware Cloud on AWS product features....................... |
247 |
|
vCenter server inventory requirements........................................................... |
248 |
|
VMware Cloud on AWS configuration best practices...................................... |
248 |
|
Add a VM Direct appliance.............................................................................. |
248 |
|
Protection and recovery operations................................................................ |
249 |
|
Interoperability with VMware Cloud on AWS product features....................... |
250 |
|
Unsupported operations in VMware Cloud on AWS ....................................... |
250 |
|
Troubleshooting VMware Cloud on AWS ....................................................... |
250 |
8 |
PowerProtect Data Manager Administration and User Guide |
Preface
As part of an effort to improve product lines, periodic revisions of software and hardware are released. Therefore, all versions of the software or hardware currently in use might not support some functions that are described in this document. The product release notes provide the most up-to-date information on product features.
If a product does not function correctly or does not function as described in this document, contact a technical support professional.
Note: This document was accurate at publication time. To ensure that you are using the latest version of this document, go to the Support website https://www.dell.com/support.
Note: References to Data Domain systems in this documentation, in the UI, and elsewhere in the product include Data Domain systems and the new PowerProtect DD systems.
Purpose
This document describes how to install, configure, and administer PowerProtect Data Manager software.
Audience
This document is intended for the host system administrator who is involved in managing, protecting, and reusing data across the enterprise by deploying PowerProtect Data Manager.
Revision history
The following table presents the revision history of this document.
Table 1 Revision history
Revision |
Date |
Description |
|
|
|
|
|
|
03 |
October 29, 2019 |
This revision includes the following updates: |
|
|
• File System agent limitations updates, |
|
|
including exclusions when performing |
|
|
block-based backups. |
|
|
• Add a protection policy for File System |
|
|
protection updates. |
|
|
|
02 |
September 27, 2019 |
Post GA updates. |
|
|
|
01 |
September 24, 2019 |
Initial release of this document for |
|
|
PowerProtect Data Manager 19.2. |
|
|
|
Related documentation
The following publications provide additional information:
•PowerProtect Data Manager Administration and User Guide
Describes how to configure the software.
•PowerProtect Data Manager Release Notes
Contains information on new features, known limitations, environment, and system requirements for the software.
•PowerProtect Data Manager Security Configuration Guide
Contains security information.
PowerProtect Data Manager Administration and User Guide |
9 |
Preface
•PowerProtect Data Manager Cloud Disaster Recovery Administration and User Guide
Describes how to deploy Cloud DR, protect VMs in the AWS cloud, and run recovery operations.
•PowerProtect Data Manager for Cyber Recovery User Guide
Describes how to install, upgrade, patch, and uninstall the Dell EMC PowerProtect Cyber Recovery software.
•PowerProtect Data Manager API documentation: https://developer.dellemc.com
Contains the PowerProtect Data Manager APIs and includes tutorials to guide to you in their use.
You can use the following resources to find more information about this product, obtain support, and provide feedback.
Special notice conventions that are used in this document
The following conventions are used for special notices:
NOTICE Identifies content that warns of potential business or data loss.
Note: Contains information that is incidental, but not essential, to the topic.
Typographical conventions
The following type style conventions are used in this document:
Table 2 Style conventions
Bold |
Used for interface elements that a user specifically selects or clicks, |
|
|
for example, names of buttons, fields, tab names, and menu paths. |
|
|
Also used for the name of a dialog box, page, pane, screen area with |
|
|
title, table label, and window. |
|
Italic |
Used for full titles of publications that are referenced in text. |
|
Monospace |
Used for: |
|
|
• |
System code |
|
• System output, such as an error message or script |
|
|
• Pathnames, file names, file name extensions, prompts, and |
|
|
|
syntax |
|
• |
Commands and options |
Monospace italic |
Used for variables. |
|
Monospace bold |
Used for user input. |
|
[ ] |
Square brackets enclose optional values. |
|
| |
Vertical line indicates alternate selections. The vertical line means or |
|
|
for the alternate selections. |
|
{ } |
Braces enclose content that the user must specify, such as x, y, or z. |
|
... |
Ellipses indicate non-essential information that is omitted from the |
|
|
example. |
|
You can use the following resources to find more information about this product, obtain support, and provide feedback.
10 PowerProtect Data Manager Administration and User Guide
Preface
Where to find product documentation
•https://www.dell.com/support
•https://community.emc.com
Where to get support
The Support website https://www.dell.com/support provides access to product licensing, documentation, advisories, downloads, and how-to and troubleshooting information. The information can enable you to resolve a product issue before you contact Support.
To access a product-specific page:
1.Go to https://www.dell.com/support.
2.In the search box, type a product name, and then from the list that appears, select the product.
Knowledgebase
The Knowledgebase contains applicable solutions that you can search for either by solution number (for example, KB000xxxxxx) or by keyword.
To search the Knowledgebase:
1.Go to https://www.dell.com/support.
2.On the Support tab, click Knowledge Base.
3.In the search box, type either the solution number or keywords. Optionally, you can limit the search to specific products by typing a product name in the search box, and then selecting the product from the list that appears.
Live chat
To participate in a live interactive chat with a support agent:
1.Go to https://www.dell.com/support.
2.On the Support tab, click Contact Support.
3.On the Contact Information page, click the relevant support, and then proceed.
Service requests
To obtain in-depth help from Licensing, submit a service request. To submit a service request:
1.Go to https://www.dell.com/support.
2.On the Support tab, click Service Requests.
Note: To create a service request, you must have a valid support agreement. For details about either an account or obtaining a valid support agreement, contact a sales representative. To find the details of a service request, in the Service Request Number field, type the service request number, and then click the right arrow.
To review an open service request:
1.Go to https://www.dell.com/support.
2.On the Support tab, click Service Requests.
3.On the Service Requests page, under Manage Your Service Requests, click View All Dell Service Requests.
Online communities
For peer contacts, conversations, and content on product support and solutions, go to the Community Network https://community.emc.com. Interactively engage with customers, partners, and certified professionals online.
PowerProtect Data Manager Administration and User Guide |
11 |
Preface
How to provide feedback
Feedback helps to improve the accuracy, organization, and overall quality of publications. You can send feedback to DPAD.Doc.Feedback@emc.com.
12 PowerProtect Data Manager Administration and User Guide
CHAPTER 1
Getting Started
This section includes the following topics:
•
•
Introducing PowerProtect Data Manager software................................................................ |
14 |
Accessing the PowerProtect Data Manager UI...................................................................... |
14 |
PowerProtect Data Manager Administration and User Guide |
13 |
Getting Started
Introducing PowerProtect Data Manager software
PowerProtect Data Manager software is an enterprise solution that provides software-defined data protection, deduplication, operational agility, self-service, and IT governance.
PowerProtect Data Manager enables the transformation from traditional centralized protection to an IT-as-a-service model, based on a self-service design. This design ensures that you can enforce compliance and other business rules, even when backup responsibilities are decentralized to individual database administrators and application administrators.
PowerProtect Data Manager key features include:
•Software-defined data protection with integrated deduplication, replication, and reuse
•Data backup and recovery self-service operations from native applications that are combined with central IT governance
•Multi-cloud optimization with integrated cloud tiering
•SaaS-based management, compliance, and predictive analytics
•Modern services-based architecture for ease of deployment, scaling, and upgrading
PowerProtect Data Manager integrates multiple data protection products within the Dell EMC
Data Protection portfolio to enable data protection as a service, providing the following benefits:
•The data protection team can create data paths with provisioning, automation, and scheduling to embed protection engines into the infrastructure for high-performance backup and recovery.
•For large-scale environments, backup administrators can schedule Microsoft SQL and Oracle backups from a central location on the PowerProtect Data Manager server.
•PowerProtect Data Manager uses an agent-based approach to discover the protected and unprotected databases on an application server.
•PowerProtect Data Manager enables governed self-service and centralized protection by providing the ability to monitor and enforce Service Level Objectives (SLOs), identify violations of Recovery Point Objectives (RPO), and apply retention locks on backups created using the Microsoft application agent and the Oracle RMAN agent.
•PowerProtect Data Manager supports deploying an external VM Direct appliance for data movement with the VM Direct Engine. The PowerProtect Data Manager software comes prebundled with an embedded VM Direct appliance, which is automatically used as a fallback proxy for performing backup and restore operations when the added external proxies fail or are disabled. Dell EMC recommends that you always deploy external proxies because the embedded proxy has limited capacity for performing parallel backups.
•PowerProtect Data Manager supports integration of Cloud Disaster Recovery (Cloud DR), including workflows for Cloud DR deployment, protection, and recovery operations in the AWS cloud.
Accessing the PowerProtect Data Manager UI
PowerProtect Data Manager provides a stand-alone UI that you can use to manage and monitor system behavior.
Procedure
1.From a host that has network access to the virtual appliance, use Google Chrome to connect to the appliance:
https://appliance_hostname
14 PowerProtect Data Manager Administration and User Guide
Getting Started
Note: You can specify the hostname or the IP address of the appliance.
2.Log in with your user name and password.
If you receive an unsigned certificate warning, see Replacing the default PowerProtect Data Manager certificate on page 15 for instructions.
The Getting Started page appears.
•The left pane provides links to the available menu items. Expand a menu item for more options.
•The icons in the PowerProtect Data Manager banner provide additional options.
Replacing the default PowerProtect Data Manager certificate
Use this procedure to replace the PowerProtect Data Manager UI and public API facing certificates with new self-signed or CA signed certificates.
Before you begin
You must have the following keys and certificates in place:
•/etc/ssl/certificates/customer/customerkey.pem
•/etc/ssl/certificates/customer/customer.pem
•/etc/ssl/certificates/customer/customer.keystore
•/etc/ssl/certificates/customca/customca.truststore
Procedure
1.Log in to the PowerProtect Data Manager system as the root user.
Note: PowerProtect Data Manager does not support using the ssh command with the
root account. To use ssh to connect to the system and change the password for the root account, log in to ssh with the admin account, and then use the su command to change to the root account.
2.Run the following Unix commands:
cd /usr/local/brs/lib/ecdm-ui/app
ln -s /etc/ssl/certificates/customer/customer.pem cert.pem
ln -s /etc/ssl/certificates/customer/customerkey.pem private-key.pem sudo systemctl restart nginx
3.Update the /usr/local/brs/lib/zuul/conf/application.yml file with following parameters:
key-store: Specify the file path where your key-store certificate is kept. For example: /etc/ssl/certificates/customer/customer.keystore
key-store-password: Specify a key-store password. key-password: Specify a key password.
key-alias: Specify a key alias.
trust-store: Specify the file path where your trust-store certificate is kept. For example: /etc/ssl/certificates/customca/customca.truststore
trust-store-password: Specify a trust-store password.
PowerProtect Data Manager Administration and User Guide |
15 |
Getting Started
4.Carry out the command: zuul restart
5.Log in to the https://ecdm.customer.com instance.
6.When prompted, accept the certificate.
7.Login to https://ecdm.customer.com:8443.
All external requests are now using your installed certificates.
Getting Started
The Getting Started page provides configuration options that are required when the system is first deployed.
The Getting Started page appears upon first deployment of PowerProtect Data Manager and opens to this page by default until you click Skip This.
You can access the Getting Started page at any time by selecting System Settings > Getting Started.
Table 3 PowerProtect Data Manager Getting Started menu items
Options |
Description |
|
|
|
|
Support |
View and configure Secure Remote Services (SRS), Email Setup, Auto |
|
Support, Logs, System Health. |
|
|
Disaster Recovery |
Configure and manage backups for disaster recovery. |
Backup |
|
|
|
VMware vCenter |
Opens the Infrastructure > Asset Sources page where you can add a |
|
vCenter instance as an asset source so that it can be added to a |
|
protection policy. |
|
|
Protect Assets |
Opens the Protection Policies page where you can manage Protection |
|
Life Cycle workflows for all asset types. |
|
|
UI tools and options
Learn about the available tools in the UI.
PowerProtect Data Manager UI tools
Table 4 PowerProtect Data Manager tools
Menu item |
Description |
|
|
|
|
|
Provides a high-level view of the overall state the PowerProtect Data |
|
Manager system and includes the following information: |
Dashboard |
• Alerts—System alerts |
|
• Protection—Details about protection policies |
|
• Jobs—Status of all Jobs filtered by a selected time frame or |
|
status type. Select the status in the Jobs pane to open the Jobs |
|
window, where you can manage jobs, search, and view details. |
|
• Policy—Details include number of successes, failures, and |
|
excluded assets for each asset type |
|
• Protection Storage—Protection storage usage statistics |
|
|
16 PowerProtect Data Manager Administration and User Guide
Getting Started
Table 4 PowerProtect Data Manager tools (continued)
Menu item |
Description |
||
|
|
|
|
|
|
|
|
|
• |
Recovery—Recovery statistics |
|
|
• Health—Details about the health of the system, including |
||
|
|
services, licenses, support, protection engines, server backups, |
|
|
|
and uptime. |
|
|
PowerProtect Data Manager refreshes the data hourly unless you run |
||
|
an ad-hoc discovery. |
||
|
|
||
|
Click Infrastructure to perform the following tasks: |
||
|
• View and manage Virtual Machine, SQL Database, Oracle |
||
Infrastructure |
|
Database, and File System assets |
|
|
• Add vCenter and Application and File System Host asset sources |
||
|
• View and manage Integrated Storage |
||
|
• Add a VM Direct appliance with the VM Direct protection engine |
||
|
|
for virtual machine data protection |
|
|
• Manage registration of RMAN Agent, Microsoft Application Agent, |
||
|
|
and File System Agent |
|
|
• View and manage Cloud disaster recovery |
||
|
|
||
|
Click Protection to perform the following tasks: |
||
|
|||
|
• Add protection policy groups to SQL and Oracle databases, File |
||
Protection |
|
Systems, and Virtual Machines |
|
|
• |
Manage SLA |
|
|
• Add, edit, and delete Dynamic Groups to SQL and Oracle |
||
|
|
databases, File Systems, and Virtual Machines |
|
|
|
||
|
Click Recovery to perform the following tasks: |
||
Recovery |
• |
View asset copy location details and initiate a Restore operation |
|
• Manage Instant Access Sessions |
|||
|
|||
|
|
||
|
Click Alerts to perform the following tasks: |
||
|
• View and acknowledge alerts and events. |
||
Alerts |
• |
View and drill down to Audit Logs. |
|
|
|||
|
• Export audit logs to CSV files. |
||
|
• Set audit log boundaries. |
||
|
|
||
|
Click Administration to perform the following tasks: |
||
|
• Configure users and roles |
||
Administration |
• |
Set password credentials and manage key chains |
|
|
|||
|
• |
Configure alert notifications |
|
|
• Add LDAP Identity Sources |
||
|
|
||
|
Click Jobs to manage jobs, view by completed or running, filter, and |
||
|
view details. |
||
|
|
|
|
PowerProtect Data Manager Administration and User Guide |
17 |
Getting Started
Table 4 PowerProtect Data Manager tools (continued)
Menu item |
Description |
Jobs
Click Reporting to log in to PowerProtect Central.
Reporting
Additional UI options
The following table describes the icons located in the PowerProtect Data Manager banner.
Table 5 Additional options
Option |
Description |
|
|
|
|
|
Click to enter search criteria to find assets, jobs, logs, and alerts. |
|
|
|
Click to see recent alerts. |
|
|
|
Click to configure and manage PowerProtect Data Manager system |
|
network, time zone, and NTP settings, DR backups, security, licenses, |
|
upgrades, authentication, agent downloads, and support, and to |
|
access the Getting Started page. |
|
|
|
Click to log out and log in as a different user. |
|
|
|
Click to see PowerProtect Data Manager version information. |
|
|
|
Click to obtain more information about PowerProtect Data Manager |
|
and how it can help you manage your backup copies. |
|
|
18 PowerProtect Data Manager Administration and User Guide
CHAPTER 2
Managing Users
This section includes the following topics:
•
•
•
•
•
Managing user roles and privileges ....................................................................................... |
20 |
Resetting system-generated VM Direct credentials.............................................................. |
30 |
Managing LDAP or AD groups............................................................................................... |
30 |
Managing keychains............................................................................................................... |
31 |
LDAP or AD authentication.................................................................................................... |
31 |
PowerProtect Data Manager Administration and User Guide |
19 |
Managing Users
Managing user roles and privileges
Users can be defined as either local or LDAP/Active Directory. Users and LDAP groups can access all protection policies and assets within the PowerProtect Data Manager environment.
The role that is assigned to a user defines the privileges that are associated with the user and determines the tasks that the user can perform.
Managing users
Only the Admin role can manage users.
The following roles can view users, roles, identity sources, and user groups:
•Admin
•User
•Export and Recovery Admin
Users can see only their own role within their own account.
Note: User authorization grants or denies users access to PowerProtect Data Manager resources. Authorization is the same for locally authorized users and Microsoft Windows Active Directory/LDAP users.
You can create local users to perform management tasks. When you create a local user account, you must assign a role to the user.
Add a user
You must have administrator credentials to add a user.
Procedure
1.Select Administration > Users. The Users window appears.
2.Click Add.
3.In the New User window, provide the following information:
•User first name
•User last name
•Username
•Email Address
•Password
•Retype to confirm password
•Force Password Change—Enabled by default. Requires the user to update the password at first login.
•Role
4.Click Save.
Results
The newly added user appears in the Users window.
20 PowerProtect Data Manager Administration and User Guide
Managing Users
Edit or delete a user
You must have administrator credentials to edit or delete a user.
Procedure
1.Select Administration > Users.
The Users window displays the following information:
•Username
•User first name
•User last name
•User email address
•User role
•Date the user was created
2.Select the user you want to edit or delete.
3.Do one of the following:
•To delete the user, click Delete.
•To edit the user, click Edit, modify the user fields, and then click Save.
Results
The changes appear in the Users window.
Reset a password
Local users can reset a forgotten password using this procedure.
Before you begin
•The user must be a a local user.
•A reset password mail server must be configured.
•LDAP and Windows Active Directory users cannot reset their password using this procedure. Contact the system administrator to reset your password.
About this task
Local users can receive an email with a link to reset their password. The reset password link in the email expires in 20 minutes, after which time they must request another link.
Procedure
1.In the PowerProtect Data Manager login page, click Forgot Password.
2.In the Forgot Password dialog box, type your user name, click Send Link, and click OK to dismiss the informational dialog box.
The system sends a message to the email address associated with your user name.
3.Open the email and click the link.
4.In the Reset Password dialog box, type a new password in the New Password and
Confirm New Password fields, and click Save.
The PowerProtect Data Manager login page appears.
5.Log in with your user name and new password.
PowerProtect Data Manager Administration and User Guide |
21 |
Managing Users
Default admin user
The default admin user is preassigned the Admin role during PowerProtect Data Manager installation.
The default admin user has super user control over PowerProtect Data Manager and cannot be deleted. However, you can modify the attributes of the default admin user.
Roles
A role defines the privileges and permissions that a user has to perform a group of tasks. When a user is assigned a role, you grant the user all of the privileges that are defined by the role. Only one role can be associated to a user account.
Admin role
Admin
The Admin role is responsible for setup, configuration, and all PowerProtect Data Manager management functions. The Admin role provides systemwide access to all functionality across all organizations. One default Admin role is assigned at PowerProtect Data Manager deployment and installation. You can add and assign additional Admin roles to users in your organization who require full access to the system.
This table outlines the privileges and tasks that are associated with the Admin role.
Table 6 Admin role privileges and tasks
Privileges |
Tasks |
||
|
|
|
|
|
|
|
|
Activity Management |
• |
Manage Discovery Jobs |
|
|
|||
|
• |
Manage Tasks |
|
|
• |
Workflow Execution |
|
|
|
|
|
Asset Management |
• |
View Data Source Assets |
|
|
|||
|
• Manage Data Source Assets |
||
|
• View Protection Storage Targets |
||
|
• Manage Protection Storage Targets |
||
|
|
|
|
Monitoring |
• |
Monitor Events |
|
|
|||
|
• |
Manage Events |
|
|
• |
View Historical Data |
|
|
• View Tasks and Activities |
||
|
|
|
|
Recovery and Reuse |
• |
View Host |
|
Management |
|||
• |
Manage Host |
||
|
|||
|
• |
Rollback to Production |
|
|
• Recovery to New Location |
||
|
• |
Export for Reuse |
|
|
|
|
|
22 PowerProtect Data Manager Administration and User Guide
Managing Users
Table 6 Admin role privileges and tasks (continued)
Privileges |
Tasks |
||
|
|
|
|
|
|
|
|
Service Plan |
• |
View Plans |
|
Management |
|||
• |
Manage Plans |
||
|
|||
|
• Assign Data Source to Plan |
||
|
|
|
|
Security and System |
• |
Monitor Security/System Audit |
|
Audit |
|||
• |
Manage Security/System Audit |
||
|
|||
|
|
|
|
Storage Management |
• |
View Storage Array |
|
|
|||
|
• |
Manage Storage Array |
|
|
• |
View Inventory Sources |
|
|
• |
Manage Inventory Sources |
|
|
|
|
|
Support Assistance and |
• |
View Diagnostic Logs |
|
Log Management |
|||
• |
Manage Diagnostic Logs |
||
|
|||
|
|
|
|
System Management |
• |
View System Settings |
|
|
|||
|
• |
Manage System Settings |
|
|
|
|
|
User/Security |
• |
Manage User Security |
|
Management |
|||
• |
View User Security |
||
|
|||
|
|
|
|
User role
User
The User role is responsible for monitoring the PowerProtect Data Manager Dashboard, Activity Monitor, and Notifications. The User role provides read-only access to monitor activities and operations. Assign the User role to users in your organization who monitor Dashboard activities,
Activity Monitor, and Notifications but do not require the ability to configure the system. This table outlines the privileges and tasks that are associated with the User role.
Table 7 User role privileges and tasks
Privileges |
Tasks |
|
|
|
|
|
|
|
Activity Management |
• |
Workflow Execution |
|
||
|
|
|
Asset Management |
• |
View Data Source Assets |
|
||
|
• View Protection Storage Targets |
|
|
|
|
Monitoring |
• |
Monitor Events |
|
||
|
• |
View Historical Data |
|
• View Tasks and Activities |
|
|
|
|
PowerProtect Data Manager Administration and User Guide |
23 |
Managing Users
Table 7 User role privileges and tasks (continued)
Privileges |
Tasks |
||
|
|
|
|
|
|
|
|
Recovery and Reuse |
• |
View Host |
|
Management |
|||
|
|
||
|
|
|
|
Service Plan |
• |
View Plans |
|
Management |
|||
|
|
||
|
|
|
|
Security and System |
• |
Monitor Security/System Audit |
|
Audit |
|||
|
|
||
|
|
|
|
Storage Management |
• |
View Storage Array |
|
|
|||
|
• |
View Inventory Sources |
|
|
|
|
|
Support Assistance and |
• |
View Diagnostic Logs |
|
Log Management |
|||
|
|
||
|
|
|
|
System Management |
• |
View System Settings |
|
|
|||
|
|
|
|
User/Security |
• |
View User Security |
|
Management |
|||
|
|
||
|
|
|
|
Export and Recovery Admin role
Export and Recovery Admin
The Export and Recovery Admin role is defined for a dedicated set of users who are solely responsible for PowerProtect Data Manager setup, configuration, and execution of data management tasks such as copy export and recovery operations. The Export and Recovery Admin role provides access only to those functions required for data export and recovery operations. This role and its operations are intended for a limited set of users whose actions are solely focused on data management, export, and recovery; and whose actions are audited routinely for security purposes. Assign the Export and Recovery Admin role to a user in your organization that requires access to data only to make it available to others in the organization to maintain a chain of custody record.
This table outlines the privileges and tasks that are associated with the Export and Recovery Admin role.
Table 8 Export and Recovery Admin role privileges and tasks
Privileges |
Tasks |
||
|
|
||
|
|
|
|
Activity Management |
None |
||
|
|
|
|
Asset Management |
• |
View Data Source Assets |
|
|
|||
|
• View Protection Storage Targets |
||
|
|
|
|
Monitoring |
• |
Monitor Events |
|
|
|||
|
• |
View Historical Data |
|
|
• View Tasks and Activities |
||
|
|
|
|
Recovery and Reuse |
• |
View Host |
|
Management |
|||
• |
Manage Host |
||
|
|||
|
|
|
|
24 PowerProtect Data Manager Administration and User Guide
Managing Users
Table 8 Export and Recovery Admin role privileges and tasks (continued)
Privileges |
Tasks |
||
|
|
|
|
|
|
|
|
|
• |
Rollback to Production |
|
|
• Recovery to New Location |
||
|
• |
Export for Reuse |
|
|
|
||
Service Plan |
None |
||
Management |
|
|
|
|
|
||
Security and System |
None |
||
Audit |
|
|
|
|
|
|
|
Storage Management |
• |
View Storage Array |
|
|
|||
|
|
|
|
Support Assistance and |
• |
View Diagnostic Logs |
|
Log Management |
|||
|
|
||
|
|
|
|
System Management |
• |
View System Settings |
|
|
|||
|
|
|
|
User/Security |
• |
View User Security |
|
Management |
|||
|
|
||
|
|
|
|
Privileges
PowerProtect Data Manager privileges define the tasks that a user can perform and these privileges are assigned to roles.
Activity Management Privileges
This table defines the Activity Management Privileges.
Table 9 Activity Management Privileges
Privilege |
Task |
||
|
|
|
|
|
|
|
|
Manage Discovery |
• |
Create discovery jobs. |
|
Jobs |
|||
• |
View discovery jobs. |
||
|
|||
|
• |
Edit discovery jobs. |
|
|
• |
Delete discovery jobs. |
|
|
|
|
|
Manage Task |
• |
Create task resources. |
|
|
|||
|
• |
View task resources. |
|
|
• |
Edit task resources. |
|
|
|
|
|
Workflow Execution |
• |
Start workflow execution. |
|
|
|||
|
• |
Cancel workflow execution. |
|
• View the status of workflow execution.
PowerProtect Data Manager Administration and User Guide |
25 |
Managing Users
Asset Management Privileges
This table defines the Asset Management Privileges.
Table 10 Asset Management Privileges
Privilege |
Task |
||
|
|
|
|
|
|
|
|
Manage Data Source |
• |
Create, read, edit, and delete a data source. |
|
Assets |
|||
• |
Create, view, edit, and delete the policy in the protection |
||
|
|||
|
|
group resource. |
|
|
• Create, view, edit, and delete asset group resources. |
||
|
• Create, view, edit, patch, and delete tag category resources. |
||
|
|
|
|
Manage Protection |
• |
Create, view, edit, and delete a data target. |
|
Storage Targets |
|||
• |
Create, view, edit, and delete asset group resources of |
||
|
|||
|
|
protection storage targets. |
|
|
|
|
|
View Data Source Assets |
• |
View a data source. |
|
|
|||
|
• View asset group resources. |
||
|
• View the policy of the protection group resource. |
||
|
• View tag category resources. |
||
|
|
|
|
View Protection Storage |
• |
View a data target. |
|
Targets |
|||
|
|
||
|
|
|
|
Monitoring Privileges
This table defines the Monitoring Privileges.
Table 11 Monitoring Privileges
Privilege |
Task |
|
|
|
|
|
|
|
View Tasks or Activities |
• |
View task resources. |
|
||
|
|
|
View Historical Data |
• |
View historical data that relates to plans, arrays, data |
|
||
|
|
targets, data sources, and capacity data. |
|
|
|
Monitor Events |
• |
View alerts. |
|
||
|
• |
View external notifications. |
|
|
|
Manage Events |
• |
Acknowledge alerts and add notes. |
|
||
|
• Create, modify, and delete external notifications. |
|
|
|
|
Service Policy Management Privileges
This table defines the Policy Management Privileges.
26 PowerProtect Data Manager Administration and User Guide
Managing Users
Table 12 Policy Management Privileges
Privilege |
Task |
|
|
|
|
|
|
|
Assign Data Source to |
• |
Assign a data source to a protection policy resource. |
Policy |
|
|
|
|
|
Manage Policies |
• |
Create, view, edit, and delete the policy for a protection policy |
|
||
|
|
resource. |
|
• Create, view, edit, and delete a policy definition resource. |
|
|
• Create, view, edit, and delete schedule resources. |
|
|
• Create, view, edit, and delete an objective definition resource. |
|
|
• Create, read, edit, and delete an action definition. |
|
|
|
|
View Policies |
• |
View the policy for a protection policy resource. |
|
||
|
• |
View schedule. |
|
• View a protection policy definition. |
|
|
• |
View objective definition. |
|
• |
View services. |
|
• |
View service resources. |
|
• View assets that are assigned to a protection policy. |
|
|
• |
View action definitions. |
|
• View asset group resources. |
|
|
|
|
Recovery and Reuse Management Privileges
This table defines the Recovery and Reuse Management Privileges.
Table 13 Recovery and Reuse Management Privileges
Privilege |
Task |
||
|
|
|
|
|
|
|
|
Export for Reuse |
• |
Create, view, edit, and start export and reuse operations. |
|
|
|||
|
|
|
|
Roll back to |
• |
Create, view, edit, and start rollback to production operations. |
|
Production |
|||
|
|
||
|
|
|
|
Recovery to Alternate |
• |
Create, view, edit, and start recovery to alternate location |
|
Location |
|
operations. |
|
|
|
||
|
|
|
|
Manage Host |
• |
Create, view, edit and delete a host. |
|
|
|||
|
|
|
|
View Host |
• |
View a host. |
|
|
|||
|
|
|
|
Storage Management Privileges
This table defines the Storage Management Privileges.
PowerProtect Data Manager Administration and User Guide |
27 |
Managing Users
Table 14 Storage Management Privileges
Privilege |
Task |
||
|
|
|
|
|
|
|
|
View Inventory |
• |
View a management interface. |
|
Sources |
|||
• |
Read storage manager resources such as exported, deleted, and |
||
|
|||
|
|
restored copies. |
|
|
|
|
|
View Storage Array |
• |
View a storage array. |
|
|
|||
|
|
|
|
Manage Storage |
• |
Create, view, edit, and delete a storage array. |
|
Array |
|||
|
|
||
|
|
|
|
Manage Inventory |
• |
Create storage manager resources and run creation-related |
|
Sources |
|||
|
storage array operations. |
||
|
|
||
|
• Create exported and restored copies and run restore-related |
||
|
|
storage array operations. |
|
|
• Create expunged copies and run deletion-related storage array |
||
|
|
operations. |
|
|
• Create, view, edit, and delete a management interface. |
||
|
|
|
|
Security Management Privileges
This table defines the Security Management Privileges.
Table 15 Security Management Privileges
Privilege |
Task |
|
|
|
|
|
|
|
Manage User Security |
• |
Create, view, edit, and delete users |
|
• |
View roles |
|
• Create, view, edit, and delete identity sources |
|
|
• Create, view, edit, and delete user groups |
|
|
• Create, view, edit, and delete whitelists |
|
|
|
|
View User Security |
• |
View users and roles |
|
||
|
• View identity sources and user groups |
|
|
• |
View whitelists |
|
|
|
System Management Privileges
This table defines the System Management Privileges.
Table 16 System Management Privileges
Privilege Task
View System Settings • View SRS information.
28 PowerProtect Data Manager Administration and User Guide
Managing Users
Table 16 System Management Privileges (continued)
Privilege |
Task |
||
|
|
||
|
|
|
|
|
• View Server Disaster Recovery artifacts. |
||
|
• |
View Maintenance Mode. |
|
|
• |
View License information. |
|
|
• View Server Disaster Recovery Status. |
||
|
• View node, Configuration EULA, OS User, Upgrade Package, |
||
|
|
Component, Configuration Status, Configuration Logs, Time |
|
|
|
Zone, and State resources |
|
|
|
|
|
Manage System |
• |
Manage Server Disaster Recovery activities. |
|
Settings |
|||
• |
Manage SRS Gateway connection and other Telemetry |
||
|
|||
|
|
communications. |
|
|
• View and edit Node State resource. |
||
|
• Update the license for the appliance. |
||
|
• View Component, Configuration Status, Configuration Logs, Time |
||
|
|
Zone, and State resources |
|
|
• View and edit node, Configuration EULA, OS User, and Lockbox |
||
|
|
resouces. |
|
|
• Create, view, edit, and delete the Upgrade Package resource |
||
|
|
|
|
Support Assistance and Log Management Privileges
This table defines the Support Assistance and Log Management Privileges.
Table 17 Support Assistance and Log Management Privileges
Privilege |
Task |
||
|
|
|
|
|
|
|
|
View Diagnostic Logs |
• |
View Log bundle resources. |
|
|
• View Log information resources. |
||
|
• View the LogSource resource. |
||
|
• |
View logs. |
|
|
|
|
|
Manage Diagnostic |
• |
Manage Log bundle resources. |
|
Logs |
|||
• |
Retrieve Log information resources. |
||
|
|||
|
• Retrieve or edit the LogSource resource. |
||
|
• |
Export logs. |
|
|
|
|
|
Security and System Audit Privileges
This table defines the Security and System Audit Privileges.
PowerProtect Data Manager Administration and User Guide |
29 |
Managing Users
Table 18 Security and System Audit Privileges
Privilege |
Task |
||
|
|
|
|
|
|
|
|
Monitor Security/ |
• |
View Security Audit–related events and activities. |
|
System Audit |
|||
|
|
||
|
|
|
|
Manage Security/ |
• |
Acknowledge Security Audit–related events and activities. |
|
System Audit |
|||
• |
Export Audit/Change Log of events and activities. |
||
|
|||
|
|
|
|
Resetting system-generated VM Direct credentials
PowerProtect Data Manager deploys the VM Direct Engine during installation with unique admin and root credentials.
About this task
You must have PowerProtect Data Manager Admin role privileges to edit or delete a user.
Procedure
1.Select Administration > Credentials.
The Credentials Management window appears and displays the type, name, and username.
2.Select a VM Direct user and click Edit.
3.Modify the password in the Edit Credentials window and click Save.
4.Select Infrastructure > Protection Engines > VM Direct Engines.
5.Select a VM Direct Engine.
6.Select redeploy from the ellipsis list.
Managing LDAP or AD groups
PowerProtect Data Manager requires you to configure an LDAP group, and the PowerProtect Data Manager users must be part of this group. Only the Admin role can create users or LDAP and AD groups.
Users
You can create local users to perform management tasks. When you create a local user account, you must assign a role to the user.
LDAP or AD groups
When you configure LDAP or AD authentication in the Authentication Service, use the User Group resources to assign roles to the LDAP groups. The User Group resource defines the role assignments for an LDAP or AD user group.
30 PowerProtect Data Manager Administration and User Guide
Loading...