VERITAS NetBackup 6.0 Administrator s Guide

VERITAS NetBackup
System Administrator’s Guide, Volume II
for UNIX and Linux
TM
6.0
N15258B
September 2005
The information contained in this publication is subject to change without notice. VERITAS Software Corporation makes no warranty of any kind with regard to this manual, including, but not limited to, the implied warranties of merchantability and fitness for a particular purpose. VERITAS Software Corporation shall not be liable for errors contained herein or for incidental or consequential damages in connection with the furnishing, performance, or use of this manual.
VERITAS Legal Notice
Copyright © 1993-2005 VERITAS Software Corporation. All rights reserved. VERITAS, the VERITAS Logo, and NetBackup are trademarks or registered trademarks of VERITAS Software Corporation or its affiliates in the U.S. and other countries. Other names may be trademarks of their respective owners.
Portions of this software are derived from the RSA Data Security, Inc. MD5 Message-Digest Algorithm. Copyright 1991-92, RSA Data Security, Inc. Created 1991. All rights reserved.
VERITAS Software Corporation 350 Ellis Street Mountain View, CA 94043 USA Phone 650-527-8000 Fax 650-527-2908 www.veritas.com
Third-Party Copyrights
For a list of third-party copyrights, see the NetBackup Release Notes appendix.
ii NetBackup System Administrator’s Guide for UNIX and Linux, Volume II
Contents
Preface . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . xix
Getting Help . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . xix
Accessibility Features . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . xxi
Comment on the Documentation . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .xxii
Chapter 1. Access Management . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .1
NetBackup Access Management Components . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .2
Finding NetBackup Documentation . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . xix
To access the NetBackup online glossary . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . xix
Accessing the VERITAS Technical Support Web Site . . . . . . . . . . . . . . . . . . . . . . . . .xx
Contacting VERITAS Licensing . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . xxi
VxSS Components . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2
Root Broker . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3
Authentication Brokers . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3
Security Administrator . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .3
Installation Overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .5
Order for Installation . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .5
Order for Upgrade . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5
Including VxSS Databases in the NetBackup Catalog Backup . . . . . . . . . . . . . . . . . . 6
VxSS Component Distribution . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 6
Installing and Configuring Access Control for Master Servers . . . . . . . . . . . . . . . . . . . . 8
Installing and Configuring Access Control for Media Servers . . . . . . . . . . . . . . . . . . . . 12
Installing and Configuring Access Control for Clients . . . . . . . . . . . . . . . . . . . . . . . . . .15
Establishing a Trust Relationship Between the Broker and the Windows Remote
iii
Console . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 17
Installing the Authentication Service Root Broker (Root + AB) . . . . . . . . . . . . . . . . . . . 18
Configuring Authentication on the Root Broker for Use with NetBackup . . . . . . 19
Installing the Authorization Server . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 21
Configuring the Authorization Server . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 21
Configuring Access Control Host Properties . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 23
Master Server and Media Server Host Properties . . . . . . . . . . . . . . . . . . . . . . . . . . . 23
Access Control Host Properties Dialog . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 23
VxSS Tab . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 24
Authentication Domain Tab . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 24
Authorization Service Tab . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 26
Verifying Master Server Settings . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 26
Client Host Properties . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 27
Access Control Host Properties Dialog . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 27
VxSS Tab . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 27
Authentication Domain Tab . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 27
Access Management Troubleshooting Guidelines . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 28
Windows Verification Points . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 28
Master Server Verification Points . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 30
Media Server Verification Points . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 32
Client Verification Points . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 33
UNIX Verification Points . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 35
Master Server Verification Points . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 36
Media Server Verification Points . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 38
Client Verification Points . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 39
Verification Points in a Mixed Environment with a UNIX Master Server . . . . . . . 41
Master Server Verification Points . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 43
Media Server Verification Points . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 43
Client Verification Points . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 44
Verification Points in a Mixed Environment with a Windows Master Server . . . . 46
iv NetBackup System Administrator’s Guide for UNIX and Linux, Volume II
Master Server Verification Points . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 48
Media Server Verification Points . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 48
Client Verification Points . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .49
Other Troubleshooting Topics . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .51
Expired Credentials Message . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 51
Useful Debug Logs . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 51
If Uninstalling VxSS . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .51
Where Credentials Are Stored . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .51
How System Time Affects Access Control . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .52
VxSS Ports . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 52
Stopping VxSS Daemons . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 52
If You Lock Yourself Out of NetBackup . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .52
nbac_cron Utility . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 53
Using the Access Management Utility . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .54
Access Management Menus . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .54
Determining Who Can Access NetBackup . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 56
Individual Users . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .56
User Groups . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 58
Default User Groups . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .58
Additional User Groups . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 60
User Group Configuration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 60
To create a new user group . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 60
To create a new user group by copying an existing user group . . . . . . . . . . . . . . . 60
Renaming User Groups . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 61
General Tab . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 61
Users Tab . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 61
Defining User Groups and Users . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 62
Defining a User Group . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 63
To add a new user to a user group . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 63
Permissions Tab . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .64
Contents v
Authorization Objects and Permissions List . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 64
Permissions for Default NetBackup User Groups . . . . . . . . . . . . . . . . . . . . . . . . . . . 65
Backup, Archive, and Restore (BAR) Client Interface . . . . . . . . . . . . . . . . . . . . . 65
License Permissions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 66
Jobs Tab in the Activity Monitor Permissions . . . . . . . . . . . . . . . . . . . . . . . . . . . . 66
Permissions in the Device Monitor . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 67
Daemons Tab Permissions in the Activity Monitor . . . . . . . . . . . . . . . . . . . . . . . 68
Reports Permissions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 69
Policy Permissions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 69
Storage Units Permissions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 70
Storage Unit Groups Permissions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 70
Catalog Permissions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 71
Host Properties Permissions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 72
Media Permissions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 72
Volume Group Permissions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 73
Volume Pools Permissions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 73
Robots Permissions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 74
Device Host Permissions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 74
Chapter 2. Enhanced Authentication and Authorization . . . . . . . . . . . . . . . . . . . . . 75
Common Configuration Elements . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 76
Configuration Files . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 76
methods.txt . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 76
methods_allow.txt . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 77
methods_deny.txt . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 78
names_allow.txt . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 79
names_deny.txt . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 80
authorize.txt . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 80
Library Files . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 82
Commands . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 82
vi NetBackup System Administrator’s Guide for UNIX and Linux, Volume II
bpauthorize . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 82
bpauthsync . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .82
vopie_util . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .83
Processes: vopied Daemon . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 83
Files . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 83
vopie Files . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .84
temp File . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .85
Enhanced Authentication . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 86
Using vopie Enhanced Authentication . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 86
To use the vopie enhanced authentication method . . . . . . . . . . . . . . . . . . . . . . . . . 86
vopie Enhanced Authentication Examples . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 87
Using noauth Rather than vopie Authentication . . . . . . . . . . . . . . . . . . . . . . . . . . . .91
Troubleshooting Authentication . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .95
Enhanced Authorization . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 95
Enhanced Authorization Process . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 96
Gaining Access to a Server . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 96
Gaining Access to a Client . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 97
Configuring NetBackup Enhanced Authorization . . . . . . . . . . . . . . . . . . . . . . . . . . . 98
Enabling NetBackup Enhanced Authentication . . . . . . . . . . . . . . . . . . . . . . . . . . 98
Adding an Authorized User . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 99
To create a list of authorized users . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 99
Using the Administration Console to Specify Preferred Groups (Optional) . . . 99
To specify a preferred group . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 100
Example Configuration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .101
Chapter 3. Additional Configuration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 103
Multiplexing . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 104
When to Use Multiplexing . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 104
How to Configure Multiplexing . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 105
Maximum Multiplexing Per Drive for Storage Unit . . . . . . . . . . . . . . . . . . . . . . 105
Contents vii
Media Multiplexing for a Schedule . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 105
Other Configuration Settings to Consider Using Multiplexing . . . . . . . . . . . . 108
Demultiplexing . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 109
Using Multiple NetBackup Servers . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 110
Configuring a Master and Media Server Grouping . . . . . . . . . . . . . . . . . . . . . . . . . . . . 111
Software on Each Server . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 112
NetBackup Catalogs . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 113
Adding a Media Server . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 114
To add a media server . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 114
NetBackup Configuration Options . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 117
Syntax Rules for bp.conf Options . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 117
bp.conf Options for Servers . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 118
ALLOW_MEDIA_OVERWRITE . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 118
ALLOW_MULTIPLE_RETENTIONS_PER_MEDIA . . . . . . . . . . . . . . . . . . . . . 118
ALLOW_NON_RESERVED_PORTS . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 119
AUTHENTICATION_DOMAIN . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 119
AUTHORIZATION_SERVICE . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 120
BPBRM_VERBOSE . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 121
BPDBJOBS_COLDEFS . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 121
BPDBM_VERBOSE . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 124
BPRD_VERBOSE . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 125
BPTM_VERBOSE . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 126
BPEND_TIMEOUT . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 126
BPSTART_TIMEOUT . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 127
CHECK_RESTORE_CLIENT . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 127
CLIENT_CONNECT_TIMEOUT . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 127
CLIENT_PORT_WINDOW . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 127
CLIENT_READ_TIMEOUT . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 128
CLIENT_RESERVED_PORT_WINDOW . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 129
CONNECT_OPTIONS . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 129
viii NetBackup System Administrator’s Guide for UNIX and Linux, Volume II
DEFAULT_CONNECT_OPTIONS . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 131
DISABLE_JOB_LOGGING . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 132
DISABLE_STANDALONE_DRIVE_EXTENSIONS . . . . . . . . . . . . . . . . . . . . . . 132
DISABLE_SCSI_RESERVE . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 132
DISALLOW_BACKUPS_SPANNING_MEDIA . . . . . . . . . . . . . . . . . . . . . . . . . . 133
DISALLOW_CLIENT_LIST_RESTORE . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .133
DISALLOW_CLIENT_RESTORE . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 133
EMMSERVER . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 133
ENABLE_ROBUST_LOGGING . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 134
FAILOVER_RESTORE_MEDIA_SERVERS . . . . . . . . . . . . . . . . . . . . . . . . . . . . .134
FORCE_RESTORE_MEDIA_SERVER . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .135
GENERATE_ENGLISH_LOGS . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 135
INCOMPLETE_JOB_CLEAN_INTERVAL . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .135
INITIAL_BROWSE_SEARCH_LIMIT . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .136
LIMIT_BANDWIDTH . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 136
MEDIA_ID_PREFIX . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .139
MEDIA_UNMOUNT_DELAY . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .139
MEDIA_REQUEST_DELAY . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 140
MEDIA_SERVER . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .140
MPX_RESTORE_DELAY . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .140
MUST_USE_LOCAL_DRIVE . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 140
NBRB_CLEANUP_OBSOLETE_DBINFO . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 141
NBRB_ENABLE_OPTIMIZATIONS . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 141
NBRB_FORCE_FULL_EVAL . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 141
NBRB_REEVAL_PENDING . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 141
NBRB_REEVAL_PERIOD . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 142
NBRB_RETRY_DELAY_AFTER_EMM_ERR . . . . . . . . . . . . . . . . . . . . . . . . . . . . 142
NBRB_MPX_GROUP_UNLOAD_DELAY . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 142
RANDOM_PORTS . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 142
RE_READ_INTERVAL . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .143
Contents ix
REQUIRED_INTERFACE . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 143
REQUIRED_NETWORK . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 145
SERVER . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 145
SERVER_PORT_WINDOW . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 146
SERVER_RESERVED_PORT_WINDOW . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 146
SKIP_RESTORE_TO_SYMLINK_DIR . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 147
SERVER_CONNECT_TIMEOUT . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 148
UNLINK_ON_OVERWRITE . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 148
USE_VXSS . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 149
VERBOSE . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 149
VXSS_NETWORK . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 150
bp.conf Options for UNIX Clients . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 151
ALLOW_NON_RESERVED_PORTS . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 152
AUTHENTICATION_DOMAIN . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 152
BPARCHIVE_POLICY . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 153
BPARCHIVE_SCHED . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 153
BPBACKUP_POLICY . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 153
BPBACKUP_SCHED . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 153
BUSY_FILE_ACTION . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 154
BUSY_FILE_DIRECTORY . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 154
BUSY_FILE_NOTIFY_USER . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 155
BUSY_FILE_PROCESSING . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 155
CLIENT_NAME . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 155
CLIENT_PORT_WINDOW . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 156
CLIENT_READ_TIMEOUT . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 156
CLIENT_RESERVED_PORT_WINDOW . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 156
COMPRESS_SUFFIX . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 156
CRYPT_CIPHER . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 156
CRYPT_KIND . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 157
CRYPT_OPTION . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 157
x NetBackup System Administrator’s Guide for UNIX and Linux, Volume II
CRYPT_STRENGTH . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .158
CRYPT_LIBPATH . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 158
CRYPT_KEYFILE . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 159
DISALLOW_SERVER_FILE_WRITES . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 159
DO_NOT_RESET_FILE_ACCESS_TIME . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 160
GENERATE_ENGLISH_LOGS . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 160
IGNORE_XATTR . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .160
INFORMIX_HOME . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 160
INITIAL_BROWSE_SEARCH_LIMIT . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .161
KEEP_DATABASE_COMM_FILE . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 161
KEEP_LOGS_DAYS . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 161
LIST_FILES_TIMEOUT . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .161
LOCKED_FILE_ACTION . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 162
MEDIA_SERVER . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .162
MEGABYTES_OF_MEMORY . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 162
NFS_ACCESS_TIMEOUT . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 162
RANDOM_PORTS . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 162
RESTORE_RETRIES . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .163
REQUIRED_INTERFACE . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .163
SERVER_PORT_WINDOW . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 163
SERVER . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 163
SYBASE_HOME . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .164
USE_CTIME_FOR_INCREMENTALS . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 164
USE_FILE_CHG_LOG . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .164
USE_VXSS . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 165
USEMAIL . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 165
VERBOSE . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 165
VXSS_NETWORK . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 165
UNIX Client Examples . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 166
Example /usr/openv/netbackup/bp.conf File . . . . . . . . . . . . . . . . . . . . . . . . . . 166
Contents xi
Example $HOME/bp.conf File . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 166
Dynamic Host Name and IP Addressing . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 167
Setting up Dynamic IP Addresses and Host Names . . . . . . . . . . . . . . . . . . . . . . . . 168
Configuring the NetBackup Master Server . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 169
Configuring a Dynamic Microsoft Windows Client . . . . . . . . . . . . . . . . . . . . . . . . 171
Configuring a Dynamic UNIX NetBackup Client . . . . . . . . . . . . . . . . . . . . . . . . . . 171
Busy-File Processing (UNIX Clients Only) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 173
Getting Started . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 173
Modifying bp.conf to Configure Busy-File Processing . . . . . . . . . . . . . . . . . . . . . . 174
BUSY_FILE_PROCESSING . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 174
BUSY_FILE_DIRECTORY . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 174
BUSY_FILE_ACTION . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 174
Creating Action Files . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 176
Logs Directory . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 177
Modifying bpend_notify_busy . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 178
Configuring E-mail Notifications . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 179
Specifying the Locale of the NetBackup Installation . . . . . . . . . . . . . . . . . . . . . . . . . . . 180
Adjusting Time Zones in the NetBackup-Java Console . . . . . . . . . . . . . . . . . . . . . . . . 181
To set the time zone and Daylight Savings Time . . . . . . . . . . . . . . . . . . . . . . . . . 182
Chapter 4. Using bpadm . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 185
Starting bpadm . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 186
Defining and Managing Storage Units . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 187
Adding a Removable or Robotic Storage Unit . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 187
To add a removable or robotic storage unit . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 189
Adding a Disk Type Storage Unit . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 191
To add a disk type storage unit . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 193
Displaying and Changing Storage Unit Configurations . . . . . . . . . . . . . . . . . . . . . 194
To use the Storage Unit Management menu . . . . . . . . . . . . . . . . . . . . . . . . . . . . 194
Defining and Managing Storage Unit Groups . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 195
xii NetBackup System Administrator’s Guide for UNIX and Linux, Volume II
Adding a Storage Unit Group . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 195
To add a storage unit group . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 196
Displaying and Changing Storage Unit Group Configurations . . . . . . . . . . . . . . . 197
To view or change storage unit group configurations . . . . . . . . . . . . . . . . . . . . . . 197
Defining and Managing Policies . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 198
Adding a Policy . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 199
To add a policy . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .199
Displaying and Changing Policy Configurations . . . . . . . . . . . . . . . . . . . . . . . . . . . 203
To view or change policy configurations . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 203
Defining and Managing the Client List for a Policy . . . . . . . . . . . . . . . . . . . . . . . . .204
Adding Clients to a Policy . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 204
To add clients to a policy . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .204
Displaying Client Lists and Deleting Clients from a Policy . . . . . . . . . . . . . . . . 206
To view client lists or delete clients from a policy . . . . . . . . . . . . . . . . . . . . . . . . .206
Defining and Managing the Selections List for a Policy . . . . . . . . . . . . . . . . . . . . . . 207
Adding to a Selections List . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 207
To add entries to a selections list . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 207
Displaying and Changing a File List . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 209
To view file lists or delete files from a policy . . . . . . . . . . . . . . . . . . . . . . . . . . . . .209
Defining and Managing Schedules for a Policy . . . . . . . . . . . . . . . . . . . . . . . . . . . . .209
Adding a Schedule . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 209
To add either an automatic or user-directed schedule . . . . . . . . . . . . . . . . . . . . . . 209
Displaying and Modifying a Schedule . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 214
To view or modify schedules . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 214
Defining NetBackup Global Attributes . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 216
To list or modify Global attributes . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 217
Installing NetBackup Software on All Trusting Client Hosts . . . . . . . . . . . . . . . . . . . . 220
Displaying Reports . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .221
To view reports or change report parameters . . . . . . . . . . . . . . . . . . . . . . . . . . . . 221
To view media reports or change report parameters . . . . . . . . . . . . . . . . . . . . . . . 223
Contents xiii
Managing bprd (NetBackup Request Daemon) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 224
To manage the request daemon . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 224
Redefining Retention Levels . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 225
To redefine retention levels . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 225
Performing Manual Backups . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 227
To perform manual backups . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 227
Backing Up the NetBackup Catalog Files . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 228
Listing Catalog Backup Settings . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 229
Modifying Offline Catalog Backup Settings . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 232
Deleting Offline Catalog Backup Media ID . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 235
Performing Manual Offline Catalog Backups . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 235
Adding Backup File Paths to an Offline Catalog Backup . . . . . . . . . . . . . . . . . . . . 235
To add an offline catalog backup path . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 236
Removing Offline Catalog Backup File Paths . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 237
Configuring an Online Catalog Backup . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 238
To create an online catalog backup . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 238
Chapter 5. Reference Topics . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 241
Rules for Using Host Names in NetBackup . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 242
Qualifying Host Names . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 242
How NetBackup Uses Host Names . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 242
Server and Client Name on UNIX Servers and Clients . . . . . . . . . . . . . . . . . . . 242
Host Names on Windows Servers and PC Clients . . . . . . . . . . . . . . . . . . . . . . . 243
Policy Configuration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 243
Image Catalog . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 243
Error Catalog . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 244
Catalog Backup Information . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 244
How to Update NetBackup After a Host Name Changes . . . . . . . . . . . . . . . . . . . . 244
Special Considerations For Domain Name Service (DNS) . . . . . . . . . . . . . . . . . . . 245
Reading Backup Images with tar . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 247
xiv NetBackup System Administrator’s Guide for UNIX and Linux, Volume II
Effects of Using a Non-NetBackup tar . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 247
To restore files using a non-NetBackup tar . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 248
Possible Files Generated By tar . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 250
Factors Affecting Backup Time . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 250
Total Data . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 251
Transfer Rate . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .251
Compression . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 252
Device Delays . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .252
Determining NetBackup Transfer Rate . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 252
Network Transfer Rate . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .252
Network Transfer Plus End-of-Backup-Processing Rate . . . . . . . . . . . . . . . . . . . . . 253
Total Transfer Rate . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 253
Examples . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .253
How NetBackup Builds a Worklist . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 255
Building the Worklist (Queue) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 255
Prioritizing Queued Jobs . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 256
Determining Backup Media Requirements . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 257
NetBackup Notify Scripts . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 258
backup_notify . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .259
backup_exit_notify . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 259
bpstart_notify (UNIX clients only) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 260
bpstart_notify.bat (Microsoft Windows clients only) . . . . . . . . . . . . . . . . . . . . . 262
bpend_notify (UNIX clients only) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 265
bpend_notify.bat (Microsoft Windows clients only) . . . . . . . . . . . . . . . . . . . . . . 267
dbbackup_notify . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 269
diskfull_notify . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 270
mail_dr_info.sh . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 270
parent_end_notify . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 271
parent_start_notify . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 272
restore_notify . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 272
Contents xv
session_notify . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 273
session_start_notify . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 273
userreq_notify . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 273
Chapter 6. Using NetBackup With AFS . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 275
Installation . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 275
System Requirements . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 275
Server and Client Installation . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 275
Configuration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 275
General Policy Attributes . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 276
Client List . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 276
Backup Selections . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 276
Backup Selection List Directives . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 276
Regular Expressions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 277
Exclude and Include Lists . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 278
Backups and Restores . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 278
Backups . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 278
Automatic Backup . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 278
Manual Backup . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 278
Restores . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 278
Restore From the NetBackup for AFS Client . . . . . . . . . . . . . . . . . . . . . . . . . . . . 279
Restore From the NetBackup Master Server . . . . . . . . . . . . . . . . . . . . . . . . . . . . 279
Notes About Restores . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 279
Troubleshooting . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 280
Troubleshooting Backups . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 280
Troubleshooting Restores . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 281
Chapter 7. Intelligent Disaster Recovery . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 283
Changes for NetBackup 6.0 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 284
Supported Windows Editions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 284
Requirements for IDR . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 284
xvi NetBackup System Administrator’s Guide for UNIX and Linux, Volume II
Overview of IDR Use . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 285
About the DR Files . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 286
Configuring NetBackup Policies for IDR . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 287
Backing Up the System to be Protected . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 288
Creating IDR Media . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .288
Choosing the Bootable Media . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 289
Creating Bootable Diskettes . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 290
To create bootable diskettes . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 290
Modifying Diskette Sets for Use with Multiple Windows 2000 Computers . . 291
Creating a Bootable CD Image . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 292
To create a bootable CD image . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 292
Creating IDR Diskettes . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 293
To create IDR diskettes . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 294
Updating IDR Media . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 294
Updating a Bootable CD . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .295
Updating Bootable Diskettes . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .295
To update IDR bootable diskettes . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 295
Updating IDR Diskettes Only . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .296
To update IDR diskettes using IDR Preparation Wizard . . . . . . . . . . . . . . . . . . . 296
Using drfile.exe to Create or Update a DR File . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 297
Recovering Your Computer . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 297
Step 1: Boot Your Computer . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 298
To boot a computer using a bootable diskette . . . . . . . . . . . . . . . . . . . . . . . . . . . . 298
To boot from a bootable CD . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 299
Step 2: Windows Setup in IDR Recovery . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 299
To use Windows setup in IDR recovery . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 299
Step 3: Disaster Recovery Wizard . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .300
To use the Disaster Recovery Wizard . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 300
Notes on Altering Hard Drive Partition Sizes . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .304
Notes on Recovering Specific Platforms . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .304
Contents xvii
Recovering the Dell PowerEdge 6100/200 with RAID . . . . . . . . . . . . . . . . . . . . . . 304
Use the following steps with your IDR recovery diskette set . . . . . . . . . . . . . . . . 304
Recovering IBM Computers . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 305
Recovering Compaq Computers . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 305
IDR Frequently Asked Questions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 305
Index . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 309
xviii NetBackup System Administrator’s Guide for UNIX and Linux, Volume II

Preface

This guide describes how to configure and manage the operation of VERITAS NetBackup™ Server and VERITAS NetBackup Enterprise Server for UNIX and Linux platforms. See the NetBackup Release Notes for a list of the hardware and operating system levels that NetBackup supports.
To determine the version and release date of installed software, see the version file located here in /usr/openv/netbackup

Getting Help

You can find answers to questions and get help from the NetBackup documentation and from the VERITAS technical support web site.

Finding NetBackup Documentation

A list of the entire NetBackup documentation set appears as an appendix in the NetBackup Release Notes. All NetBackup documents are included in PDF format on the NetBackup
Documentation CD.
For definitions of NetBackup terms, consult the online glossary.
To access the NetBackup online glossary
1. In the NetBackup Administration Console, click Help > Help Topics.
2. Click the Contents tab.
3. Click Glossary of NetBackup Terms.
Use the scroll function to navigate through the glossary.
xix
Getting Help

Accessing the VERITAS Technical Support Web Site

The address for the VERITAS Technical Support Web site is http://support.veritas.com.
The VERITAS Support Web site lets you do any of the following:
Obtain updated information about NetBackup, including system requirements,
supported platforms, and supported peripherals
Contact the VERITAS Technical Support staff and post questions to them
Get the latest patches, upgrades, and utilities
View the NetBackup Frequently Asked Questions (FAQ) page
Search the knowledge base for answers to technical support questions
Receive automatic notice of product updates
Find out about NetBackup training
Read current white papers related to NetBackup
From http://support.veritas.com, you can complete various tasks to obtain specific types of support for NetBackup:
1. Subscribe to the VERITAS Email notification service to be informed of software alerts,
newly published documentation, Beta programs, and other services.
a. From the main http://support.veritas.com page, select a product family and a
product.
b. Under Support Resources, click Email Notifications.
Your customer profile ensures you receive the latest VERITAS technical information pertaining to your specific interests.
2. Locate the telephone support directory at http://support.veritas.com by clicking the
Phone Support icon. A page appears that contains VERITAS support numbers from around the world.
Note Telephone support for NetBackup is only available with a valid support
contract. To contact VERITAS for technical support, dial the appropriate phone number listed on the Technical Support Guide included in the product box and have your product license information ready for quick navigation to the proper support group.
3. Contact technical support using e-mail.
xx NetBackup System Administrator’s Guide for UNIX and Linux, Volume II
a. From the main http://support.veritas.com page, click the E-mail Support icon.
A wizard guides you to do the following:
Select a language of your preference
Select a product and a platform
Provide additional contact and product information, and your message
Associate your message with an existing technical support case
b. After providing the required information, click Send Message.

Contacting VERITAS Licensing

For license information, you can contact us as follows:
Call 1-800-634-4747 and select option 3
Fax questions to 1-650-527-0952
In the Americas, send e-mail to amercustomercare@veritas.com.
In the Asia and Pacific areas, send email to apaccustomercare@veritas.com.
In all other areas, send email to internationallicense@veritas.com.

Accessibility Features

Accessibility Features
NetBackup contains features that make the user interface easier to use by people who are visually impaired and by people who have limited dexterity. Accessibility features include:
Support for assistive technologies such as screen readers and voice input (Windows
servers only)
Support for keyboard (mouseless) navigation using accelerator keys and mnemonic
keys
For more information, see the NetBackup Installation Guide.
Preface xxi

Comment on the Documentation

Comment on the Documentation
Let us know what you like and dislike about the documentation. Were you able to find the information you needed quickly? Was the information clearly presented? You can report errors and omissions or tell us what you would find useful in future versions of our manuals and online help.
Please include the following information with your comment:
The title and product version of the manual on which you are commenting
The topic (if relevant) on which you are commenting
Your c omme nt
Your n ame
Email your comment to NBDocs@veritas.com.
Please only use this address to comment on product documentation. See “Getting Help” in this preface for information on how to contact Technical Support about our software.
We appreciate your feedback.
xxii NetBackup System Administrator’s Guide for UNIX and Linux, Volume II

Access Management

Access to NetBackup can be controlled by defining user groups and granting explicit permissions to these groups. Configuring user groups and assigning permissions is done using Access Management in the NetBackup Administration Console.
This chapter discusses how to set up and manage access to NetBackup. It contains the following sections:
NetBackup Access Management Components” on page 2
Installation Overview” on page 5
Installing and Configuring Access Control for Master Servers” on page 8
Installing and Configuring Access Control for Media Servers” on page 12
Installing and Configuring Access Control for Clients” on page 15
Installing the Authentication Service Root Broker (Root + AB)” on page 18
Installing the Authorization Server” on page 21
Configuring Access Control Host Properties” on page 23
Access Management Troubleshooting Guidelines” on page 28
Using the Access Management Utility” on page 54
Determining Who Can Access NetBackup” on page 56
1
Note Access Management and Enhanced Authorization and Authentication (see Chapter 2) are
independent methods of Access Control. Access Management is the newest and will be the preferred method in future NetBackup releases. If both Access Management and Enhanced Authorization and Authentication are configured, Access Management takes precedence.
Note If some media servers are not configured with access control,
non-root/non-administrator users will not be able to manage those servers.
1

NetBackup Access Management Components

NetBackup Access Management Components
NetBackup uses the VERITAS Security Services (VxSS) to help implement core security. VxSS is a set of shared VERITAS infrastructure services, installed from one of the infrastructure common services CDs containing VxSS for your platform. The CDs are packaged as part of NetBackup.
Note NetBackup Access Management relies on the use of home directories. Please see the
documentation for your operating system for more information on home directories.
Note In order for members of the NBU_Operator user group to continue viewing media
and device information, run the following command:
bpnbaz -UpGrade60
Running this command brings the NetBackup 5.x permissions for the NBU_Operator user group up to the expected configuration for 6.0.

VxSS Components

When you install VxSS, you’re installing and configuring the following services and client software:
Authentication (At Server, At Client)
Authentication is the process of proving your identity to the VxSS system. Authentication is accomplished by communicating with the daemon which, in turn, validates your identity with the operating system.
For more information on authentication or the authentication daemon (vxatd), see the VERITAS Security Services Administrator’s Guide found on one of the infrastructure common services CDs containing VxSS for your platform.
Authorization (Az Server, Az Client)
Authorization is the process of verifying that an identity has permission to perform the desired action. NetBackup verifies permissions with the authorization daemon for most actions. In many cases, NetBackup alters what information is accessible from the command line and Administration Console.
For more information on authorization or the authorization daemon (vxazd), see the VERITAS Security Services Administrator’s Guide found on one of the infrastructure common services CDs containing VxSS for your platform.
2 NetBackup System Administrator’s Guide for UNIX and Linux, Volume II
NetBackup Access Management Components

Root Broker

A Root Broker is a NetBackup server that has VxSS Authentication Server installed and is configured to be a Root Broker. There is always one Root Broker in every NetBackup Access Management configuration.
The Root Broker acts as the most trusted certificate authority, implementing a registration authority for Authentication Brokers, as well as itself.
While a Root Broker can authenticate an Authentication Broker, an Authentication Broker cannot authenticate a Root Broker.
In many cases, the Root Broker will also be an Authentication Broker. This chapter describes installing VxSS services, then it describes configuring the NetBackup server to be a Root Broker and an Authentication Broker (Root Broker + AB). For more information on the authentication Root Broker, see the VERITAS Security Services Administrator’s Guide found on one of the infrastructure common services CDs containing VxSS for your platform.

Authentication Brokers

An Authentication Broker is a server that has VxSS Authentication Server installed. This machine is part of the Root Broker’s private Access Management domain. An Authentication Broker can authenticate clients, but not other brokers.
The member of the NetBackup Security Administrator user group can choose which Authentication Broker a client should contact for authentication. (See “Example
Configuration Containing Windows Systems Only” on page 29 or “Example Configuration Containing UNIX Systems Only” on page 35 for a depiction of this
configuration.)
For example:
A Windows 2000 client uses a Windows Authentication Broker for authentication.
A UNIX client uses a UNIX Authentication Broker for authentication.
For more information on authentication brokers, see the VERITAS Security Services
Administrator’s Guide found on one of the infrastructure common services CDs containing VxSS for your platform.

Security Administrator

The user who installs and configures VxSS software for use with NetBackup Access Management is, by default, a member of the NBU_Security Admin user group. This chapter will refer to a member of the NBU_Security Admin group as a Security Administrator. Users can be added to the group, but there are usually few members.
Chapter 1, Access Management 3
NetBackup Access Management Components
Members of the NBU_Security Admin user group are the only users who can view the contents of Access Management > Users and Access Management > NBU User Groups in the NetBackup Administration Console. Security Administrators are the only users allowed to create user groups, assign users to the groups, and define permissions for the groups. However, Security Administrators, by default, do not have permission to perform any other NetBackup administration activities. (See “Security Administrator
(NBU_Security Admin)” on page 58.)
4 NetBackup System Administrator’s Guide for UNIX and Linux, Volume II

Installation Overview

For a detailed installation description, see “Installing and Configuring Access Control
for Master Servers” on page 8.

Order for Installation

1. Complete all NetBackup master server installations:
a. Complete Root + AB installation of VxSS Authentication server.
b. Complete VxSS Authorization server installation.
c. Configure master servers for NetBackup Access Control. See “Installing and
Configuring Access Control for Master Servers” on page 8.
2. Complete all NetBackup media server installations, then configure media servers for
NetBackup Access Control. See “Installing and Configuring Access Control
for Media Servers” on page 12.
3. Complete all NetBackup client installations, then configure clients for NetBackup
Access Control. See “Installing and Configuring Access Control for Clients” on page 15.
Installation Overview

Order for Upgrade

Use the following order for upgrading any NetBackup machine that uses NetBackup Access Control.
1. Stop NetBackup.
2. Upgrade VxSS.
3. Configure Access Control on the NetBackup machines. See:
Installing and Configuring Access Control for Master Servers” on page 8.
Installing and Configuring Access Control for Media Servers” on page 12.
Installing and Configuring Access Control for Clients” on page 15.
Chapter 1, Access Management 5
Installation Overview

Including VxSS Databases in the NetBackup Catalog Backup

In NetBackup environments which use the online, hot catalog backup method, no additional configuration is needed in order to include the VxSS Authorization and Authentication databases in the catalog backup.
In environments which use the offline, cold catalog backup method, one additional step is required:
Within the NetBackup Catalog Wizard or on the Files tab of the offline catalog configuration dialog, add the following directives for each host in the NBAC domain:
Note If the master server using
[
host
:]nbat
[
host
:]nbaz
NBAC is a UNIX machine, VERITAS recommends that you do not include the NetBackup master server configuration file (/usr/openv/netbackup/bp.conf) in the offline catalog backup file list. If bp.conf is included in the list, it must not be recovered until all other catalog recovery is completed.

VxSS Component Distribution

The VxSS components can be distributed throughout a configuration, just as NetBackup can distribute master servers, media servers and clients.
Note Although the Authentication broker and Authorization broker can technically be
placed on any machine, VERITAS currently recommends that the root Authentication broker and Authorization broker be placed on the NetBackup master server. At a minimum, the root Authentication broker must reside on the master server.
6 NetBackup System Administrator’s Guide for UNIX and Linux, Volume II
Installation Overview
For specific VxSS installation information, refer to the VERITAS Security Services Installation Guide, found on the VxSS installation CD.
NetBackup Installation Required Authentication Required Authorization
Component Component
Master server At server Az server
Media server At client Az client
Client At client None
Windows Remote Administration At client Az client Console (only)
Java Windows Display Console (only)* At client None
Java Display Console At client None
*The At client is required for all Java consoles. Concerning the Java Windows Display Console, the At client must be installed on the Windows host before installing the Java Windows Display Console. This ensures that the Windows Display Console is configured correctly to use the VxSS component successfully.
Note While it is possible to share the Enterprise Media Manager server between multiple
master servers, this configuration is not supported when using Access Control. The EMM server must be bound to one master server.
The following sections describe some actions you can take to verify that the components are correctly installed in a mixed environment:
Windows Verification Points” on page 28
UNIX Verification Points” on page 35
Verification Points in a Mixed Environment with a UNIX Master Server” on page 41
Verification Points in a Mixed Environment with a Windows Master Server” on
page 46
UNIX Verification Points” on page 35
Chapter 1, Access Management 7

Installing and Configuring Access Control for Master Servers

Installing and Configuring Access Control for Master Servers
The following steps describe configuring NetBackup Access Control for the master server in a NetBackup configuration. A master server requires Authentication Server and Client software and Authorization Server and Client software.
Throughout this chapter, in the configuration examples we’ll refer to the following host names:
Windows UNIX
Master Servers win_master unix_master
Media Servers win_media unix_media
Clients win_client unix_client
1. If this is an upgrade installation, stop NetBackup.
2. Using one of the infrastructure common services CDs containing VxSS for your
platform, install both the VxSS Authentication Server and Client software on the master server. This master server will be a Root + AB (Authentication Broker).
See “Installing the Authentication Service Root Broker (Root + AB)” on page 18 and the VERITAS Security Services Installation Guide on the VxSS installation CD.
3. Using one of the infrastructure common services CDs containing VxSS for your
platform, install the VxSS Authorization Server and Client software on the master server. To do this, you must perform a custom installation.
See “Installing the Authorization Server” on page 21 and the VERITAS Security Services Installation Guide on one of the infrastructure common services CDs containing VxSS for your platform.
4. Complete all NetBackup master server installations or upgrades.
5. Create a machine account for the master server. Make sure that the Authentication
and the Authorization services are running. See “UNIX Verification Points” on page 35 or “Windows Verification Points” on page 28.
The command in this step must be run as either root (UNIX) or as a member of the local Administrator group (Windows) on the Root+AB Authentication broker. For more information about this step, see “Configuring Authentication on the Root Broker
for Use with NetBackup” on page 19.
8 NetBackup System Administrator’s Guide for UNIX and Linux, Volume II
Loading...
+ 308 hidden pages