Important Update: Cohesity Products Documentation

All Cohesity product documentation are now managed via the Cohesity Docs Portal: https://docs.cohesity.com/HomePage/Content/home.htm. Some documentation available here may not reflect the latest information or may no longer be accessible.

NetBackup™ Web UI Administrator's Guide

Last Published:
Product(s): NetBackup (11.1.0.2)
  1. Section I. About NetBackup
    1. Introducing NetBackup
      1.  
        About NetBackup
      2.  
        NetBackup web UI features
      3.  
        NetBackup documentation
      4. NetBackup administration interfaces
        1.  
          About security certificates for NetBackup hosts
        2.  
          First-time sign in to the NetBackup web UI
        3.  
          Sign in to the NetBackup web UI
        4.  
          Sign out of the NetBackup web UI
      5.  
        Using the NetBackup web UI
      6.  
        Terminology
    2. Administering NetBackup licenses
      1.  
        About NetBackup licenses
      2.  
        Add licenses
      3.  
        View licenses
      4.  
        Renew licenses
      5.  
        Remove licenses
  2. Section II. Monitoring and notifications
    1. Monitoring NetBackup activity
      1.  
        The NetBackup dashboard
      2. Activity monitor
        1.  
          Monitor NetBackup daemons
        2.  
          Monitor NetBackup processes
      3. Job monitoring
        1.  
          Workloads that require a custom RBAC role for specific job permissions
        2.  
          View a job
        3.  
          Expand or collapse rows in the Jobs tab
        4.  
          View the jobs in the List view
        5.  
          View the jobs in the Hierarchy view
        6.  
          Jobs: cancel, suspend, restart, resume, delete
        7.  
          View the logs for a job
        8.  
          Search for or filter jobs in the jobs list
        9.  
          Create a jobs filter
        10.  
          Edit, copy, or delete a jobs filter
        11.  
          Import or export job filters
        12.  
          Collect logs for Cohesity Technical Support
        13.  
          View the status of a redirected restore
        14. Troubleshooting the viewing and managing of jobs
          1.  
            Job actions not available for workload administrators with limited RBAC permissions on assets
    2. Device monitor
      1.  
        About the Device Monitor
      2.  
        About media mount errors
      3. About pending requests and actions
        1.  
          About pending requests for storage units
        2.  
          Resolve a pending request
        3.  
          Resolve a pending action
        4.  
          Resubmit a pending request
        5.  
          Deny a pending request
    3. Notifications
      1. Job notifications
        1. Send email notifications for job failures
          1.  
            Status codes that generate alerts
        2.  
          Send notifications to the backup administrator about failed backups
        3.  
          Send notifications to a host administrator about backups
        4.  
          Configure the nbmail.cmd script on the Windows hosts
      2. NetBackup event notifications
        1.  
          View notifications
        2.  
          Modify or disable NetBackup event notifications in the web UI
        3.  
          NetBackup event types supported with notifications
        4.  
          About configuring automatic notification cleanup tasks
    4. Registering the data collector
      1.  
        About the data collector
      2.  
        Register the data collector with Alta View
      3.  
        Renew the Alta View token
      4.  
        Register the data collector with IT Analytics
      5.  
        View and modify the data collector registration
      6.  
        Unregister the data collector
  3. Section III. Configuring hosts
    1. Managing host properties
      1.  
        Overview of host properties
      2.  
        View or edit the host properties of a server or client
      3.  
        Host information and settings in Host properties
      4.  
        Reset a host's attributes
      5.  
        Active Directory properties
      6.  
        Backup pool host properties
      7. Busy file settings properties
        1.  
          Activating the Busy file settings in host properties
      8.  
        Clean up properties
      9.  
        Client name properties
      10. Client attributes properties
        1. General tab of the Client attributes properties
          1.  
            Offline option usage considerations and restrictions
          2.  
            Where deduplication should occur
        2.  
          Connect options tab of the Client attributes properties
        3.  
          Windows open file backup tab of the Client attributes properties
      11. Client settings properties for UNIX clients
        1.  
          VxFS file change log (FCL) for incremental backups property
      12. Client settings properties for Windows clients
        1.  
          How to determine if change journal support is useful in your NetBackup environment
        2.  
          Guidelines for enabling NetBackup change journal support
      13.  
        Cloud Storage properties
      14.  
        Credential access properties
      15. Data Classification properties
        1.  
          Add a data classification
      16. Default job priorities properties
        1.  
          Understanding the job priority setting
      17.  
        Distributed application restore mapping properties
      18. Encryption properties
        1.  
          Additional encryption methods for Windows clients
      19.  
        Enterprise Vault properties
      20.  
        Enterprise Vault hosts properties
      21. Exchange properties
        1.  
          About the Exchange credentials in the client host properties
      22. Exclude list properties
        1.  
          Add an entry to an exclude list
        2.  
          Add an exception to the exclude list
        3. Syntax rules for exclude lists
          1.  
            Example of a Windows client exclude list
          2.  
            Example of a UNIX exclude list
        4.  
          About creating an include list on a UNIX client
        5.  
          Traversing excluded directories
      23. Fibre Transport properties
        1.  
          About Linux concurrent FT connections
      24.  
        Firewall properties
      25. General server properties
        1.  
          Forcing restores to use a specific server
      26. Global attributes properties
        1.  
          About constraints on the number of concurrent jobs
        2.  
          Setting up mailx email client
      27. Logging properties
        1.  
          Logging levels
      28.  
        Lotus Notes properties
      29. Media properties
        1.  
          Results when media overwrites are not permitted
        2.  
          Recommended use for Enable SCSI reserve property
      30.  
        Network properties
      31. Network settings properties
        1.  
          Reverse host name lookup property
        2.  
          Use the IP address family property
      32.  
        Nutanix AHV access hosts
      33. Port ranges properties
        1.  
          Registered ports and dynamically-allocated ports
      34. Preferred network properties
        1.  
          Add or edit a Preferred network setting
        2.  
          How NetBackup uses the directives to determine which network to use
        3.  
          Configurations to use IPv6 networks
        4.  
          Configurations to use IPv4 networks
        5.  
          Order of directive processing in the Preferred network properties
        6.  
          bptestnetconn utility to display Preferred network information
        7.  
          Configuration to prohibit using a specified address
        8.  
          Configuration to prefer a specified address
        9.  
          Configuration that restricts NetBackup to one set of addresses
        10.  
          Configuration that limits the addresses, but allows any interfaces
      35.  
        Properties setting in host properties
      36.  
        RHV access hosts properties
      37. Resilient network properties
        1.  
          View the resiliency status of a client
        2.  
          About Resilient jobs
        3.  
          Resilient connection resource usage
        4.  
          Specify resilient connections for clients
      38.  
        Resource limit properties
      39. Restore failover properties
        1.  
          Assigning an alternate media server as a failover restore server
      40. Retention periods properties
        1.  
          Changing a retention period
        2.  
          Determining retention periods for volumes
      41. Scalable Storage properties
        1.  
          Configuring advanced bandwidth throttling settings
        2.  
          Advanced bandwidth throttling settings
      42. Servers properties
        1.  
          Add a server to a servers list
        2.  
          Remove a server from a servers list
        3.  
          Enable inter-node authentication for a NetBackup clustered primary server
        4.  
          Changing the primary server that performs backups and restores for a client
      43. SharePoint properties
        1.  
          Consistency check options for SharePoint Server
      44. SLP settings properties
        1.  
          About batch creation logic in Storage Lifecycle Manager
      45.  
        Throttle bandwidth properties
      46.  
        Timeouts properties
      47.  
        Universal settings properties
      48.  
        UNIX client properties
      49.  
        UNIX Server properties
      50.  
        User account settings properties
      51.  
        VMware access hosts properties
      52.  
        Windows client properties
      53.  
        Configuration options not found in the host properties
      54.  
        About using commands to change the configuration options on UNIX or Linux clients and servers
    2. Managing credentials for workloads and systems that NetBackup accesses
      1.  
        Overview of credential management in NetBackup
      2.  
        Adding credentials in NetBackup
      3.  
        Add a credential for NetBackup Callhome Proxy
      4.  
        Add a credential for cloud KMS
      5.  
        Add a credential for an external KMS
      6.  
        Add a credential for Network Data Management Protocol (NDMP)
      7.  
        Add a credential for proxy server
      8. Add a credential for WebSocket server
        1.  
          WebSocket endpoint details and their formatting
        2.  
          Credentials for WebSocket server
      9. Add a configuration for an external CMS server
        1.  
          Configure external credentials
        2. Add a credential for CyberArk
          1.  
            Certificate revocation lists for CyberArk server
        3.  
          Edit or delete the configuration for an external CMS server
        4.  
          Troubleshooting the external CMS server issue
      10.  
        Edit or delete a named credential
      11.  
        Edit or delete Network Data Management Protocol (NDMP) credentials in NetBackup
    3. Managing deployment
      1.  
        About the deployment policies utility
      2.  
        Managing the NetBackup Package repository
      3.  
        Update host
      4. Deployment policies
        1.  
          Attributes tab in Deployment management
        2.  
          Hosts tab in Deployment management
        3.  
          Schedules tab in Deployment management
        4.  
          Security options tab in Deployment management
      5.  
        Copy a deployment policy
      6.  
        Manually deploy a deployment policy
      7.  
        Deployment job status
  4. Section IV. Configuring storage
    1. Overview of storage options
      1.  
        About storage configuration
    2. Configuring disk storage
      1.  
        Create a Media Server Deduplication Pool storage server
      2. Create an MSDP server for MSDP volume group (MVG)
        1.  
          Create the MVG volume
      3. Integrating MSDP Cloud and CMS
        1.  
          Migrating or updating MSDP Cloud and CMS
      4.  
        Create a Media Server Deduplication Pool (MSDP) storage server for image sharing
      5.  
        Create an AdvancedDisk storage server
      6.  
        Create an OpenStorage (OST) storage server
      7.  
        Create a Cloud Connector server
      8.  
        Edit a storage server
      9.  
        Edit storage server credentials
      10. About configuring disk pool storage
        1.  
          Create a disk pool
        2.  
          Edit a disk pool
      11.  
        Share images from an on-premises location to the cloud
      12.  
        Overview of universal shares
      13. About the MSDP object store
        1.  
          Configuring the MSDP object store
        2.  
          Resetting the MSDP object store root user credentials
    3. Managing media servers
      1.  
        Add a media server
      2.  
        Activate or deactivate a media server
      3.  
        Stop or restart the media device manager
      4.  
        About NetBackup server groups
      5.  
        Add a server group
      6.  
        Delete a server group
    4. Configuring storage units
      1.  
        Overview of storage units
      2.  
        About configuring BasicDisk storage
      3.  
        Create a storage unit
      4.  
        Edit storage unit settings
      5.  
        Copy a storage unit
      6.  
        Delete a storage unit
      7.  
        Tape storage unit considerations
      8. Disk storage unit considerations
        1.  
          About the disk storage model
        2.  
          Configure the NetBackup service credentials for CIFS storage and disk storage units
        3.  
          Disk storage units in storage lifecycle policies
        4.  
          Maintain the available disk space on disk storage units
      9.  
        NDMP storage unit considerations
    5. Configuring storage unit groups
      1.  
        Overview
      2.  
        Create storage unit groups
      3.  
        Storage unit selection criteria within a group
      4.  
        Edit storage unit groups
    6. Configuring robots and tape drives
      1.  
        NetBackup robot types
      2.  
        About the device mapping files
      3.  
        Downloading the device mapping files
      4.  
        Prerequisites for configuring robots and drives
      5. About configuring robots and tapes drives in NetBackup
        1.  
          About device discovery
        2.  
          About device serialization
        3. About robot control
          1.  
            Library sharing example
        4.  
          About drive name rules
      6.  
        Configure drives and robots by using the wizard
      7.  
        Configure drive name rules
      8.  
        Update the device configuration by using the wizard
      9.  
        Robot properties and configuration options
      10.  
        Robot control (robot configuration options)
      11. Managing robots
        1.  
          Change the robot control properties of a robot
        2.  
          Delete a robot
      12.  
        Adding a shared tape drive to a NetBackup environment
      13.  
        Correlating tape drives and SCSI addresses on Windows hosts
      14. Correlating tape drives and device files on UNIX hosts
        1.  
          UNIX device correlation example
      15. Managing tape drives
        1.  
          Change a drive comment
        2.  
          About downed drives
        3.  
          Change a drive operating mode
        4.  
          Change the operating mode for a drive path
        5.  
          Clean a tape drive
        6.  
          Delete a drive
        7.  
          Reset a drive
        8.  
          Reset the mount time of a drive
        9.  
          Set the drive cleaning frequency
        10.  
          View drive details
      16.  
        Verifying the device configuration
      17.  
        About automatic path correction
      18.  
        Enable automatic path correction
      19.  
        Replacing a device
      20.  
        Updating device firmware
      21.  
        About the NetBackup Device Manager
      22.  
        About external access to NetBackup controlled devices on UNIX
    7. Configuring tape media
      1.  
        About NetBackup tape volumes
      2. About NetBackup volume pools
        1.  
          About reserved volume pool name prefixes
        2.  
          About scratch volume pools
      3.  
        About NetBackup volume groups
      4.  
        NetBackup media types
      5. About WORM media
        1. About using volume pools to manage WORM media
          1.  
            About using a WORM scratch pool
        2.  
          About using unique drive and media types to manage WORM media
        3.  
          Disabling WORM volume pool name verification
        4.  
          About WORM media and the Quantum drive
        5.  
          Supported WORM drives
      6. About adding volumes
        1.  
          About adding robotic volumes
        2.  
          About adding standalone volumes
      7.  
        About configuring media name and attribute rules
      8. Add a volume
        1.  
          Volume properties
      9. About barcodes
        1. About barcode rules
          1.  
            About NetBackup actions for barcodes
          2.  
            Example barcode rules
      10.  
        Configure media settings
      11. Configure barcode rules
        1.  
          Barcode rules settings
      12. Configure media type mappings
        1.  
          About adding media type mapping entries
        2.  
          Default and allowable media types
      13. Configure media ID generation rules
        1.  
          Media ID generation options
      14.  
        About media type mapping rules
      15. Managing volumes
        1.  
          Edit a volume
        2.  
          About rules for moving volumes between groups
        3. About moving volumes
          1.  
            Move volumes
        4.  
          Delete a volume
        5.  
          Changing the media owner of a volume
        6.  
          Change the group of a volume
        7.  
          Rescan and update barcodes
        8. About injecting and ejecting volumes
          1.  
            Inject volumes into robots
          2.  
            Eject volumes
          3.  
            Media ejection timeout periods
        9. About recycling a volume
          1.  
            Recycling a volume and using the existing media ID
          2.  
            Recycling a volume and using a new media ID
        10.  
          Label a volume
        11.  
          Erase a volume
        12. About exchanging a volume
          1.  
            Exchanging a volume and using a new media ID
          2.  
            Exchanging a volume and using the old media ID
        13. About frozen media
          1.  
            Freeze or unfreeze a volume
        14.  
          Suspend or unsuspend volumes
        15.  
          About assigning and deassigning volumes
      16. Managing volume pools
        1.  
          Add a volume pool
        2.  
          Edit or delete a volume pool
        3.  
          Volume pool properties
      17. Managing volume groups
        1.  
          Delete a volume group
        2.  
          Move a volume group
      18.  
        About media sharing
      19.  
        Configure unrestricted media sharing
      20.  
        Configure media sharing with a server group
    8. Inventorying robots
      1.  
        About robot inventory
      2.  
        When to inventory a robot
      3. About showing a robot's contents
        1.  
          About inventory results for API robots
      4.  
        Show the media in a robot
      5.  
        About comparing a robot's contents with the volume configuration
      6.  
        Compare media in a robot with the volume configuration
      7.  
        Preview volume configuration changes for a robot
      8.  
        About updating the NetBackup volume configuration
      9.  
        Update the NetBackup volume configuration with a robot's contents
      10.  
        Robot inventory options
      11.  
        Advanced options for robot inventory settings
    9. Staging backups
      1.  
        About staging backups
      2.  
        About basic disk staging
      3.  
        Create a BasicDisk storage unit with disk staging
      4.  
        Disk staging storage unit size and capacity
      5.  
        Finding potential free space on a BasicDisk disk staging storage unit
      6.  
        Schedule settings for disk staging
    10. Troubleshooting storage configuration
      1.  
        Registering a media server
      2.  
        Storage configuration issues
  5. Section V. Configuring storage lifecycle policies (SLPs)
    1. Configuring storage lifecycle policies
      1.  
        About storage lifecycle policies
      2. Creating a storage lifecycle policy
        1.  
          Modifying the hierarchy of operations in a storage lifecycle policy
      3.  
        Delete a storage lifecycle policy
      4.  
        Lifecycle operation administration using the nbstlutil command
    2. Storage operations
      1.  
        Operation types in a storage lifecycle policy
      2.  
        Backup operation in an SLP
      3.  
        Backup From Snapshot operation in an SLP
      4.  
        Duplication operation in an SLP
      5.  
        Import operation in an SLP
      6. Index From Snapshot operation in an SLP
        1.  
          Determining where and when the Index From Snapshot operation occurs
      7.  
        Replication operation in an SLP
      8. Snapshot operation in an SLP
        1.  
          Primary snapshot storage unit
        2.  
          Primary + Replication source snapshot storage unit
        3.  
          Replication source + Replication target snapshot storage unit
        4.  
          Replication target snapshot storage unit
        5.  
          Replication source + Replication target + Mirror snapshot storage unit
        6.  
          Replication target + Mirror snapshot storage unit
      9.  
        Creating a hierarchy of storage operations in a storage lifecycle policy
    3. Retention types for SLP operations
      1.  
        Retention types for storage lifecycle policy operations
      2. Capacity managed retention type for SLP operations
        1.  
          Rules and recommendations for using the Capacity Managed retention type
        2.  
          Capacity managed retention type and disk types that support SIS
      3.  
        Expire after copy retention type for SLP operations
      4.  
        Fixed retention type for SLP operations
      5.  
        Maximum snapshot limit retention type for SLP operations
      6.  
        Mirror retention type for SLP operations
      7.  
        Target retention type for SLP operations
    4. Storage lifecycle policy options
      1.  
        Storage lifecycle policy settings
      2. SLP settings
        1.  
          Properties tab for an SLP operation
        2.  
          Window tab
        3.  
          Create a new window for a storage lifecycle policy operation
        4.  
          Exclude dates from a window for a storage lifecycle policy operation
      3.  
        Storage lifecycle policy Validation report tab
    5. Using a storage lifecycle policy to create multiple copies
      1.  
        About writing multiple copies using a storage lifecycle policy
      2.  
        How the order of the operations determines the copy order
      3.  
        About ensuring successful copies using lifecycles
    6. Storage lifecycle policy versions
      1.  
        About storage lifecycle policy versions
      2.  
        Storage lifecycle changes and versioning
      3.  
        When changes to storage lifecycle policies become effective
      4.  
        Deleting old storage lifecycle policy versions
  6. Section VI. Configuring backups
    1. Overview of backups in the NetBackup web UI
      1.  
        Backup methods supported in the NetBackup web UI
      2.  
        Policy vs. protection plan FAQs
      3.  
        Support for NetBackup policies
      4.  
        Supported protection plan types
    2. Managing policies
      1.  
        About the Policies utility
      2. Planning for policies
        1.  
          Windows example of one client in multiple policies
        2.  
          Policy attributes that affect how clients are grouped in policies
        3.  
          About Microsoft DFSR backups and restores
      3.  
        Add a policy
      4.  
        About the Epic-Large-File policy type
      5.  
        Example policy - Exchange Server DAG backup
      6.  
        Example policy - Sharded MongoDB cluster
      7.  
        Example policy - Epic-Large-File
      8.  
        Edit a policy
      9.  
        Edit attributes for multiple policies at the same time
      10.  
        Edit multiple clients at a time
      11.  
        Edit the settings for multiple schedules at a time
      12.  
        Copy or delete a policy
      13.  
        Deactivate or activate a policy
      14.  
        Manage permissions for policies
      15.  
        About automanaged policies or storage lifecycle policies
      16.  
        View automanaged policies and SLPs
      17.  
        Perform manual backups
    3. Managing protection plans
      1.  
        Create a protection plan
      2.  
        Customizing protection plans
      3.  
        Edit or delete a protection plan
      4.  
        Subscribe an asset or an asset group to a protection plan
      5.  
        Unsubscribe an asset from a protection plan
      6.  
        View protection plan overrides
      7.  
        Copy a protection plan policy (automanaged policy) to a classic policy
      8.  
        About Backup now
    4. Protecting the NetBackup catalog
      1.  
        About the NetBackup catalog
      2. Catalog backups
        1.  
          The catalog backup process
        2.  
          Prerequisites for backing up the NetBackup catalog
        3.  
          Configuring catalog backups
        4.  
          Backing up NetBackup catalogs manually
        5.  
          Concurrently running catalog backups with other backups
        6.  
          Catalog policy schedule considerations
        7.  
          How catalog incrementals and standard backups interact on UNIX
        8.  
          Determining whether or not a catalog backup succeeded
        9.  
          Strategies that ensure successful NetBackup catalog backups
      3.  
        Disaster recovery emails and the disaster recovery files
      4.  
        Disaster recovery packages
      5.  
        Set the passphrase to encrypt disaster recovery packages
      6.  
        Recovering the catalog
    5. Managing backup images
      1.  
        About the Catalog utility
      2.  
        Catalog utility search criteria and backup image details
      3.  
        Verify backup images
      4.  
        Promote a copy to a primary copy
      5. Duplicate backup images
        1.  
          Multiplexed duplication considerations
        2.  
          Jobs that appear while making multiple copies
      6.  
        Expire backup images
      7. About importing backup images
        1.  
          About importing expired images
        2.  
          Import backup images, Phase I
        3.  
          Import backup images, Phase II
      8. Replicate copy of backup image to target NetBackup domain
        1.  
          Storage lifecycle policies (SLP) for Replication
    6. Pausing data protection activity
      1.  
        Pause backups and other activity
      2.  
        Allow the automatic pause of data protection activity
      3.  
        Pause backups and other activity on a client
      4.  
        View paused backups and other paused activities
      5.  
        Resume data protection activity
  7. Section VII. Configuring replication
    1. About NetBackup replication
      1.  
        About NetBackup replication
      2. About NetBackup Auto Image Replication
        1.  
          One-to-many Auto Image Replication model
        2.  
          Cascading Auto Image Replication model
        3.  
          About the domain relationship for replication
        4.  
          About the replication topology for Auto Image Replication
        5. Viewing the replication topology for Auto Image Replication
          1.  
            Sample volume properties output for MSDP replication
          2.  
            Sample volume properties output for OpenStorage backup replication
        6.  
          About trusted primary servers for Auto Image Replication
        7. About the storage lifecycle policies required for Auto Image Replication
          1.  
            Replicating to all inter-domain targets or to a specific target
          2.  
            Customizing how nbstserv runs duplication and import jobs
        8.  
          About Auto Image Replication import confirmation
        9.  
          Auto Image Replication setup overview
        10.  
          How to resolve volume changes for Auto Image Replication
        11. Removing or replacing replication relationships in an Auto Image Replication configuration
          1.  
            Adding or removing a replication relationship between two storage servers
          2.  
            Removing all replication relationships between a domain and a storage server
          3.  
            Replacing all replication relationships between a domain and a storage server
          4.  
            Removing or replacing all replication relationships involving a storage server
          5.  
            Example: Replacing a storage server in a non-targeted Auto Image Replication configuration
          6.  
            Example: Replacing a storage server in a cascading, targeted Auto Image Replication configuration
        12.  
          About restoring from a backup at a target primary domain
        13.  
          Reporting on Auto Image Replication jobs
      3.  
        About NetBackup Replication Director
  8. Section VIII. Performing restores
    1. Performing restores from the NetBackup web UI
      1.  
        About server-directed restores
      2.  
        Restoring files and directories of tape media
    2. Managing client restores
      1. About client-redirected restores
        1.  
          About restore restrictions
        2.  
          Allowing all clients to perform redirected restores
        3.  
          Allowing a single client to perform redirected restores
        4.  
          Allowing redirected restores of a specific client's files
        5.  
          Examples of redirected restores
  9. Section IX. Managing security
    1. Security events and audit logs
      1.  
        View security events and audit logs
      2. About NetBackup auditing
        1.  
          User identity in the audit report
        2.  
          Audit retention period and catalog backups of audit records
        3.  
          Viewing the detailed NetBackup audit report
      3.  
        Send audit events to system logs
      4.  
        Send audit events to log forwarding endpoints
    2. Managing security certificates
      1.  
        About security management and certificates in NetBackup
      2.  
        NetBackup host IDs and host ID-based certificates
      3. Manage NetBackup security certificates
        1.  
          Reissue a NetBackup certificate
        2.  
          Manage NetBackup certificate authorization tokens
      4. Using external security certificates with NetBackup
        1.  
          Configure an external certificate for the NetBackup web server
        2.  
          Remove the external certificate configured for the web server
        3.  
          Update or renew the external certificate for the web server
        4.  
          View external certificate information for the NetBackup hosts in the domain
        5. Configuring rotation of external CA-issued certificates for host communication
          1.  
            Configure rotation of external certificates for a host
          2.  
            View certificate renewal status for a host
          3.  
            Delete uploaded certificate artifacts for a host
    3. Managing host mappings
      1.  
        View host security and mapping information
      2.  
        Approve or add mappings for a host that has multiple host names
      3.  
        Example host mappings
      4.  
        Remove mappings for a host that has multiple host names
    4. Configuring KMS
      1.  
        Configure cloud KMS
      2.  
        Add a key in NetBackup to use the cloud KMS server
    5. Minimizing security configuration risk
      1.  
        About security configuration risk
      2.  
        Security settings to be configured to minimize risk
      3.  
        Set the current posture as security baseline
      4.  
        Manage security baseline
      5.  
        Manage security baseline from Alta View UI
    6. Configuring multiperson authorization
      1.  
        About multiperson authorization
      2.  
        Workflow to configure multiperson authorization for NetBackup operations
      3.  
        RBAC roles and permissions for multiperson authorization
      4.  
        multiperson authorization process with respect to roles
      5.  
        NetBackup operations that need multiperson authorization
      6.  
        Configure multiperson authorization
      7.  
        View multiperson authorization tickets
      8.  
        Manage multiperson authorization tickets
      9.  
        Add exempted users
      10.  
        Schedule expiration and purging of multiperson authorization tickets
      11.  
        Disable multiperson authorization
    7. Configuring freeze mode
      1.  
        About freeze mode in NetBackup
      2.  
        Freeze mode options
      3.  
        Enable freeze mode
      4.  
        Edit freeze mode configuration options
      5.  
        Disable freeze mode
      6.  
        Disable freeze mode using command-line interface
    8. Configuring network control access of NetBackup web API
      1.  
        About controlling network access of the NetBackup web API
      2.  
        Workflow to configure network access control for NetBackup web service
      3.  
        RBAC roles and permissions for network access control configuration
      4.  
        Configure the network access control option
    9. Managing user sessions
      1.  
        Terminate a NetBackup user session
      2.  
        Unlock a NetBackup user
      3.  
        Configure when idle sessions should time out
      4.  
        Configure the maximum of concurrent user sessions
      5.  
        Configure the maximum of failed sign-in attempts
      6.  
        Display a banner to users when they sign in
    10. Configuring multifactor authentication
      1.  
        About multifactor authentication
      2.  
        Configure multifactor authentication for your user account
      3.  
        Disable multifactor authentication for your user account
      4.  
        Enforce multifactor authentication for all users
      5.  
        Configure multifactor authentication for your user account when it is enforced in the domain
      6.  
        Reset multifactor authentication for a user
    11. Managing the global security settings for the primary server
      1.  
        View the Certificate authority for secure communication
      2.  
        Disable communication with NetBackup 8.0 and earlier hosts
      3.  
        Disable automatic mapping of NetBackup host names
      4.  
        Configure the global data-in-transit encryption setting
      5.  
        About NetBackup certificate deployment security levels
      6.  
        Select a security level for NetBackup certificate deployment
      7.  
        About TLS session resumption
      8.  
        Set a passphrase for disaster recovery
      9.  
        Validate the disaster recovery package passphrase
      10. About trusted primary servers
        1.  
          About the certificate to use to add a trusted primary server
        2.  
          Add a trusted primary server
        3.  
          Remove a trusted primary server
      11.  
        Configure the audit retention period
    12. Using access keys, API keys, and access codes
      1.  
        Access keys
      2. API keys
        1.  
          Add an API key or view API key details (Administrators)
        2.  
          Edit, reissue, or delete an API key (Administrators)
        3.  
          Add an API key or view your API key details
        4.  
          Edit, reissue, or delete your API key
        5.  
          Use an API key with NetBackup REST APIs
      3. Access codes
        1.  
          Request CLI access through web UI authentication
        2.  
          Approve the CLI access request of another user
        3.  
          Edit the settings for command-line access
    13. Configuring authentication options
      1.  
        Sign-in options for the NetBackup web UI
      2. Configure user authentication with smart cards or digital certificates
        1.  
          Configure smart card authentication with a domain
        2.  
          Configure smart card authentication without a domain
        3.  
          Edit the configuration for smart card authentication
        4.  
          Add or delete a CA certificate that is used for smart card authentication
        5.  
          Disable or temporarily disable smart card authentication
      3.  
        About single sign-on (SSO) configuration
      4. Configure NetBackup for single sign-on (SSO)
        1.  
          Configure the SAML KeyStore
        2.  
          Configure the SAML keystore and add and enable the IDP configuration
        3.  
          Enroll the NetBackup primary server with the IDP
        4.  
          Manage an IDP configuration
        5.  
          Video: Configure single sign-on in NetBackup
      5. Troubleshooting SSO
        1.  
          Redirection issues
        2.  
          Unable to sign in due to authorization-related issues
    14. Managing role-based access control (RBAC)
      1.  
        RBAC features
      2.  
        Authorized users
      3. Configuring RBAC
        1.  
          Notes for using NetBackup RBAC
        2.  
          Add AD or LDAP domains
        3.  
          View users in RBAC
        4.  
          Add a user to a role (non-SAML)
        5.  
          Add a smart card user to a role (non-SAML, without AD/LDAP)
        6.  
          Add a user to a role (SAML)
        7.  
          Remove a user from a role
      4.  
        Default RBAC roles
      5. Add a custom RBAC role
        1.  
          Edit a custom role
        2.  
          Add a custom RBAC role to restore Azure-managed instances
        3.  
          Add a custom RBAC role for a PaaS administrator
        4.  
          Add a custom RBAC role for a Malware administrator
        5.  
          Remove a custom role
      6.  
        Role permissions
      7.  
        Manage access permission
      8.  
        View access definitions
    15. Disabling access to NetBackup interfaces for OS Administrators
      1.  
        Disable command-line (CLI) access for operating system (OS) administrators
      2.  
        Disable web UI access for operating system (OS) administrators
  10. Section X. Detection and reporting
    1. Detecting anomalies
      1. About backup anomaly detection
        1.  
          How a backup anomaly is detected
      2.  
        Configure backup anomaly detection settings
      3.  
        View backup anomalies
      4.  
        Disable backup anomaly detection and computation of entropy and file attributes for a client
      5.  
        About system anomaly detection
      6.  
        Configure system anomaly detection settings
      7.  
        Configure rules-based anomaly detection
      8.  
        Configure risk engine-based anomaly detection
      9.  
        View system anomalies
    2. Compute host
      1.  
        About compute hosts
      2.  
        Add a compute host
      3.  
        Activate a compute host
      4.  
        Deactivate a compute host
      5.  
        Edit a compute host
      6.  
        Delete a compute host
      7.  
        Configure compute host settings
    3. Malware scanning
      1. About malware scanning
        1. Workflow for malware scanning
          1.  
            Malware scanning workflow for MSDP backup images using Agentless host as the scan host
          2.  
            Malware scanning workflow for the MSDP backup images that use the NetBackup client as the scan host
          3.  
            Malware scanning workflow for OST and AdvancedDisk
      2. Configuring a scan host pool
        1.  
          Prerequisites for scan host pool
        2.  
          Configure a new scan host pool
        3.  
          Add a new host in a scan host pool
      3. Managing a scan host
        1.  
          Add an existing scan host
        2.  
          Validating the scan host pool configuration
        3.  
          Remove the scan host
        4.  
          Activate or deactivate the scan host
        5.  
          Managing credentials for malware scanning
      4.  
        Configure resource limits for malware detection
      5. Perform a malware scan
        1.  
          Scanning backup images
        2.  
          Assets by policy type
        3.  
          Assets by workload type
      6. Managing scan tasks for malware and YARA scanning
        1.  
          View the malware scan status
        2.  
          Actions for malware scanned images
        3.  
          Recover from malware-affected images (clients protected by policies)
        4.  
          Recover from malware-affected images (clients protected by protection plan)
        5.  
          Clean file recovery for virtual workload (VMware)
    4. Threat library
      1.  
        About threat library and YARA rule files
      2.  
        Add threat feeds
      3.  
        Delete threat feeds
    5. YARA scanning
      1.  
        About YARA scanning
      2.  
        Workflow to configure YARA scanning
      3.  
        Scanning backup images with YARA scanner
      4.  
        Assets by workload type for YARA scanning
    6. Usage reporting and capacity licensing
      1.  
        Track protected data size on your primary servers
      2.  
        Add a local primary server
      3.  
        View license types in usage reporting
      4.  
        Download usage reports
      5.  
        Scheduling reports for capacity licensing
      6.  
        Other configuration for incremental reporting
      7.  
        Troubleshooting failures for usage reporting and incremental reporting
    7. Reports
      1.  
        About the reports utility
      2.  
        Run a report
      3.  
        Copy a report text to another document
  11. Section XI. NetBackup workloads and NetBackup Flex Scale
    1. NetBackup SaaS Protection
      1.  
        Overview of NetBackup for SaaS
      2.  
        Adding NetBackup SaaS Protection Hubs
      3.  
        Configuring the autodiscovery frequency
      4.  
        Viewing asset details
      5.  
        Configuring permissions
      6.  
        Troubleshooting SaaS workload issues
    2. NetBackup Flex Scale
      1. Managing NetBackup Flex Scale
        1.  
          Access NetBackup from the Flex Scale infrastructure management console
        2.  
          Manage NetBackup and the NetBackup Flex Scale cluster management from the NetBackup Flex Scale web UI
        3.  
          Access NetBackup Flex Scale from the NetBackup web UI
    3. NetBackup workloads
      1.  
        Protection of other asset types and clients
  12. Section XII. Administering NetBackup
    1. Management topics
      1.  
        Configuring the NetBackup Client Service
      2.  
        Units of measure used with NetBackup
      3.  
        NetBackup naming conventions
      4.  
        Wildcard use in NetBackup
    2. Managing client backups and restores
      1.  
        About setting the original atime for files during restores on UNIX
      2.  
        About the backup and restore of compressed files on VxFS file systems
      3.  
        About backups and restores on ReFS
    3. Powering down and rebooting NetBackup servers
      1.  
        Shut down and restart NetBackup servers
      2.  
        Shut down and start up all NetBackup services and daemons
      3.  
        Restart a NetBackup server
      4.  
        Restart a NetBackup media server
    4. About Granular Recovery Technology
      1.  
        About installing and configuring Network File System (NFS) for Active Directory Granular Recovery
      2. About configuring Services for Network File System (NFS)
        1.  
          Enabling Services for Network File System (NFS) on a media server
        2.  
          Enabling Services for Network File System (NFS) on a client
        3.  
          Disabling the Client for NFS on the media server
        4.  
          Disabling the Server for NFS
      3.  
        Configuring a UNIX media server and Windows clients for backups and restores that use Granular Recovery Technology (GRT)
      4.  
        Configuring a different network port for NBFSD
  13. Section XIII. Disaster recovery and troubleshooting
    1. Disaster recovery of NetBackup
      1.  
        About disaster recovery of NetBackup
    2. Managing Resiliency Platforms
      1.  
        About Resiliency Platform in NetBackup
      2.  
        Understanding the terms
      3. Configuring a Resiliency Platform
        1.  
          Add a Resiliency Platform
        2.  
          Configure a third-party CA certificate
        3.  
          Edit or delete a Resiliency Platform
        4.  
          View the automated or not-automated VMs
      4.  
        Troubleshooting NetBackup and Resiliency Platform issues
    3. Managing Bare Metal Restore (BMR)
      1.  
        About Bare Metal Restore (BMR)
      2.  
        Add a custom role for a Bare Metal Restore (BMR) administrator
    4. Troubleshooting the NetBackup Web UI
      1.  
        Tips for accessing the NetBackup web UI
      2.  
        If a user doesn't have the correct permissions or access in the NetBackup web UI
      3.  
        Unable to validate the user or group when configuring LDAP server
  14. Section XIV. Other topics
    1. WebSocket Service for communication with a cloud application
      1.  
        About the NetBackup WebSocket Service
      2.  
        Task overview for setting up NBWSS communication
      3.  
        Notes on NetBackup connections to cloud-applications
      4.  
        NBWSS message formats
      5.  
        API calls over NBWSS
      6.  
        NBWSS notifications
      7. Examples of NBWSS messages
        1.  
          NetBackup requests a connection to the endpoint
        2.  
          The cloud application asks to make a REST API call
        3.  
          NetBackup notification messages for a backup job
        4.  
          Other NetBackup notification messages

Examples of redirected restores

This topic provides some example configurations that allow clients to restore the files that were backed up by other clients. These methods may be required when a client connects through a gateway or has multiple Ethernet connections.

In all cases, the requesting client must have access to an image database directory on the primary server or the requesting client must be a member of an existing NetBackup policy.

  • On Windows: install_path\NetBackup\db\images\client_name

  • On UNIX: /usr/openv/netbackup/db/images/client_name

Note:

Not all file system types on all computers support the same features. Problems can be encountered when a file is restored from one file system type to another. For example, the S51K file system on an SCO computer does not support symbolic links nor does it support names greater than 14 characters long. You may want to restore a file to a computer that doesn't support all the features of the computer from which the restore was performed. In this case, all files may not be recovered.

In the following examples, assume the following conditions:

  • client1 is the client that requests the restore.

  • client2 is the client that created the backups that the requesting client wants to restore.

  • On Windows: install_path is the path where you installed the NetBackup software. By default, this path is C:\Program Files\Cohesity NetBackup.

    Note:

    On Windows: You must have the necessary permissions to perform the following steps.

    On UNIX: You must be a root user for any of the steps that must be performed on the NetBackup server. You may also need to be a root user to make the changes on the client.

Example of a redirected client restore

Assume you must restore files to client1 that were backed up from client2. The client1 and client2 names are those specified by the NetBackup client name setting on the clients.

On Windows:

  1. Log on to the NetBackup server.
  2. Add client2 to the following file and perform one of the following:

    • Edit install_path\NetBackup\db\altnames\client1 to include the name of client2.

    • Create the following empty file:

      install_path\NetBackup\db\altnames\No.Restrictions

On UNIX:

  1. Log on as root on the NetBackup server.
  2. Perform one of the following actions:

    • Edit /usr/openv/netbackup/db/altnames/client1 so it includes the name of client2. Or,

    • Run the touch command on the following file:

      /usr/openv/netbackup/db/altnames/No.Restrictions

      Note:

      The No.Restrictions file allows any client to restore files from client2.

  3. Log on to client1 and change the NetBackup client name to client2.
  4. Restore the file.
  5. Undo the changes that were made on the server and client.
Example of a redirected client restore using the altnames file

This example explains how altnames provides restore capabilities to clients that do not use their own host name when they connect to the NetBackup server.

By default, the NetBackup client name of the requesting client must match the peer name that is used in the connection to the NetBackup server. When the NetBackup client name is the host name for the client and matches the peer name (normal case), this requirement is met.

However, problems arise when clients connect to multiple ethernet or connect to the NetBackup server through a gateway.

Figure: Example restore from a token ring client

Example restore from a token ring client

In this example, restore requests from client1, client2, and client3 are routed through the TCP gateway. Because the gateway uses its own peer name rather than the client host names for connection to the NetBackup server, NetBackup refuses the requests. Clients cannot restore even their own files.

To correct the situation, do the following

  1. Determine the peer name of the gateway:

    • Try a restore from the client in question. In this example, the request fails with an error message similar to the following:

      client is not validated to use the server

    • Examine the NetBackup problems report and identify the peer name that is used on the request. Entries in the report may be similar to the following:

      01/29/12 08:25:03 bpserver - request from invalid server or client client1.dvlp.null.com

      In this example, the peer name is client1.dvlp.null.com.

  2. Do one of the following:

    On Windows: Determine the peer name, then create the following file on the NetBackup primary server:

    install_path\NetBackup\db\altnames\peername

    In this example, the file is:

    install_path\NetBackup\db\altnames\client1.dvlp.null.com

    On UNIX: Run the touch command on the following file:

    /usr/openv/netbackup/db/altnames/peername

    In this example, the file is:

    /usr/openv/netbackup/db/altnames/client1.dvlp.null.com

  3. Edit the peername file so that it includes the client names.

    For example, if you leave file client1.dvlp.null.com empty, client1, client2, and client3 can all access the backups that correspond to their NetBackup client name setting.

    If you add the names client2 and client3 to the file, you give these two clients access to NetBackup file restores, but exclude client1.

    Note that this example requires no changes on the clients.

  4. Restore the files.
Example of how to troubleshoot a redirected client restore using the altnames file

If you cannot restore files with a redirected client restore by using the altnames file, troubleshoot the situation, as follows.

On Windows:

  1. Create the debug log directory for the NetBackup Request Daemon:

    install_path\NetBackup\logs\bprd

  2. On the primary server, stop and restart the NetBackup Request Daemon. Restart the service to ensure that this service is running in verbose mode and logs information regarding client requests.
  3. On client1 (the requesting client), try the file restore.
  4. On the primary server, identify the peer name connection that client1 uses.
  5. Examine the debug log for the NetBackup Request Daemon to identify the failing name combination:

    Examine the failure as logged on the All log entries report. Or, examine the debug log for the NetBackup Request Daemon to identify the failing name combination:

    install_path\NetBackup\logs\bprd\mmddyy.log

  6. On the primary server, do one of the following:

    • Create an install_path\NetBackup\db\altnames\No.Restrictions file. The file allows any client to access client2 backups if the client changes its NetBackup client name setting to client2.

    • Create an install_path\NetBackup\db\altnames\peername file. The file allows client1 to access client2 backups if client1 changes its NetBackup client name setting to client2.

    • Add client2 name to the following file: install_path\NetBackup\db\altnames\peername.

    • client1 is allowed to access backups on client2 only.

  7. On client1, change the NetBackup client name setting to match what is specified on client2.
  8. Restore the files from client1.
  9. Perform the following actions:

    • Delete install_path\NetBackup\logs\bprd and the contents.

    • In the NetBackup web UI, open the host properties for the primary server. Click Logging. Clear the Keep logs for days setting.

  10. If you do not want the change to be permanent, do the following:

    • Delete install_path\NetBackup\db\altnames\No.Restrictions (if existent).

    • Delete install_path\NetBackup\db\altnames\peername (if existent).

    • On client1, change the NetBackup client name to its original value.

On UNIX:

  1. On the NetBackup primary server, add the VERBOSE entry and a logging level to the bp.conf file. For example:
    VERBOSE = 3
  2. Create the debug log directory for bprd by running the following command:

    mkdir /usr/openv/netbackup/logs/bprd

  3. On the NetBackup server, stop the NetBackup Request Daemon, bprd, and restart it in verbose mode by running:
    /usr/openv/netbackup/bin/admincmd/bprdreq -terminate
/usr/openv/netbackup/bin/bprd -verbose

    Restart bprd to ensure that bprd logs information regarding client requests.

  4. On client1, try the file restore.
  5. On the NetBackup server, identify the peer name connection that client1 used.

    Examine the bard debug log to identify the failing name combination:

    Examine the failure as logged on the All log entries report or examine the bard debug log to identify the failing name combination:

    /usr/openv/netbackup/logs/bprd/log.date

  6. On the NetBackup server enter the following command:

    mkdir -p /usr/openv/netbackup/db/altnames touch /usr/openv/netbackup/db/altnames/No.Restrictions

    This command allows any client access to client2 backups by changing its NetBackup client name setting to specify the client2.

  7. Run the touch command on the following file:

    /usr/openv/netbackup/db/altnames/peername

    The command allows client1 access to any client2 backups by changing its NetBackup client name setting to specify client2.

  8. Add client2 to the /usr/openv/netbackup/db/altnames/peername file. The addition to the peername file allows client1 access to the backups that were created on client2 only.
  9. On client1, change the NetBackup client name setting in the user interface to match what is specified on client2.
  10. Restore the files to client1.
  11. Do the following:

    • Delete the VERBOSE entry from the /usr/openv/netbackup/bp.conf file on the primary server.

    • Delete /usr/openv/netbackup/logs/bprd and the contents.

  12. Return the configuration to what it was before the restore.

    • Delete /usr/openv/netbackup/db/altnames/peer.or.hostname (if it exists)

    • Delete /usr/openv/netbackup/db/altnames/No.Restrictions (if it exists)

    • On client1, restore the NetBackup client name setting to its original value.

More Information

Allowing a single client to perform redirected restores

Allowing redirected restores of a specific client's files