Veritas NetBackup™ Deduplication Guide
- Introducing the NetBackup media server deduplication option
- Planning your deployment
- About MSDP storage and connectivity requirements
- About NetBackup media server deduplication
- About NetBackup Client Direct deduplication
- About MSDP remote office client deduplication
- About MSDP performance
- MSDP deployment best practices
- Provisioning the storage
- Licensing deduplication
- Configuring deduplication
- Configuring the Deduplication Multi-Threaded Agent behavior
- Configuring the MSDP fingerprint cache behavior
- Configuring MSDP fingerprint cache seeding on the storage server
- About MSDP Encryption using KMS service
- Configuring a storage server for a Media Server Deduplication Pool
- Configuring a disk pool for deduplication
- Configuring a Media Server Deduplication Pool storage unit
- About MSDP optimized duplication within the same domain
- Configuring MSDP optimized duplication within the same NetBackup domain
- Configuring MSDP replication to a different NetBackup domain
- About NetBackup Auto Image Replication
- Configuring a target for MSDP replication to a remote domain
- Creating a storage lifecycle policy
- Resilient Network properties
- Editing the MSDP pd.conf file
- About protecting the MSDP catalog
- Configuring an MSDP catalog backup
- Configuring deduplication to the cloud with NetBackup CloudCatalyst
- Using NetBackup CloudCatalyst to upload deduplicated data to the cloud
- Configuring a CloudCatalyst storage server for deduplication to the cloud
- Monitoring deduplication activity
- Viewing MSDP job details
- Managing deduplication
- Managing MSDP servers
- Managing NetBackup Deduplication Engine credentials
- Managing Media Server Deduplication Pools
- Changing a Media Server Deduplication Pool properties
- Configuring MSDP data integrity checking behavior
- About MSDP storage rebasing
- Managing MSDP servers
- Recovering MSDP
- Replacing MSDP hosts
- Uninstalling MSDP
- Deduplication architecture
- Troubleshooting
- About unified logging
- About legacy logging
- Troubleshooting MSDP installation issues
- Troubleshooting MSDP configuration issues
- Troubleshooting MSDP operational issues
- Troubleshooting CloudCatalyst issues
- CloudCatalyst logs
- Problems encountered while using the Cloud Storage Server Configuration Wizard
- Disk pool problems
- Problems during cloud storage server configuration
- CloudCatalyst troubleshooting tools
- Appendix A. Migrating to MSDP storage
Adding a trusted master server using NetBackup CA-signed (host ID-based) certificate
Replication operations require that a trust relationship exists between the NetBackup servers in the different domains.
Perform the following steps on both the source and the target server:
Identify the NetBackup versions that are installed on the source and the target servers.
Obtain the authorization tokens of the remote server.
Use the bpnbat command to log on and nbcertcmd to get the authorization tokens.
Obtain the fingerprints for the remote server.
To obtain the SHA1 fingerprint of root certificate, use the nbcertcmd -displayCACertDetail command.
Ensure that you have one of the following permissions:
System administrator permissions with root permissions for UNIX, administrator permissions for Windows, or a NetBackupCLI user for a 3.1 NetBackup appliance.
Access to the NetBackup Administration Console, where you have <username> ADMIN=ALL permissions through
auth.conf
.Enhanced Auditing (EA) user permissions through
authalias.conf
.For remote Windows master server, if the user's domain is not same as that of the authentication service, you must add the domain with LDAP using the vssat addldapdomain command. See the NetBackup Commands Reference Guide.
Also, this user must have RBAC security administrator permissions. See the NetBackup Web UI Security Administrator's Guide.
Use this procedure to add a trusted master server when both the source and target servers are NetBackup version 8.1 or later.
See Adding a trusted master server using external CA-signed certificate.
To add a trusted master server, when both the source and the target servers are NetBackup version 8.1 or later
- In the NetBackup Administration Console, expand NetBackup Management > Host Properties > Master Servers in the left pane.
- In the right pane, select the master server and Actions > Properties.
- In the properties dialog box left pane, select Servers.
- On the Trusted Master Servers tab, click Add.
- Enter the fully-qualified host name of the remote master server and click Validate Certificate Authority.
- In the Validate Certificate Authority dialog box, verify if the CA certificate fingerprint of the remote server is correct.
To proceed, click Yes.
If the fingerprints don't match, click No. Contact the remote server admin to provide the correct fingerprints.
- Enter the trusted master server details using one of the following methods.
(Recommended) Select Specify authentication token of the trusted master server and enter the token details of the remote master server.
Select Specify credentials of the trusted master server and enter the user name and password. Note that this method may present a possible security breach. Only an authentication token can provide restricted access and allow secure communication between both the hosts.
To establish trust with a 3.1 NetBackup master appliance, use the NetBackup CLI credentials.
- Click OK.
- Perform the same procedure on the remote master server that you added in step 5.
Use this procedure to add a trusted master server when both the source and target servers are NetBackup version 8.0.
To add a trusted master server, when both the source and the target server are NetBackup version 8.0
- Ensure that the Enable insecure communication with NetBackup 8.0 and earlier hosts option is enabled in the global security settings.
- In the NetBackup Administration Console, expand NetBackup Management > Host Properties > Master Servers in the left pane.
- In the right pane, select the master server and Actions > Properties.
- In the properties dialog box left pane, select Servers.
- On the Trusted Master Servers tab, click Add.
- Enter the fully-qualified host name of the remote master server and click Validate Certificate Authority.
- Enter the Username and Password of the remote master server host.
- Click OK.
See About trusted master servers for Auto Image Replication.
See Configuring MSDP replication to a different NetBackup domain.
For details on usage reporting in the web UI, see the NetBackup Web UI for Backup Administrator's Guide.
For more information on commands, see the NetBackup Commands Reference Guide. For details on the authalias.conf
, see the NetBackup Security and Encryption Guide.