Veritas NetBackup™ Appliance Administrator's Guide

Last Published:
Product(s): Appliances (5.1.1)
Platform: NetBackup Appliance OS
  1. Overview
    1.  
      About NetBackup appliances
    2.  
      About the Primary Server role
    3.  
      About the media server role
    4. About accessing the NetBackup Appliance Web Console
      1.  
        Web browsers supported by the appliance
      2.  
        Disabling the Untrusted Connection page in Mozilla Firefox
    5. About the NetBackup Appliance Shell Menu
      1.  
        Logging in to the NetBackup Appliance Shell Menu
      2.  
        Limitations of the NetBackup Appliance Shell Menu
      3.  
        Command limitations on appliances that are not configured
    6. About appliance console components
      1.  
        About using the links on the title bar
      2.  
        Accessing and using help
      3.  
        About using Web browser bookmarks
      4.  
        Avoiding CSRF (Cross Site Request Forgery)
    7.  
      About the NetBackup Appliance Web Console login page
    8.  
      NetBackup appliance home page
    9.  
      Common tasks in NetBackup appliance
    10.  
      About the NetBackup appliance documentation
  2. Monitoring the NetBackup appliance
    1.  
      About monitoring the NetBackup appliance
    2. About hardware monitoring and alerts
      1. Monitor > Hardware options
        1.  
          Hardware components that are monitored
      2.  
        About Email notification from a NetBackup appliance
    3. About Symantec Data Center Security on the NetBackup appliance
      1.  
        Monitor > SDCS Events
      2.  
        Viewing SDCS audit log details
      3.  
        Filtering SDCS audit logs
      4.  
        Setting the SDCS audit log retention specification
      5. About Symantec Data Center Security Downloads
        1.  
          Downloading the IPS and IDS policies from the NetBackup appliance
      6.  
        Connecting to the SDCS server
      7.  
        Revert SDCS to unmanaged mode on a NetBackup appliance
  3. Managing a NetBackup appliance from the NetBackup Appliance Web Console
    1.  
      About the Manage views
    2. About storage configuration
      1.  
        Manage > Storage
      2.  
        Manage > Storage > Shares
      3.  
        About Universal shares migration
      4.  
        Checking partition details
      5.  
        Resizing a partition
      6.  
        Resize dialog
      7.  
        Troubleshooting resize-related issues
      8.  
        Moving a partition
      9.  
        Move dialog
      10.  
        Moving the MSDP partition from a base disk to an expansion disk for optimum performance
      11.  
        Scanning storage devices from the NetBackup Appliance Web Console
      12.  
        Adding the storage space from a newly available disk
      13.  
        Removing an existing storage disk
      14.  
        Monitoring the progress of storage manipulation tasks
      15.  
        Scanning storage devices using the NetBackup Appliance Shell Menu
      16. About Copilot functionality and Share management
        1.  
          About Optimized Shares and the Optimized Share Reserve
        2.  
          Creating a Share
        3.  
          Editing a Share
        4.  
          Deleting a Share
        5.  
          Moving a Share
        6.  
          Creating the Optimized Share Reserve
        7.  
          Deleting the Optimized Share Reserve
        8.  
          Viewing Share information from the NetBackup Appliance Shell Menu
        9.  
          NFS export options
      17. About viewing storage space information using the Show command
        1.  
          Viewing all storage information
        2.  
          Viewing disk information
        3.  
          Viewing partition information
        4.  
          Viewing the partition distribution on disks
      18.  
        About storage email alerts
    3. About appliance supported tape devices
      1.  
        Adding external robots to the NetBackup appliance
    4. About configuring Host parameters for your appliance
      1.  
        Manage > Host > Data Buffer options
      2.  
        Configuring data buffer parameters
      3.  
        Manage > Host > Lifecycle options
      4.  
        Configuring lifecycle parameters
      5. About configuring deduplication solutions
        1.  
          Adding the deduplication solution to a 52xx media appliance
        2.  
          Manage > Host > Deduplication
        3.  
          Configuring deduplication parameters
      6. About BMR integration
        1.  
          Manage > Host > Advanced options
        2.  
          Enabling BMR from the NetBackup Appliance Web Console
      7. Manage > Host > IPMI options
        1.  
          Resetting the IPMI
    5. Manage > Appliance Restore
      1. About creating an appliance checkpoint
        1.  
          Creating an appliance checkpoint
        2.  
          Checkpoint creation status
        3.  
          Creating an appliance checkpoint from the appliance shell menu
      2. About rollback to a checkpoint
        1.  
          About appliance rollback
        2.  
          About appliance rollback validation
        3.  
          Rollback to an appliance checkpoint from the NetBackup Appliance Web Console
        4.  
          About checkpoint rollback status
        5.  
          Rollback to an appliance checkpoint from the appliance shell menu
      3. About NetBackup appliance factory reset
        1.  
          Factory reset best practices
        2.  
          Starting a factory reset from the appliance shell menu
    6. Manage > License
      1.  
        Managing license keys on the NetBackup appliance
      2.  
        Adding a permanent license key if an evaluation license key expires
      3.  
        Generate and install an appliance license
    7. About the Migration Utility
      1.  
        Manage > Migration Utility > Configure Migration
      2.  
        Manage > Migration Utility > Migration Status
      3.  
        Configuring a new migration task
      4.  
        Viewing the migration task status
      5.  
        Best practices for migration utility
    8. Software release updates for NetBackup Appliances
      1.  
        Manage > Software Updates
      2.  
        Installing a NetBackup appliance software update using the NetBackup Appliance Shell Menu
      3.  
        Appliance servers to upgrade
      4.  
        Installing NetBackup PSF add-ons using the NetBackup Appliance Shell Menu
    9. About installing EEBs
      1.  
        Installing an EEB
    10. About installing NetBackup Administration Console and client software
      1.  
        Installing NetBackup client software through an NFS share
      2.  
        Downloading NetBackup client packages to a client from a NetBackup appliance
    11. Manage > Additional Servers
      1.  
        Managing additional servers to the appliance
    12.  
      Manage > File Manager
    13. Manage > High Availability
      1.  
        Monitoring a high availability configuration from the NetBackup Appliance Web Console
  4. Managing NetBackup appliance using the NetBackup Appliance Shell Menu
    1.  
      Expanding the bandwidth on the NetBackup appliance
    2.  
      About configuring the maximum transmission unit size
    3. About OpenStorage plugin installation
      1.  
        Installing the OpenStorage plugin
      2.  
        Uninstalling the OpenStorage plugin
    4. About mounting a remote NFS
      1.  
        Mounting a remote NFS drive
      2.  
        Unmounting an NFS drive
    5. About running NetBackup commands from the appliance
      1. About NetBackup administrator capabilities
        1.  
          Running NetBackup commands from the NetBackup appliance
        2. Creating a NetBackup touch file from the NetBackup appliance
          1.  
            Loading the NetBackup notify scripts
        3.  
          About NetBackup operating system commands
        4.  
          Best practices for running NetBackup commands from the NetBackup appliance
        5.  
          Known limitations of running NetBackup commands from the NetBackup appliance
      2. Creating NetBackup administrator user accounts
        1.  
          Logging on as a NetBackup administrator
        2.  
          Managing NetBackup administrator user account passwords
        3.  
          Auditing NetBackup administrator accounts
      3.  
        Deleting NetBackup administrator user accounts
      4.  
        Viewing NetBackup administrator user accounts
    6. About Auto Image Replication between appliances
      1. About Auto Image Replication between NetBackup appliances
        1.  
          Prerequisites for Auto Image Replication
        2. Configuring a replication target
          1.  
            Determining the appliance deduplication password
      2.  
        About Auto Image Replication between NetBackup appliances and deduplication appliances
    7. About forwarding logs to an external server
      1.  
        Uploading certificates for TLS
      2.  
        Enabling log forwarding
      3.  
        Changing the log forwarding interval
      4.  
        Viewing the log forwarding configuration
      5.  
        Disabling log forwarding
    8. About high availability configuration
      1.  
        Checking the status
      2.  
        Getting the asset tag
      3.  
        Switching the services over
      4.  
        Removing a node
    9. About data erasure
      1.  
        Configuring the data erasure
      2.  
        Viewing the data erasure status
      3.  
        Aborting the data erasure
  5. Understanding the NetBackup appliance settings
    1.  
      About modifying the appliance settings
    2. Settings > Notifications
      1. Settings > Notifications > Alert Configuration
        1.  
          Configuring alert settings
        2. About SNMP
          1.  
            About the Management Information Base (MIB)
        3. About Call Home
          1.  
            Enabling and disabling Call Home from the appliance shell menu
          2.  
            About AutoUpdate for Upgrade Readiness Check
          3.  
            Configuring a Call Home proxy server from the NetBackup Appliance Shell Menu
          4.  
            Understanding the Call Home workflow
          5.  
            About the Product Improvement Program
      2. Settings > Notifications > Login Banner
        1.  
          Creating the appliance login banner
        2.  
          Removing the appliance login banner
      3.  
        About AutoSupport
    3. Settings > Network
      1.  
        VLAN configuration for NetBackup Appliances
      2. Settings > Network > Network Settings
        1. About WAN Optimization
          1.  
            How to enable WAN optimization for a network interface port or a network interface port bond
          2.  
            How to disable WAN optimization for a network interface port or a network bond
          3.  
            Viewing the WAN optimization status
        2.  
          Network and VLAN configuration guidelines
        3.  
          Creating a bond
        4.  
          Tagging VLAN
        5.  
          Adding static route
      3. Settings > Network > Fibre Transport
        1.  
          About the HBA port mode configuration table
        2.  
          Configuring Fibre Transport settings
        3.  
          Configuring Fibre Transport to other NetBackup appliances
      4. Settings > Network > Host
        1.  
          Changing DNS and Host Name Resolution (non-DNS) configuration settings
      5.  
        About IPv4-IPv6-based network support
    4.  
      Settings > Date and Time
    5. Settings > Authentication
      1. About configuring user authentication
        1.  
          Generic user authentication guidelines
      2. About authorizing NetBackup appliance users
        1.  
          NetBackup appliance user role privileges
      3.  
        Settings > Authentication
      4. Settings > Authentication > LDAP
        1.  
          Adding an LDAP server configuration
        2.  
          Importing an LDAP server configuration
        3.  
          Setting the SSL certification
        4.  
          Exporting an LDAP configuration
        5.  
          Unconfiguring LDAP user authentication
        6.  
          Enabling the LDAP server configuration
        7.  
          Disabling the LDAP server configuration
        8.  
          Deleting LDAP configuration parameters
        9.  
          Adding LDAP configuration parameters
        10.  
          Adding an LDAP attribute mapping
        11.  
          Deleting an LDAP attribute mapping
      5. Settings > Authentication > Active Directory
        1.  
          Adding an Active Directory server configuration
        2.  
          Unconfiguring the Active Directory user authentication
      6. Settings > Authentication > User Management
        1.  
          Adding appliance users
        2.  
          Deleting appliance users
        3.  
          Adding appliance user groups
        4.  
          Deleting appliance user groups
        5.  
          Granting roles to users and user groups
        6.  
          Revoking roles from users and user groups
        7.  
          Synchronizing the user groups
    6.  
      Settings > Password Management
  6. Troubleshooting
    1.  
      Viewing log files using the Support command
    2.  
      Where to find NetBackup appliance log files using the Browse command
    3. About disaster recovery
      1.  
        Recovering a NetBackup appliance primary server using NetBackup catalog restore
    4.  
      Gathering device logs on a NetBackup appliance
  7. Deduplication pool catalog backup and recovery
    1.  
      Deduplication pool catalog backup policy
    2.  
      Automatic configuration of the deduplication pool catalog backup policy
    3.  
      Manually configuring the deduplication pool catalog backup policy
    4.  
      Manually updating the deduplication pool catalog backup policy
    5.  
      Recovering the deduplication pool catalog
  8.  
    Index

Installing a NetBackup appliance software update using the NetBackup Appliance Shell Menu

Use the following procedure to start the appliance upgrade.

Note:

Always perform upgrades with the admin user account. Do not use a non-admin user account to upgrade appliances.

Note:

If you have enabled the STIG feature on an appliance and you need to upgrade it or install an EEB on it, do not plan such installations during the 4:00am - 4:30am time frame. By following this best practice, you can avoid interrupting the automatic update of the AIDE database and any monitored files, which can cause multiple alert messages from the appliance.

To install a downloaded release update using the NetBackup Appliance Shell Menu

  1. Check to make sure that the following required updates and pre-upgrade tasks have already been performed:

    • All required pre-upgrade updates have been completed. For a complete list of required updates prior to 5.1.1 upgrades, refer to the following article:

      https://www.veritas.com/support/en_US/article.100046066

    • All jobs have been stopped or suspended and all SLPs have been paused.

    • The Support > Test Software command has been run and it returned a Pass result.

  2. Log in to the NetBackup Appliance Shell Menu from the IPMI console.

    Note:

    Veritas recommends that you log in using the shell menu from the IPMI console instead of an SSH session. The IPMI console is also known as the Veritas Remote Manager interface. For details about how to access and use the Veritas Remote Manager, refer to the following document: NetBackup Appliance Hardware Installation Guide.

  3. Make sure that you have downloaded and have run the latest version of the Appliance Upgrade Readiness Analyzer tool. The analyzer tool must produce a pass result before you can continue to the next step.
  4. To install the software release update, run the following command:

    Main_Menu > Manage > Software > Install patch_name

    Where patch_name is the name of the release update to install. Make sure that this patch name is the one that you want to install.

  5. Monitor the preflight check and watch for any failure and warning messages.

    • If no Check failed messages appear, you are prompted to continue to the next step to start the upgrade.

    • If any Check failed messages appear, the upgrade is not allowed. You must resolve the reported failures, then launch the upgrade script again so that the preflight check can verify that the failures have been resolved.

    • If any Check failed messages indicate that a RHEL version third-party plug-in was not found, you must obtain the plug-in from the appropriate vendor.

    • If any warning messages appear, Veritas recommends that you read the message and try to resolve the issue before you continue the upgrade. A warning message does not prevent the upgrade from proceeding.

  6. Starting with release 5.0, a Call Home settings test is performed. If Call Home is disabled, a prompt appears for you to enable the feature to ensure the Call Home test is performed. You can also enable a proxy server if the test fails. The following warning message is displayed:

    Warning:

    The appliance is not able to connect to the Veritas Call Home server to upload hardware and software telemetry. Providing the Call Home information to Veritas allows for an improved support experience and recommendations through the NetInsights Console. It is recommended that you enable Call Home and ensure the system can reach the Veritas Call Home server through correct name resolution or proxy server setting.

    You can ignore this warning and continue to the next step.

  7. After all preflight check items have passed, and before the upgrade begins, you must first select how the upgrade process should respond if any errors occur during the upgrade. The following prompt appears:
    If an error occurs during the upgrade, do you want to
    immediately enforce an automatic rollback? [yes, no]

    Enter yes to immediately enforce an automatic rollback.

    Enter no to pause the upgrade process and investigate the errors.

  8. After all preflight check items have passed, you may need to trust the CA certificate and the host ID-based certificate to start the upgrade process.

    To trust and deploy the CA certificates, do the following:

    • Verify the CA certificate detail and enter yes to trust the CA certificate, as follows:

      To continue with the upgrade, verify the following CA 
certificate detail and enter "yes" to trust the CA certificate.
CA Certificate Details:
     Subject Name : /CN=nbatd/OU=root@abc.example.com/O=vx
       Start Date : Jul 14 12:59:18 2017 GMT
      Expiry Date : Jul 09 14:14:18 2037 GMT
 SHA1 Fingerprint : 31:E9:97:2E:50:11:51:7C:D6:25:7F:32:86:3D:
                    6B:D5:33:5C:11:E2

>> Do you want to trust the CA certificate? [yes, no](yes)

    • If the security level of the primary server is Very High, you must manually enter an authorization token to deploy the host ID-based certificate on the appliance, as follows:

      >> Enter token:

      Note:

      If the appliance does not have a valid host-id certificate before the next upgrade to a later version, a reissue token is required for the next upgrade.

    • If the security level of the primary server is High or Medium, the authentication token is not required. The host ID-based certificate is automatically deployed onto the appliance.

    For more information about security certificates, refer to the chapter "Security certificates in NetBackup" in the NetBackup Security and Encryption Guide.

  9. Primary server upgrades from software versions 3.1.1 and earlier require you to provide a Veritas Usage Insights registration key. To obtain the registration key, follow the onscreen instructions.
  10. During the upgrade process, you can login using SSH and start the AIM window to check the upgrade status (except during the reboot process).

    To check the upgrade status, you can:

    • Login using an SSH session and start the AIM window to monitor the upgrade process. Enter the following command:

      Main_Menu > Manage > Software > UpgradeStatus.

    • Login using the IPMI console and start the AIM window. Enter the following command:

      Main_Menu > Manage > Software > UpgradeStatus.

    • Monitor the upgrade process using the IPMI console. When all the updates have been installed successfully, a login prompt appears.

  11. If problems are detected during the post-upgrade self-test, the AIM window shows the upgrade status as Paused. Other SSH sessions and email notifications also indicate this status.

    To clear the Paused status, perform the following tasks:

    • Press the V key to switch to the Verbose view to see the logs. If there are any Unique Message Identification (UMI) codes for the errors, search for them on the Veritas Support website to get more detailed information.

    • Try to fix the problem that the AIM window reports.

      If you need to use the shell menu, log on to the NetBackup Appliance Shell Menu through an SSH session. When the AIM window appears, press the S key to close it.

    • Go back to the AIM window on the IPMI console.

      If you tried fixing the problem, press the A key to attempt the self-test again. If you cannot fix the problem, contact Veritas Support or press the R key to roll back the appliance to the previous software version.

  12. After the upgrade has completed, the AIM window shows a summary of the upgrade results.

    After the disk pools are back online, the appliance runs a self-diagnostic test. Refer to the following file for the test results:

    /log/selftest_report_<appliance_serial>_<timedate>.txt

    If SMTP is configured, an email notification that contains the self-test result is sent.

  13. For HA setups only:

    After you have completed the upgrade on the first node, run the Support > Test Software command to verify the status of various appliance software components. If the test passes, log in to the other node and upgrade it in the same manner as the first node.

  14. Complete this step only if your backup environment includes SAN client computers.

    The Fibre Channel (FC) ports must be re-scanned to allow any SAN client computers to reconnect to the Fibre Transport (FT) devices. The re-scan must be done from the NetBackup CLI view on the appliance.

    To re-scan the FC ports:

    • Enter the following command to see a list of NetBackup user accounts:

      Manage > NetBackupCLI > List

    • Log on to this appliance as one of the listed NetBackup users.

    • Run the following command to rescan the FC ports:

      nbftconfig -rescanallclients

    • If any SAN clients still do not work, run the following commands on each of those clients in the order as shown:

      On UNIX clients:

      /usr/openv/netbackup/bin/bp.kill_all

      /usr/openv/netbackup/bin/bp.start_all

      On Windows clients:

      <install_path>\NetBackup\bin\bpdown

      <install_path>\NetBackup\bin\bpup

    • If any SAN clients still do not work, manually initiate a SCSI device refresh at the OS level. The refresh method depends on the operating system of the client. Once the refresh has completed, attempt the nbftconfig -rescanallclients command again.

    • If any SAN clients still do not work, reboot those clients.

      Note:

      If you have SLES 10 or SLES 11 SAN clients that still do not work, Veritas recommends upgrading the QLogic driver on those clients. For the affected SLES 10 clients, upgrade to version 8.04.00.06.10.3-K. For the affected SLES 11 clients, upgrade to version 8.04.00.06.11.1.

    Note:

    Starting with NetBackup Appliance version 5.0, refer to the NetBackup Appliance Security Guide to run NetBackup commands as a NetBackupCLI user.