NetBackup™ Web UI Backup Administrator's Guide

Last Published:
Product(s): NetBackup (8.1.2)

Adding a trusted master server

If you want to have usage reporting for multiple master servers in the NetBackup web UI, you need to configure a trust relationship exists between the NetBackup servers in the different domains.

Before you begin

Perform the following steps on both the source and the target server:

  • Identify the NetBackup versions that are installed on the source and the target servers.

    Usage reporting and Smart Meter are supported for NetBackup 8.1.2 and later.

  • Obtain the authorization tokens of the remote server.

    Use the bpnbat command to log on and nbcertcmd to get the authorization tokens.

  • Obtain the fingerprints for the remote server.

    To obtain the SHA1 fingerprint of root certificate, use the nbcertcmd -displayCACertDetail command.

  • Ensure that you have one of the following permissions:

    • System administrator permissions with root permissions for UNIX, administrator permissions for Windows, or a NetBackupCLI user for a 3.1 NetBackup appliance.

    • Access to the NetBackup Administration Console, where you have <username> ADMIN=ALL permissions through auth.conf.

    • Enhanced Auditing (EA) user permissions through authalias.conf.

Adding a trusted master server, when both the source and the target server are NetBackup version 8.1 or later

To add a trusted master server, when both the source and the target server are NetBackup version 8.1 or later

  1. In the NetBackup Administration Console, expand NetBackup Management > Host Properties > Master Servers in the left pane.
  2. In the right pane, select the master server and Actions > Properties.
  3. In the properties dialog box left pane, select Servers.
  4. On the Trusted Master Servers tab, click Add.
  5. Enter the fully-qualified host name of the remote master server and click Validate Certificate Authority.
  6. In the Validate Certificate Authority dialog box, verify if the CA certificate fingerprint of the remote server is correct.

    To proceed, click Yes.

    If the fingerprints don't match, click No. Contact the remote server admin to provide the correct fingerprints.

  7. Enter the trusted master server details using one of the following methods.

    • (Recommended) Select Specify authentication token of the trusted master server and enter the token details of the remote master server.

    • Select Specify credentials of the trusted master server and enter the user name and password. Note that this method may present a possible security breach. Only an authentication token can provide restricted access and allow secure communication between both the hosts.

      To establish trust with a 3.1 NetBackup master appliance, use the NetBackupCLI credentials.

  8. Click OK.
  9. Perform the same procedure on the remote master server that you added in step 5.

Adding a trusted master server, when both the source and the target server are NetBackup version 8.0 or earlier

To add a trusted master server, when both the source and the target server are NetBackup version 8.0 or earlier

  1. Ensure that the Enable insecure communication with NetBackup 8.0 and earlier hosts option is enabled in the global security settings.
  2. In the NetBackup Administration Console, expand NetBackup Management > Host Properties > Master Servers in the left pane.
  3. In the right pane, select the master server and Actions > Properties.
  4. In the properties dialog box left pane, select Servers.
  5. On the Trusted Master Servers tab, click Add.
  6. Enter the fully-qualified host name of the remote master server and click Validate Certificate Authority.
  7. Enter the Username and Password of the remote master server host.
  8. Click OK.
More information

For details on usage reporting in the web UI, see the NetBackup Web UI for Backup Administrator's Guide.

For more information on commands, see the NetBackup Commands Reference Guide. For details on the authalias.conf, see the NetBackup Security and Encryption Guide.