NetBackup™ Troubleshooting Guide

Last Published:
Product(s): NetBackup (10.3.0.1, 10.3)
  1. Introduction
    1.  
      NetBackup logging and status code information
    2.  
      Troubleshooting a problem
    3.  
      Problem report for Technical Support
    4.  
      About gathering information for NetBackup-Java applications
  2. Troubleshooting procedures
    1.  
      About troubleshooting procedures
    2. Troubleshooting NetBackup problems
      1.  
        Verifying that all processes are running on UNIX or Linux servers
      2.  
        Verifying that all processes are running on Windows servers
    3.  
      Troubleshooting installation problems
    4.  
      Troubleshooting configuration problems
    5.  
      Device configuration problem resolution
    6.  
      Testing the primary server and clients
    7.  
      Testing the media server and clients
    8.  
      Resolving network communication problems with UNIX clients
    9.  
      Resolving network communication problems with Windows clients
    10. Troubleshooting vnetd proxy connections
      1.  
        vnetd proxy connection requirements
      2.  
        Where to begin to troubleshoot vnetd proxy connections
      3.  
        Verify that the vnetd process and proxies are active
      4.  
        Verify that the host connections are proxied
      5.  
        Test the vnetd proxy connections
      6.  
        Examine the log files of the connecting and accepting processes
      7.  
        Viewing the vnetd proxy log files
    11. Troubleshooting security certificate revocation
      1.  
        Troubleshooting cloud provider's revoked SSL certificate issues
      2.  
        Troubleshooting cloud provider's CRL download issues
      3.  
        How a host's CRL affects certificate revocation troubleshooting
      4.  
        NetBackup job fails because of revoked certificate or unavailability of CRLs
      5.  
        NetBackup job fails because of apparent network error
      6.  
        NetBackup job fails because of unavailable resource
      7.  
        Primary server security certificate is revoked
      8.  
        Determining a NetBackup host's certificate state
      9.  
        Troubleshooting issues with external CA-signed certificate revocation
    12.  
      About troubleshooting networks and host names
    13. Verifying host name and service entries in NetBackup
      1.  
        Example of host name and service entries on UNIX primary server and client
      2.  
        Example of host name and service entries on UNIX primary server and media server
      3.  
        Example of host name and service entries on UNIX PC clients
      4.  
        Example of host name and service entries on UNIX server that connects to multiple networks
    14.  
      About the bpclntcmd utility
    15.  
      Using the Host properties to access configuration settings
    16.  
      Resolving full disk problems
    17. Frozen media troubleshooting considerations
      1.  
        Logs for troubleshooting frozen media
      2.  
        About the conditions that cause media to freeze
    18. Troubleshooting problems with the NetBackup web services
      1.  
        Viewing NetBackup web services logs
      2.  
        Troubleshooting web service issues after external CA configuration
    19.  
      Troubleshooting problems with the NetBackup web server certificate
    20. Resolving PBX problems
      1.  
        Checking PBX installation
      2.  
        Checking that PBX is running
      3.  
        Checking that PBX is set correctly
      4.  
        Accessing the PBX logs
      5.  
        Troubleshooting PBX security
      6.  
        Determining if the PBX daemon or service is available
    21. Troubleshooting problems with validation of the remote host
      1.  
        Viewing logs pertaining to host validation
      2.  
        Enabling insecure communication with NetBackup 8.0 and earlier hosts
      3.  
        Approving pending host ID-to-host name mappings
      4.  
        Clearing host cache
    22. Troubleshooting Auto Image Replication
      1.  
        Rules for primary servers used with Auto Image Replication and SLPs
      2. Targeted A.I.R. trusted primary server operation failed in case of external certificate configuration
        1.  
          Add or update trust
        2.  
          Remove trust
      3.  
        About troubleshooting automatic import jobs that SLP components manage
    23.  
      Troubleshooting network interface card performance
    24.  
      About SERVER entries in the bp.conf file
    25.  
      About unavailable storage unit problems
    26.  
      Resolving a NetBackup Administration operations failure on Windows
    27.  
      Resolving garbled text displayed in NetBackup Administration Console on a UNIX computer
    28.  
      Troubleshooting error messages in the NetBackup Administration Console
    29.  
      Extra disk space required for logs and temporary files for the NetBackup Administration Console
    30.  
      Unable to logon to the NetBackup Administration Console after external CA configuration
    31.  
      Troubleshooting file-based external certificate issues
    32.  
      Troubleshooting Windows certificate store issues
    33.  
      Troubleshooting backup failures
    34.  
      Troubleshooting backup failure issues with NAT clients or NAT servers
    35.  
      Troubleshooting issues with the NetBackup Messaging Broker (or nbmqbroker) service
    36.  
      Issues with email notifications for Windows systems
    37.  
      Issues with KMS configuration
    38.  
      Issues with initiating the NetBackup CA migration because of large key size
    39.  
      Issues with the non-privileged user (service user) account
    40.  
      Issues with group name format in the auth.conf file
    41.  
      Troubleshooting the VxUpdate add package process
    42.  
      Issues with FIPS mode
    43.  
      Issues with malware scanning
    44.  
      Issues with NetBackup jobs that are enabled for data-in-transit encryption
    45.  
      Issues with Unstructured Data Instant Access
    46.  
      Troubleshooting issues with multi-factor authentication
    47.  
      Troubleshooting issues with multi-person authorization
  3. Using NetBackup utilities
    1.  
      About NetBackup troubleshooting utilities
    2.  
      About the analysis utilities for NetBackup debug logs
    3.  
      About the Logging Assistant
    4.  
      About network troubleshooting utilities
    5. About the NetBackup support utility (nbsu)
      1.  
        Output from the NetBackup support utility (nbsu)
      2.  
        Example of a progress display for the NetBackup support utility (nbsu)
    6. About the NetBackup consistency check utility (NBCC)
      1.  
        Output from the NetBackup consistency check utility (NBCC)
      2.  
        Example of an NBCC progress display
    7.  
      About the NetBackup consistency check repair (NBCCR) utility
    8.  
      About the nbcplogs utility
    9. About the robotic test utilities
      1.  
        Robotic tests on UNIX
      2.  
        Robotic tests on Windows
    10. About the NetBackup Smart Diagnosis (nbsmartdiag) utility
      1.  
        Workflow to use the nbsmartdiag utility for NetBackup host communication
    11.  
      About log collection by job ID
  4. Disaster recovery
    1.  
      About disaster recovery
    2.  
      About disaster recovery requirements
    3.  
      Disaster recovery packages
    4.  
      About disaster recovery settings
    5.  
      Recommended backup practices
    6. About disk recovery procedures for UNIX and Linux
      1. About recovering the primary server disk for UNIX and Linux
        1.  
          Recovering the primary server when root is intact
        2.  
          Recovering the primary server when the root partition is lost
      2.  
        About recovering the NetBackup media server disk for UNIX
      3.  
        Recovering the system disk on a UNIX client workstation
    7. About clustered NetBackup server recovery for UNIX and Linux
      1.  
        Replacing a failed node on a UNIX or Linux cluster
      2.  
        Recovering the entire UNIX or Linux cluster
    8. About disk recovery procedures for Windows
      1. About recovering the primary server disk for Windows
        1.  
          Recovering the primary server with Windows intact
        2.  
          Recovering the primary server and Windows
      2.  
        About recovering the NetBackup media server disk for Windows
      3.  
        Recovering a Windows client disk
    9. About clustered NetBackup server recovery for Windows
      1.  
        Replacing a failed node on a Windows VCS cluster
      2.  
        Recovering the shared disk on a Windows VCS cluster
      3.  
        Recovering the entire Windows VCS cluster
    10.  
      Generating a certificate on a clustered primary server after disaster recovery installation
    11.  
      About restoring disaster recovery package
    12.  
      About the DR_PKG_MARKER_FILE environment variable
    13.  
      Restoring disaster recovery package on Windows
    14.  
      Restoring disaster recovery package on UNIX
    15. About recovering the NetBackup catalog
      1.  
        About the catalog backup process
      2.  
        Prerequisites for recovering the NetBackup catalog or NetBackup catalog image files
      3.  
        About NetBackup catalog recovery on Windows computers
      4.  
        About NetBackup catalog recovery from disk devices
      5.  
        About NetBackup catalog recovery and symbolic links
      6. About NetBackup catalog recovery
        1.  
          Specifying the NetBackup job ID number after a catalog recovery
      7.  
        NetBackup disaster recovery email example
      8. About recovering the entire NetBackup catalog
        1.  
          Recovering the entire NetBackup catalog using the NetBackup catalog recovery wizard
        2.  
          Recovering the entire NetBackup catalog using bprecover -wizard
      9.  
        Establishing a connection with NAT media server before catalog recovery
      10. About recovering the NetBackup catalog image files
        1.  
          Recovering the NetBackup catalog image files using the NetBackup catalog recovery wizard
        2.  
          Recovering the NetBackup catalog image files using bprecover -wizard
      11. About recovering the NetBackup databases
        1.  
          Recovering the NetBackup database from a backup
        2.  
          Recovering the NetBackup database from staging
        3.  
          About processing the NetBackup database in staging
        4.  
          Terminating database connections
      12.  
        Recovering the NetBackup catalog when NetBackup Access Control is configured
      13.  
        Recovering the NetBackup catalog from a nonprimary copy of a catalog backup
      14.  
        Recovering the NetBackup catalog without the disaster recovery file
      15.  
        Recovering a NetBackup user-directed online catalog backup from the command line
      16.  
        Restoring files from a NetBackup online catalog backup
      17.  
        Unfreezing the NetBackup online catalog recovery media
      18.  
        Steps to carry out when you see exit status 5988 during catalog recovery

Issues with KMS configuration

Backups fail on KMS-enabled storage after KMS configuration

NetBackup supports NetBackup Key Management Service (NetBackup KMS) and external key management service (external KMS).

This section provides procedures to resolve the backup failure issue in the following scenarios:

  • When NetBackup KMS is configured

  • When external KMS is configured

See the NetBackup Security and Encryption Guide for more information about KMS configurations.

To resolve backup failure issue in a setup where NetBackup KMS is configured

  1. If a NetBackup policy is configured to use tape, AdvanceDisk or cloud storage, check job details. If you see any errors, refer to the NetBackup Status Codes Reference Guide.

    For example in case of tape storage type, you may see the following error in the job details tab:

    Mar 27, 2020 5:20:40 PM - Error bptm (pid=11143) KMS failed with error status: Error details : 
Error Code : 1298, Error Message : Cannot communicate with one or more key management servers., 
Server - example.primary.com:0, Error code - 25, .    
Mar 27, 2020 5:20:40 PM - Info bptm (pid=11143) EXITING with status 83 <----------    
Mar 27, 2020 5:20:43 PM - Info bpbkar (pid=11132) done. status: 83: media open error
  2. Run the following command on the primary server to verify whether NetBackup KMS is configured or not:

    Install_Path/bin/nbkmscmd -listKMSConfig -name nbkms

    If NetBackup KMS configuration is not listed, check if the nbkms service is running or not.

    • If the nbkms service is running, run the following command to add the nbkms service configuration:

      Install_Path/bin/nbkmscmd -discoverNBkms

    • If nbkms service is not running check nbkms logs at the following location:

      On UNIX - /usr/openv/logs/nbkms

      On Windows - Install_Path\NetBackup\logs\nbkms

      Check if a key is created on the KMS server with the required key group.

  3. Validate the NetBackup KMS configuration using the following command:

    Install_Path/bin/nbkmscmd -validateKMSConfig -name KMS_configuration_name

  4. Check if at least one active key is listed using the following command:

    Install_Path/bin/nbkmscmd -listKeys -name KMS_configuration_name -keyGroupName key_group_name

  5. If key is not listed, create a key with the required key group and clear the cache on the media server. Run the following command:

    Install_Path/bin/bpclntcmd -clear_host_cache

  6. Check the following logs for further details:

    In case of tape, AdvanceDisk, and cloud storage: Install_Path/netbackup/logs/bptm

    In case of MSDP storage: MSDP_config_path/log/spoold/spoold.log

    For web service logs on the primary server: Install_path/logs/nbwebservice/<51216-495-***-***-***.log>

    For nbkmiputil logs for NetBackup KMS: Install_Path/logs/nbkms

To resolve backup failure issue in a setup where external KMS is configured

  1. If a NetBackup policy is configured to use tape, AdvanceDisk or cloud storage, check job details. If you see any errors, refer to the NetBackup Status Codes Reference Guide.
  2. Run the following command on the primary server to verify whether external KMS is configured or not:

    Install_Path/bin/nbkmscmd -listKMSConfig -name KMS_configuration_name

    If configuration is not listed, configure external KMS server.

  3. Validate the external KMS configuration using the following command:

    Install_Path/bin/nbkmscmd -validateKMSConfig -name KMS_configuration_name

  4. Run the following command if certificate files exist on the primary server.

    Install_Path/netbackup/bin/goodies/nbkmiputil -validate -kmsServer kms_server_name -port 5696 -certPath certificate_file_path -privateKeyPath private_key__file_path -trustStorePath ca_file_path

    The output is in a JSON format.

  5. Check if key is created on external KMS server with the required key group.
  6. Check if at least one active key is listed using the following command:

    Install_Path/bin/nbkmscmd -listKeys -name KMS_configuration_name -keyGroupName key_group_name

    If key is not listed, create a key with the required key group and clear the cache on the media server. Run the following command:

    Install_Path/bin/bpclntcmd -clear_host_cache

  7. Check the following logs for further details:

    In case of tape, AdvanceDisk, and cloud storage: Install_Path/netbackup/logs/bptm

    In case of MSDP storage: PDDE_Install_Path/log/spoold/spoold.log

    For web service logs on the primary server: Install_Path/logs/nbwebservice/<51216-495-***-***-***.log>

    For nbkmiputil logs for external KMS:Install_Path/netbackup/logs/nbkmiputil

Restore of the backup data of a KMS-enabled storage fails

Use the following procedure to resolve the restore failure issue in case of a storage that is KMS enabled:

To resolve restore failure issue

  1. In case of tape, AdvanceDisk, and cloud storage, check job details.

  2. Validate the KMS configuration using the following commands:

    Install_Path/bin/nbkmscmd -validateKMSConfig -name KMS_configuration_name

  3. Run the following command if certificate files exist on primary server, Install_Path/netbackup/bin/goodies/nbkmiputil -validate -kmsServer KMS_server_name -port 5696 -certPath certificate_file_path -privateKeyPath private_key__file_path -trustStorePath ca_file_path

    The output is displayed in the JSON format.

  4. Ensure that the key with which backup is encrypted is still active on the KMS server.

    See the following error in nbwebservice logs to get the key tag that is required for restore.

    See the following log statements in the web service logs on the primary server: Install_path/logs/nbwebservice/<51216-495-***-***-***.log>

    Here are the log snippets:

    [Debug] NB 51216 nbwebapi 495 PID:10984 TID:149 File ID:495 [No context] 5 
	[com.netbackup.config.PeerInfoPopulatorFilter] 
Request URL : https://<Master-Server>:1556/netbackup/security/key-management-services/keys 
Connection Info :ConnectionInfo
    [Debug] NB 51216 nbwebapi 495 PID:10984 TID:149 File ID:495 [No context] 5 
[com.netbackup.security.kms.resource.KMSConfigResource] 
HTTP GET filter query string is : KeyId eq 'bdc3492b015d4a9ab25426465b12adac6a834dfc6b4449c490922d6155719958' 
 and kadlen eq 32
    [Debug] NB 51216 nbwebapi 495 PID:10984 TID:149 File ID:495 [No context] 5 
[com.netbackup.security.kms.resource.KMSConfigResource] 
com.netbackup.security.kms.resource.KMSConfigResource getKeys() - NBKMSRecordNotFoundException 
occured due to missing KMS record.com.netbackup.nbkms.exception.NBKMSRecordNotFoundException: 
security.error.kms.KeyRecordNotFound

  5. Check the following logs for further details:

    For tape, AdvanceDisk, and cloud storage: Install_Path/netbackup/logs/bptm

    For MSDP storage: PDDE_Install_Path/log/spoold/spoold.log

    For web service logs on primary server: Install_Path/logs/nbwebservice/<51216-495-***-***-***.log>

    For nbkmiputil logs:

    • For NetBackup KMS,Install_Path/logs/nbkms

    • For external KMS,Install_Path/netbackup/logs/nbkmiputil