Search <book_title>...

Veritas Appliance Guide for CyberArk Plugin Configuration

Last Published: 2025-03-20

Product(s): Appliances (6.0, 5.5.0.1, 5.3, 5.1.1, 5.1, 5.0, 4.2, 4.1, 4.0, 3.3.0.1, 3.3, 3.2, 3.1, 3.0)

Platform: NetBackup Appliance OS,Flex Appliance OS

Introduction
1. Overview
CyberArk plugin configurations for Flex Appliance
CyberArk plugin configuration for NetBackup Appliance
1. Veritas NetBackup Appliance CPM CyberArk Plugin
CyberArk plugin for Remote Management interface
1. Veritas Remote Management Interface via API CyberArk Plugin
CyberArk plugin configurations for Flex Scale and Access Appliances
1. Veritas NetBackup Flex Scale and Access Appliance API CyberArk CPM plug-in
2. Configuration for CyberArk Privileged Session Manager (PSM) for SSH

Veritas NetBackup Appliance CPM CyberArk Plugin

The Veritas NetBackup Appliance CPM Plugin is a CyberArk component. It supports password management for the built-in administrator and maintenance users along with verification, change, and reconciliation for all standard local user login accounts existing on a Veritas NetBackup Appliance.

The following describes the supported plugin functionality:

Verify the administrator or the maintenance user password.
Change the following account passwords:
- Administrator (built-in admin user and other user accounts with administrator privileges)
- Maintenance user
- NetBackup CLI users
- Standard local users (such as nbasecadmin)
Reconcile the user password, when necessary.
Limitation:
The reconcile feature requires that you first add the appliance maintenance user account to CyberArk, and then associate it with an appliance administrator account. After completing the plugin configuration procedure, see the following:
See Enable reconciliation.

Requirements and prerequisites

The following describes the requirements and tasks that you must perform before you can configure the plugin:

A configured NetBackup Appliance with software versions 3.3.x or later.
A CyberArk PAM (Privileged Access Manager) solution.
Download the Veritas NetBackup Appliance CPM Plugin from the following CyberArk Marketplace site and install it:
https://cyberark-customers.force.com/mplace/s/#a352J0000003MU8QAM-a392J000002KuEoQAK

Configuration

After you have downloaded and installed the plugin, perform the following configuration steps in the application on the CyberArk site.

To configure the plugin for the Veritas NetBackup Appliance CPM

Log in to the CyberArk PVWA.
On the Account View page, click Add account and do the following:
- For Select system type, click Imported platforms.
- For Assign to platform, click Veritas NetBackup via SSH.
- For Store in safe, select where you want to store the configuration. You can also click Create Safe to create a new one.
- For Define properties, enter the following:
  - Address: Enter the appliance fully qualified domain name.
  - Username: Enter the administrator or the maintenance user username.
  - Password: Enter the associated password for the entered administrator or the maintenance username.

Enable reconciliation

To enable password reconciliation for an account, the following tasks are required:

Create a new user with administrator privileges on the appliance, then add that user to CyberArk.
Add the NetBackup Appliance maintenance user account to CyberArk.
Associate the new administrator user account as the Logon Account for the current user account.
Associate the maintenance user account as the Reconcile Account for the current user account.

To enable reconciliation for the Veritas NetBackup Appliance CPM plugin

On the NetBackup Appliance, create a new local user with the administrator privileges.
Add the new administrator user account to CyberArk as follows:
- On the CyberArk PVWA, click Add Account.
- On the Add account page, enter the required information in the following fields:
  Address - the NetBackup Appliance address or host name.
  Username - the new appliance administrator user account.
  Password - the password for the administrator user account.
  Confirm password
Click Add.
Add the appliance maintenance user account to CyberArk as follows:
- On the CyberArk PVWA, click Add Account.
- On the Add account page, enter the required information in the following fields:
  Address - the NetBackup Appliance address or host name.
  Username - the appliance maintenance user account.
  Password - the password for the maintenance user account.
  Confirm password
Click Add.
Associate the new administrator user account with the appliance maintenance user account as follows:
- On the Accounts View page, select the new NetBackup Appliance administrator account that you added. Then, in the upper right corner, click Additional details & actions classic interface.
- On the Account Details page that appears, in the box on the right side of the page, for Logon Account, click Associate. In the popup window that appears, select the new NetBackup Appliance administrator account and click Associate.
  After the popup window closes, in the same box on the right side of the page, for Reconcile Account, click Associate. In the popup window that appears, select the NetBackup Appliance maintenance account and click Associate.