Duplicated image's WORM unlock time is calculated from duplication date instead of original backup date
Problem
The second copy in new DD is calculating its WORM unlock time from the time it receives the backup image based on its retention period but is not calculating the time difference it already elapsed since its backup time.
Cause
Copy Worm Unlock Time of Copy 2 is set as "duplication ctime + retention" instead of "backup ctime + retention" intentionally in the product to prevent clock vulnerability where an attacker changes the time of the master server.
Solution
Engineering has acknowledged the defect and recreated it internally. The engineering team has provided the required EEB that has been installed successfully and subsequently a duplication has been tested as well. The expiration date is now matching with the WORM unlock date post duplication at destination storage.
The binary exists for the following versions of NetBackup:
- NetBackup 9.1.0.1: Etrack 4060536
- NetBackup 10.0.0.1: Etrack 4086750
- NetBackup 10.1: Etrack 4109674
- NetBackup 10.1.1: 4131014
After installing EEB , add the parameter CONF_WORM_USE_CLOCK = 1 in the bp.conf of the media server where the DataDomain DDBoost plugin is installed, as this media server is communicating with the DataDomain
Note: The above parameter can be used without an EEB at NetBackup 10.2+
Related Knowledge Base Articles
Was this content helpful?
Translated Content
Please note that this document is a translation from English, and may have been machine-translated. It is possible that updates have been made to the original version after this document was translated and published. Veritas does not guarantee the accuracy regarding the completeness of the translation. You may also refer to the English Version of this knowledge base article for up-to-date information.