NetBackup™ Release Notes

Last Published:
Product(s): NetBackup (9.1)
  1. About NetBackup 9.1
    1.  
      About the NetBackup 9.1 release
    2.  
      About NetBackup Late Breaking News
    3.  
      About NetBackup third-party legal notices
  2. New features, enhancements, and changes
    1.  
      About new enhancements and changes in NetBackup
    2. NetBackup 9.1 new features, changes, and enhancements
      1.  
        Changes in Veritas terminology
      2.  
        Backup and restore of Kubernetes applications
      3.  
        Backup anomaly detection in NetBackup
      4.  
        Non-privileged user or service user account to run NetBackup services
      5.  
        Support for AD user groups in the auth.conf file
      6.  
        2 FA support for the NetBackup Administration Console through SAML-based Identity Provider or CAC/PIV smart cards or user certificates
      7.  
        NetBackup Client Direct deduplication is now supported with WORM
      8.  
        Case insensitivity for client names in a NetBackup policy
      9.  
        RESTful APIs included in NetBackup 9.1
      10.  
        API keys enhancements
      11.  
        BMR enhancements
      12.  
        NetBackup support for vCloud Director 9.0, 9.1, and 9.5 has ended
      13.  
        nbdeployutil renamed to NetBackup Deployment Insights
      14.  
        About the NetBackup Smart Diagnosis (nbsmartdiag) utility
      15.  
        EOL for support on RHEL 7.0 through 7.3
      16.  
        EOL for CentOS 8 support
      17.  
        NetBackup 9.1 support additions and changes
      18.  
        Several shutdown commands to be deprecated in a future release
      19.  
        Windows compiler and security requirements for NetBackup 9.1 and later installation and upgrade
      20.  
        New RBAC default roles
      21.  
        Changes to the RBAC permissions for jobs
      22.  
        Update cloud configuration file on the primary server immediately after install or upgrade to NetBackup 9.1
      23.  
        EOL for CloudPoint version 2.x
      24.  
        Automated asset protection with intelligent cloud groups
      25.  
        Changes to Cloud protection policies
      26.  
        CloudPoint extensions for scalable workflows
      27.  
        New backup options for cloud workloads
      28.  
        Backup from snapshot
      29.  
        Parameterized restore
      30.  
        Windows agentless support
      31.  
        Support for Microsoft Azure Stack Hub
      32.  
        Support for CloudPoint on an RHEL 8.3 Podman environment
      33.  
        Support for CloudPoint on SUSE Linux Enterprise Server (SLES)
      34.  
        Continuous data protection (CDP) provides backup for VMware without stunning the VMs
      35.  
        Combined deployment of NetBackup family products
      36.  
        Cloud enhancements for administrators
      37.  
        Instant rollback for VMs
      38.  
        For VMware and RHV environments, reduce the size of the job database before upgrade
      39.  
        Query options added for VMware intelligent policies
      40.  
        Nutanix AHV enhancements
      41.  
        Oracle Instance Management to be removed from NetBackup Administration Console
      42.  
        NetBackup Oracle Intelligent Policy can be configured with options for Data Guard
      43.  
        Oracle and DB2 policy templates are deprecated in the NetBackup 9.1 release
      44.  
        NetBackup for Microsoft SQL Server agent enhancements
      45.  
        New behavior for Oracle and Microsoft SQL Server intelligent policies
  3. Operational notes
    1.  
      About NetBackup 9.1 operational notes
    2. NetBackup installation and upgrade operational notes
      1.  
        After initiating CA migration, connection errors may occur
      2.  
        If NetBackup 9.1 upgrade fails on Windows, revert to previous log folder structure
      3.  
        Native installation requirements
      4.  
        NetBackup servers must use a host name that is compliant with RFC 1123 and RFC 952
      5.  
        Do not install from the menu that appears when the installation DVD is inserted
      6.  
        About support for HP-UX Itanium vPars SRP containers
    3. NetBackup administration and general operational notes
      1.  
        Permissions necessary for redirected restores with non-root service user accounts
      2.  
        NetBackup anomaly detection management service may not start after a full catalog restore
      3.  
        Authorization check fails if you change the user after installation or upgrade in an NBAC-enabled setup
      4.  
        Restore of the Root ("/") folder for NAS-Data-Protection policy fails
      5.  
        Errors are shown in the jobs detail when NetBackup attempts to expire images from non-WORM capable storage
      6.  
        Microsoft Azure backup fails if the resource group name contains a period (.)
      7.  
        Stale devices shown on the device tree
      8.  
        Temporary devices listed as file system assets
    4. NetBackup administration interface operational notes
      1.  
        Access control methods supported in NetBackup 9.1
      2.  
        Job actions not available for workload administrators with limited RBAC permissions on assets
      3.  
        Using X forwarding to launch the NetBackup Administration Console can fail on certain Linux platforms
      4.  
        Intermittent issues with X forwarding of NetBackup Administration Console
      5.  
        NetBackup Administration Console fails in Simplified Chinese UTF-8 locale on Solaris SPARC 64-bit systems with Solaris 10 Update 2 or later
    5. NetBackup Cloud operational notes
      1.  
        Error in calculating the snapshot size in smart metering for Cloud workloads
      2.  
        Pre-recovery check for VM restore fails on Windows-based NetBackup primary or media servers if the VM's display name contains multi-byte characters
      3.  
        Configuring a cloud recovery host on RHEL 8
    6. NetBackup with Veritas CloudPoint operational notes
      1.  
        Connection attempt fails for the VM that is in the unreachable or stopped state, and has the credentials associated with it
      2.  
        Editing a query with special characters in tag names is not supported for the intelligent Cloud groups
      3.  
        Starting or restarting the CloudPoint services may fail if a stale IP address entry is retained in the Podamn layer on RHEL 8.3 environment
      4.  
        CloudPoint discovery status shows as failed in the NetBackup web UI
      5.  
        New CloudPoint asset information may affect recovery
      6.  
        After upgrade, assets are unsubscribed from protection plans with GRT option enabled
      7.  
        Backup now option may fail with the error
      8.  
        Adding new regions requires a new cloud plug-in configuration
      9.  
        In backup and restore jobs, the number of files transferred is shown as 0
      10.  
        VM disks not displayed due to discovery level
      11.  
        Snapshot jobs fail due to exceptions
      12.  
        Deleted snapshots still visible in the NetBackup web UI
      13.  
        Granular restore fails if target path is deleted and recreated
      14.  
        Public cloud not supported with gov cloud or China region
      15.  
        Indexing not supported on instances created from AWS Marketplaces AMIs
      16.  
        Consistent host snapshot might fail
      17.  
        Configuring AWS plug-in with IAM role showed that the Authentication Method field is blank
      18.  
        Updating a cloud plug-in while a job runs causes job failure
      19.  
        Permission denied error occurs if both user and password are updated
      20.  
        Different source and target zones for Google Cloud Platform are not supported
      21.  
        Broken files system detected
    7. NetBackup deduplication operational notes
      1.  
        Backup jobs fail with "Storage server is down ..." for WORM storage servers in multi-domain environments
    8. NetBackup for NDMP operational notes
      1.  
        Parent directories in the path of a file may not be present in an NDMP incremental image
    9. NetBackup for OpenStack operational notes
      1.  
        Instance volumes in the incremental backups cannot be mounted
      2.  
        NetBackup master server does not re-issue the token if NetBackup VM is a 3-node cluster
      3.  
        NetBackup version is displayed as 'Netbackup_9001_beta1' instead of 'NetBackup-CentOS3.10.0 9.0' on the Web UI
      4.  
        Success message appears along with the error message when you delete the policy that has snapshots
      5.  
        Unable to connect to NetBackup master server using NBCA
      6.  
        Excluded Ceph Volume after restore is not mountable or formattable
      7.  
        Restored VMs have blank metadata config_drive attached
      8.  
        NBOSVM reconfig fails when you add new NetBackup VM to the cluster
      9.  
        Database does not sync after NetBackup cluster gets new nodes
      10.  
        Data on boot disk gets backed up despite exclusion
      11.  
        After reinitialization and import, OpenStack certificates are missing
      12.  
        CLI import changes scheduler trust value to disabled
      13.  
        Unable to get node details after you reinitialize the NetBackup Appliance
      14.  
        Snapshots fails with "object is not subscriptable" for many policy jobs at the exact same time
      15.  
        No operation is permitted in insecure way for SSL-enabled Keystone URL
    10. NetBackup internationalization and localization operational notes
      1.  
        Support for localized environments in database and application agents
      2.  
        Certain NetBackup user-defined strings must not contain non-US ASCII characters
    11. NetBackup Snapshot Client operational notes
      1.  
        Snapshot job fails with status code 927
      2.  
        HPE 3PAR array snapshot import fails with status code 4213
      3.  
        Snapshots are deleted after point-in-time rollbacks
      4.  
        Index from Snapshot operation does not populate contents of the snapshot accurately in the catalog
    12. NetBackup virtualization operational notes
      1. NetBackup for VMware operational notes
        1.  
          CDP-protected VM gets turned off
        2.  
          Backups may fail when data on CDP staging path is corrupted
        3.  
          Remove CDP gateways before resubscribing VMs to storage policies
  4. Appendix A. About SORT for NetBackup Users
    1.  
      About Veritas Services and Operations Readiness Tools
  5. Appendix B. NetBackup installation requirements
    1.  
      About NetBackup installation requirements
    2.  
      Required operating system patches and updates for NetBackup
    3.  
      NetBackup 9.1 binary sizes
  6. Appendix C. NetBackup compatibility requirements
    1.  
      About compatibility between NetBackup versions
    2.  
      About NetBackup compatibility lists and information
    3.  
      About NetBackup end-of-life notifications
  7. Appendix D. Other NetBackup documentation and related documents
    1.  
      About related NetBackup documents

Authorization check fails if you change the user after installation or upgrade in an NBAC-enabled setup

Authorization check fails if you change the user after NetBackup installation or upgrade in an NBAC-enabled setup.

For more information on the service user (non-privileged or non-root user), refer to the NetBackup Security and Encryption Guide.

The following error message is displayed during installation or upgrade:

bprd failed to grant authorization check permission to host
 'host1'
118-VxSS authorization failed: Please make sure NBAC-Authorization
 is properly configured and running and you have necessary
 permissions to do these operations.

The issue occurs because the new service user is not part of the Security Administrator group.

Workaround:

To resolve the issue, you should add the new service user to the Security Administrator group (or remove the older one) using one of the following scenarios.

Scenario 1

Authorization check fails in one of the following cases:

  • The root (UNIX) or Local System (Windows) user is changed to a new service user using the nbserviceusercmd -changeUser command.

  • The NetBackup 9.1 upgrade is performed with the service user other than the root or Local System user.

To resolve the authorization check failure:

  1. After changing the user, ensure that all NetBackup services are up and running.

  2. Run the following command to add the new service user to the Security Administrator group:

    vssaz addazgrpmember --azgrpname "Security Administrators" --prplinfo ATP,atdomain,new service user

    The directory path to the vssaz command is as follows:

    On UNIX: /usr/openv/netbackup/sec/az/bin

    On Windows: <install_path>\sec\az\bin

Scenario 2

Authorization check fails when one service user is changed to another service user using the nbserviceusercmd -changeUser command.

To resolve the authorization check failure:

  1. After changing the user, ensure that all NetBackup services are up and running.

  2. Run the following command to remove the older service user principle from the Global Security Administrator group.

    vssaz removeazgrpmember --azgrpname "Security Administrators" --prplinfo ATP,atdomain,older user

  3. Run the following command to add the new service user to the Security Administrator group:

    vssaz addazgrpmember --azgrpname "Security Administrators" --prplinfo ATP,atdomain,new service user

The directory path to the vssaz command is as follows:

On UNIX: /usr/openv/netbackup/sec/az/bin

On Windows: <install_path>\sec\az\bin

Scenario 3

If the service user is changed to the root (UNIX) or Local System (Windows) user using the nbserviceusercmd -changeUser command, for example, after the NetBackup 9.1 fresh installation. It's recommended to remove the old service user from the Security Administrator group for increased security.

To eliminate the security vulnerability that may be introduced because of the stale entry of the old service user in the group:

  1. After changing the user, ensure that all NetBackup services are up and running.

  2. Run the following command to remove the older service user principle from the Global Security Administrator group.

    vssaz removeazgrpmember --azgrpname "Security Administrators" --prplinfo ATP,atdomain,older user