NetBackup™ Web UI Backup Administrator's Guide
- Introducing the NetBackup web user interface
- Managing protection plans
- Managing jobs
- Configuring email notifications for alerts
- Usage reporting and capacity licensing
- Track backup data size on your master servers
- Adding a trusted master server using NetBackup CA-signed (host ID-based) certificate
- Configure the servers list for usage reporting
- Scheduling reports for capacity licensing
- Other configuration for incremental reporting
- Troubleshooting failures for nbdeployutil and incremental reporting
Adding a trusted master server using NetBackup CA-signed (host ID-based) certificate
If you want to have usage reporting for multiple master servers in the NetBackup web UI, you need to configure a trust relationship exists between the NetBackup servers in the different domains.
Perform the following steps on both the source and the target server:
Identify the NetBackup versions that are installed on the source and the target servers.
Usage reporting and Smart Meter are supported for NetBackup 8.1.2 and later.
Obtain the authorization tokens of the remote server.
Use the bpnbat command to log on and nbcertcmd to get the authorization tokens.
Obtain the fingerprints for the remote server.
To obtain the SHA1 fingerprint of root certificate, use the nbcertcmd -displayCACertDetail command.
Ensure that you have one of the following permissions:
System administrator permissions with root permissions for UNIX, administrator permissions for Windows, or a NetBackupCLI user for a 3.1 NetBackup appliance.
Access to the NetBackup Administration Console, where you have <username> ADMIN=ALL permissions through
auth.conf.Enhanced Auditing (EA) user permissions through
authalias.conf.For remote Windows master server, if the user's domain is not same as that of the authentication service, you must add the domain with LDAP using the vssat addldapdomain command. See the NetBackup Commands Reference Guide.
Also, this user must have RBAC security administrator permissions. See the WEB UI for the Security Administrators Guide..
Use this procedure to add a trusted master server when a NetBackup CA-based certificate is used to establish the trust.
To add a trusted master server, when both the source and the target servers are NetBackup version 8.1 or later
- In the NetBackup Administration Console, expand NetBackup Management > Host Properties > Master Servers in the left pane.
- In the right pane, select the master server and Actions > Properties.
- In the properties dialog box left pane, select Servers.
- On the Trusted Master Servers tab, click Add.
- Enter the fully-qualified host name of the remote master server and click Validate Certificate Authority.
- In the Validate Certificate Authority dialog box, verify if the CA certificate fingerprint of the remote server is correct.
To proceed, click Yes.
If the fingerprints don't match, click No. Contact the remote server admin to provide the correct fingerprints.
- Enter the trusted master server details using one of the following methods.
(Recommended) Select Specify authentication token of the trusted master server and enter the token details of the remote master server.
Select Specify credentials of the trusted master server and enter the user name and password. Note that this method may present a possible security breach. Only an authentication token can provide restricted access and allow secure communication between both the hosts.
To establish trust with a 3.1 NetBackup master appliance, use the NetBackup CLI credentials.
- Click OK.
- Perform the same procedure on the remote master server that you added in step 5.
To add a trusted master server, when both the source and the target server are NetBackup version 8.0 or earlier
- Ensure that the Enable insecure communication with NetBackup 8.0 and earlier hosts option is enabled in the global security settings.
- In the NetBackup Administration Console, expand NetBackup Management > Host Properties > Master Servers in the left pane.
- In the right pane, select the master server and Actions > Properties.
- In the properties dialog box left pane, select Servers.
- On the Trusted Master Servers tab, click Add.
- Enter the fully-qualified host name of the remote master server and click Validate Certificate Authority.
- Enter the Username and Password of the remote master server host.
- Click OK.
For details on usage reporting in the web UI, see the NetBackup Web UI for Backup Administrator's Guide.
For more information on commands, see the NetBackup Commands Reference Guide. For details on the authalias.conf, see the NetBackup Security and Encryption Guide.