NetBackup™ Web UI Administrator's Guide

Last Published:
Product(s): NetBackup & Alta Data Protection (10.4.0.1)
  1. Section I. About NetBackup
    1. Introducing NetBackup
      1.  
        About NetBackup
      2.  
        NetBackup web UI features
      3.  
        NetBackup documentation
      4. NetBackup administration interfaces
        1.  
          About security certificates for NetBackup hosts
        2.  
          First-time sign in to the NetBackup web UI
        3.  
          Sign in to the NetBackup web UI
        4.  
          Sign out of the NetBackup web UI
      5.  
        Using the NetBackup web UI
      6.  
        Terminology
    2. Administering NetBackup licenses
      1.  
        About NetBackup licenses
      2.  
        Add licenses
      3.  
        View licenses
      4.  
        Renew licenses
      5.  
        Remove licenses
  2. Section II. Monitoring and notifications
    1. Monitoring NetBackup activity
      1.  
        The NetBackup dashboard
      2. Activity monitor
        1.  
          Monitor NetBackup daemons
        2.  
          Monitor NetBackup processes
      3. Job monitoring
        1.  
          Workloads that require a custom RBAC role for specific job permissions
        2.  
          View a job
        3.  
          View the jobs in the List view
        4.  
          View the jobs in the Hierarchy view
        5.  
          Jobs: cancel, suspend, restart, resume, delete
        6.  
          Search for or filter jobs in the jobs list
        7.  
          Create a jobs filter
        8.  
          Edit, copy, or delete a jobs filter
        9.  
          Import or export job filters
        10.  
          View the status of a redirected restore
        11. Troubleshooting the viewing and managing of jobs
          1.  
            Job actions not available for workload administrators with limited RBAC permissions on assets
    2. Device monitor
      1.  
        About the Device Monitor
      2.  
        About media mount errors
      3. About pending requests and actions
        1.  
          About pending requests for storage units
        2.  
          Resolve a pending request
        3.  
          Resolve a pending action
        4.  
          Resubmit a pending request
        5.  
          Deny a pending request
    3. Notifications
      1. Job notifications
        1. Send email notifications for job failures
          1.  
            Status codes that generate alerts
        2.  
          Send notifications to the backup administrator about failed backups
        3.  
          Send notifications to a host administrator about backups
        4.  
          Configure the nbmail.cmd script on the Windows hosts
      2. NetBackup event notifications
        1.  
          View notifications
        2.  
          Modify or disable NetBackup event notifications in the web UI
        3.  
          NetBackup event types supported with notifications
        4.  
          About configuring automatic notification cleanup tasks
    4. Registering the data collector
      1.  
        About the data collector
      2.  
        Register the data collector with Veritas Alta View
      3.  
        Renew Veritas Alta View token
      4.  
        Register the data collector with Veritas NetBackup IT Analytics
      5.  
        View and modify the data collector registration
      6.  
        Unregister the data collector
  3. Section III. Configuring hosts
    1. Managing host properties
      1.  
        Overview of host properties
      2.  
        View or edit the host properties of a server or client
      3.  
        Host information and settings in Host properties
      4.  
        Reset a host's attributes
      5.  
        Active Directory properties
      6.  
        Backup pool host properties
      7. Busy file settings properties
        1.  
          Activating the Busy file settings in host properties
      8.  
        Clean up properties
      9.  
        Client name properties
      10. Client attributes properties
        1. General tab of the Client attributes properties
          1.  
            Offline option usage considerations and restrictions
          2.  
            Where deduplication should occur
        2.  
          Connect options tab of the Client attributes properties
        3.  
          Windows open file backup tab of the Client attributes properties
      11. Client settings properties for UNIX clients
        1.  
          VxFS file change log (FCL) for incremental backups property
      12. Client settings properties for Windows clients
        1.  
          How to determine if change journal support is useful in your NetBackup environment
        2.  
          Guidelines for enabling NetBackup change journal support
      13.  
        Cloud Storage properties
      14.  
        Credential access properties
      15. Data Classification properties
        1.  
          Add a data classification
      16. Default job priorities properties
        1.  
          Understanding the job priority setting
      17.  
        Distributed application restore mapping properties
      18. Encryption properties
        1.  
          Additional encryption methods for Windows clients
      19.  
        Enterprise Vault properties
      20.  
        Enterprise Vault hosts properties
      21. Exchange properties
        1.  
          About the Exchange credentials in the client host properties
      22. Exclude list properties
        1.  
          Add an entry to an exclude list
        2.  
          Add an exception to the exclude list
        3. Syntax rules for exclude lists
          1.  
            Example of a Windows client exclude list
          2.  
            Example of a UNIX exclude list
        4.  
          About creating an include list on a UNIX client
        5.  
          Traversing excluded directories
      23. Fibre transport properties
        1.  
          About Linux concurrent FT connections
      24.  
        Firewall properties
      25. General server properties
        1.  
          Forcing restores to use a specific server
      26. Global attributes properties
        1.  
          About constraints on the number of concurrent jobs
        2.  
          Setting up mailx email client
      27. Logging properties
        1.  
          Logging levels
      28.  
        Lotus Notes properties
      29. Media properties
        1.  
          Results when media overwrites are not permitted
        2.  
          Recommended use for Enable SCSI reserve property
      30.  
        Network properties
      31. Network settings properties
        1.  
          Reverse host name lookup property
        2.  
          Use the IP address family property
      32.  
        Nutanix AHV access hosts
      33. Port ranges properties
        1.  
          Registered ports and dynamically-allocated ports
      34. Preferred network properties
        1.  
          Add or edit a Preferred network setting
        2.  
          How NetBackup uses the directives to determine which network to use
        3.  
          Configurations to use IPv6 networks
        4.  
          Configurations to use IPv4 networks
        5.  
          Order of directive processing in the Preferred network properties
        6.  
          bptestnetconn utility to display Preferred network information
        7.  
          Configuration to prohibit using a specified address
        8.  
          Configuration to prefer a specified address
        9.  
          Configuration that restricts NetBackup to one set of addresses
        10.  
          Configuration that limits the addresses, but allows any interfaces
      35.  
        Properties setting in host properties
      36.  
        RHV access hosts properties
      37. Resilient network properties
        1.  
          View the resiliency status of a client
        2.  
          About Resilient jobs
        3.  
          Resilient connection resource usage
        4.  
          Specify resilient connections for clients
      38.  
        Resource limit properties
      39. Restore failover properties
        1.  
          Assigning an alternate media server as a failover restore server
      40. Retention periods properties
        1.  
          Changing a retention period
        2.  
          Determining retention periods for volumes
        3.  
          Retention Periods with end dates beyond 2038, excluding Infinity
      41. Scalable Storage properties
        1.  
          Configuring advanced bandwidth throttling settings
        2.  
          Advanced bandwidth throttling settings
      42. Servers properties
        1.  
          Add a server to a servers list
        2.  
          Remove a server from a servers list
        3.  
          Enable inter-node authentication for a NetBackup clustered primary server
        4.  
          About the certificate to use to add a trusted primary server
        5.  
          Changing the primary server that performs backups and restores for a client
      43. SharePoint properties
        1.  
          Consistency check options for SharePoint Server
      44. SLP settings properties
        1.  
          About batch creation logic in Storage Lifecycle Manager
      45.  
        Throttle bandwidth properties
      46.  
        Timeouts properties
      47.  
        Universal settings properties
      48.  
        UNIX client properties
      49.  
        UNIX Server properties
      50.  
        User account settings properties
      51.  
        VMware access hosts properties
      52.  
        Windows client properties
      53.  
        Configuration options not found in the host properties
      54.  
        About using commands to change the configuration options on UNIX or Linux clients and servers
    2. Managing credentials for workloads and systems that NetBackup accesses
      1.  
        Overview of credential management in NetBackup
      2. Adding credentials in NetBackup
        1.  
          Add a credential for NetBackup Callhome Proxy
        2.  
          Add a credential for an external KMS
        3.  
          Add a credential for Network Data Management Protocol (NDMP)
      3.  
        Edit or delete a named credential
      4.  
        Edit or delete Network Data Management Protocol (NDMP) credentials in NetBackup
      5. Add a configuration for an external CMS server
        1.  
          Configure external credentials
        2. Add a credential for CyberArk
          1.  
            Certificate revocation lists for CyberArk server
        3.  
          Edit or delete the configuration for an external CMS server
        4.  
          Troubleshooting the external CMS server issue
    3. Managing deployment
      1.  
        Managing the NetBackup Package repository
      2.  
        Update host
      3.  
        Deployment policies
  4. Section IV. Configuring storage
    1. Overview of storage options
      1.  
        About storage configuration
    2. Configuring disk storage
      1.  
        About configuring BasicDisk storage
      2.  
        About configuring disk pool storage
      3.  
        Create a disk pool
      4.  
        Edit a disk pool
      5.  
        Create a Media Server Deduplication Pool (MSDP, MSDP Cloud) storage server
      6.  
        Edit a storage server
      7. Integrating MSDP Cloud and CMS
        1.  
          Migrating or updating MSDP Cloud and CMS
      8.  
        Create a Media Server Deduplication Pool (MSDP) storage server for image sharing
      9.  
        Create an AdvancedDisk, OpenStorage (OST), or Cloud Connector storage server
      10.  
        Share images from an on-premises location to the cloud
      11.  
        Overview of universal shares
      12. Create a universal share
        1.  
          Using instant access for MS-Windows and Standard policies
      13.  
        View or edit a universal share
      14.  
        Delete a universal share
    3. Managing media servers
      1.  
        Add a media server
      2.  
        Activate or deactivate a media server
      3.  
        Stop or restart the media device manager
      4.  
        About NetBackup server groups
      5.  
        Add a server group
      6.  
        Delete a server group
    4. Configuring storage units
      1.  
        Overview of storage units
      2.  
        Create a storage unit
      3.  
        Edit storage unit settings
      4.  
        Copy a storage unit
      5.  
        Delete a storage unit
    5. Managing tape drives
      1.  
        Change a drive comment
      2.  
        About downed drives
      3.  
        Change a drive operating mode
      4.  
        Change the operating mode for a drive path
      5.  
        Clean a tape drive
      6.  
        Delete a drive
      7.  
        Reset a drive
      8.  
        Reset the mount time of a drive
      9.  
        Set the drive cleaning frequency
      10.  
        View drive details
    6. Managing robots and tape drives
      1.  
        NetBackup robot types
      2. Add a robot to NetBackup manually
        1.  
          Robot properties and configuration options
        2.  
          Robot control (robot configuration options)
      3.  
        Change the robot control properties of a robot
      4.  
        Delete a robot
    7. Inventorying robots
      1.  
        About robot inventory
      2.  
        When to inventory a robot
      3.  
        About showing a robot's contents
      4.  
        Showing the media in a robot
      5.  
        About comparing a robot's contents with the volume configuration
      6.  
        Comparing media in a robot with the volume configuration
      7.  
        About previewing volume configuration changes
      8.  
        Previewing volume configuration changes for a robot
      9.  
        About updating the NetBackup volume configuration
      10.  
        Updating the NetBackup volume configuration with a robot's contents
      11.  
        Robot inventory options
      12.  
        Advanced options for robot inventory settings
      13.  
        Configure media ID generation rules
      14.  
        Barcode rules settings
      15.  
        Media ID generation options
      16.  
        Configure media settings
      17.  
        About media type mapping rules
      18.  
        Configure media type mappings
    8. Managing volumes
      1.  
        About NetBackup tape volumes
      2.  
        About adding volumes
      3.  
        Add volumes
      4.  
        Volume properties
      5.  
        Edit volumes
      6.  
        About moving volumes
      7.  
        Move volumes
      8.  
        Delete a volume
      9.  
        About rules for moving volumes between groups
      10.  
        Changing the volume group assignment
      11.  
        Changing the media owner of a volume
      12.  
        Rescanning and updating barcodes
      13.  
        About barcode rules
      14.  
        Freezing or unfreezing a volume
      15.  
        Labeling a volume
      16.  
        Erase a volume
      17.  
        Suspending or unsuspending volumes
    9. Managing volume pools
      1.  
        About NetBackup volume pools
      2.  
        Adding or deleting a volume pool
      3.  
        Editing the volume pool
      4.  
        Volume pool properties
    10. Managing volume groups
      1.  
        About NetBackup volume groups
      2.  
        Moving a volume group
      3.  
        Deleting a volume group
    11. Staging backups
      1.  
        About staging backups
      2.  
        About basic disk staging
      3.  
        Create a BasicDisk storage unit with disk staging
      4.  
        Disk staging storage unit size and capacity
      5.  
        Finding potential free space on a BasicDisk disk staging storage unit
      6.  
        Schedule settings for disk staging
    12. Troubleshooting storage configuration
      1.  
        Registering a media server
      2.  
        Storage configuration issues
      3.  
        Troubleshooting universal share configuration issues
  5. Section V. Configuring backups
    1. Overview of backups in the NetBackup web UI
      1.  
        Backups methods supported in the NetBackup web UI
      2.  
        Protection plan vs. policy FAQs
      3.  
        Supported protection plan types
      4.  
        Support for NetBackup classic policies
    2. Managing protection plans
      1.  
        Create a protection plan
      2.  
        Customizing protection plans
      3.  
        Edit or delete a protection plan
      4.  
        Subscribe an asset or an asset group to a protection plan
      5.  
        Unsubscribe an asset from a protection plan
      6.  
        View protection plan overrides
      7.  
        About Backup now
    3. Managing classic policies
      1.  
        Add a policy
      2.  
        Example policy - Exchange Server DAG backup
      3.  
        Example policy - Sharded MongoDB cluster
      4.  
        Example policy - Epic-Large-File
      5.  
        Edit, copy, or delete a policy
      6.  
        Deactivate or activate a policy
      7.  
        Perform manual backups
      8.  
        About the Epic-Large-File policy type
    4. Protecting the NetBackup catalog
      1.  
        About the NetBackup catalog
      2. Catalog backups
        1.  
          The catalog backup process
        2.  
          Prerequisites for backing up the NetBackup catalog
        3.  
          Configuring catalog backups
        4.  
          Backing up NetBackup catalogs manually
        5.  
          Concurrently running catalog backups with other backups
        6.  
          Catalog policy schedule considerations
        7.  
          How catalog incrementals and standard backups interact on UNIX
        8.  
          Determining whether or not a catalog backup succeeded
        9.  
          Strategies that ensure successful NetBackup catalog backups
      3.  
        Disaster recovery emails and the disaster recovery files
      4.  
        Disaster recovery packages
      5.  
        Set the passphrase to encrypt disaster recovery packages
      6.  
        Recovering the catalog
    5. Managing backup images
      1.  
        About the Catalog utility
      2.  
        Catalog utility search criteria and backup image details
      3.  
        Verify backup images
      4.  
        Promote a copy to a primary copy
      5. Duplicate backup images
        1.  
          Multiplexed duplication considerations
        2.  
          Jobs that appear while making multiple copies
      6.  
        Expire backup images
      7. About importing backup images
        1.  
          About importing expired images
        2.  
          Import backup images, Phase I
        3.  
          Import backup images, Phase II
    6. Pausing data protection activity
      1.  
        Pause backups and other activity
      2.  
        Allow the automatic pause of data protection activity
      3.  
        Pause backups and other activity on a client
      4.  
        View paused backups and other paused activities
      5.  
        Resume data protection activity
  6. Section VI. Managing security
    1. Security events and audit logs
      1.  
        View security events and audit logs
      2. About NetBackup auditing
        1.  
          User identity in the audit report
        2.  
          Audit retention period and catalog backups of audit records
        3.  
          Viewing the detailed NetBackup audit report
      3.  
        Send audit events to system logs
      4.  
        Send audit events to log forwarding endpoints
    2. Managing security certificates
      1.  
        About security management and certificates in NetBackup
      2.  
        NetBackup host IDs and host ID-based certificates
      3. Manage NetBackup security certificates
        1.  
          Reissue a NetBackup certificate
        2.  
          Manage NetBackup certificate authorization tokens
      4. Using external security certificates with NetBackup
        1.  
          Configure an external certificate for the NetBackup web server
        2.  
          Remove the external certificate configured for the web server
        3.  
          Update or renew the external certificate for the web server
        4.  
          View external certificate information for the NetBackup hosts in the domain
    3. Managing host mappings
      1.  
        View host security and mapping information
      2.  
        Approve or add mappings for a host that has multiple host names
      3.  
        Example host mappings
      4.  
        Remove mappings for a host that has multiple host names
    4. Configuring multi-person authorization
      1.  
        About multi-person authorization
      2.  
        Workflow to configure multi-person authorization for NetBackup operations
      3.  
        RBAC roles and permissions for multi-person authorization
      4.  
        Multi-person authorization process with respect to roles
      5.  
        NetBackup operations that need multi-person authorization
      6.  
        Configure multi-person authorization
      7.  
        View multi-person authorization tickets
      8.  
        Manage multi-person authorization tickets
      9.  
        Add exempted users
      10.  
        Schedule expiration and purging of multi-person authorization tickets
      11.  
        Disable multi-person authorization
    5. Managing user sessions
      1.  
        Terminate a NetBackup user session
      2.  
        Unlock a NetBackup user
      3.  
        Configure when idle sessions should time out
      4.  
        Configure the maximum of concurrent user sessions
      5.  
        Configure the maximum of failed sign-in attempts
      6.  
        Display a banner to users when they sign in
    6. Configuring multifactor authentication
      1.  
        About multifactor authentication
      2.  
        Configure multifactor authentication for your user account
      3.  
        Disable multifactor authentication for your user account
      4.  
        Enforce multifactor authentication for all users
      5.  
        Configure multifactor authentication for your user account when it is enforced in the domain
      6.  
        Reset multifactor authentication for a user
    7. Managing the global security settings for the primary server
      1.  
        View the Certificate authority for secure communication
      2.  
        Disable communication with NetBackup 8.0 and earlier hosts
      3.  
        Disable automatic mapping of NetBackup host names
      4.  
        Configure the global data-in-transit encryption setting
      5.  
        About NetBackup certificate deployment security levels
      6.  
        Select a security level for NetBackup certificate deployment
      7.  
        About TLS session resumption
      8.  
        Set a passphrase for disaster recovery
      9.  
        Validate the disaster recovery package passphrase
      10. About trusted primary servers
        1.  
          Add a trusted primary server
        2.  
          Remove a trusted primary server
      11.  
        Configure the audit retention period
    8. Using access keys, API keys, and access codes
      1.  
        Access keys
      2. API keys
        1.  
          Add an API key or view API key details (Administrators)
        2.  
          Edit, reissue, or delete an API key (Administrators)
        3.  
          Add an API key or view your API key details
        4.  
          Edit, reissue, or delete your API key
        5.  
          Use an API key with NetBackup REST APIs
      3. Access codes
        1.  
          Request CLI access through web UI authentication
        2.  
          Approve the CLI access request of another user
        3.  
          Edit the settings for command-line access
    9. Configuring authentication options
      1.  
        Sign-in options for the NetBackup web UI
      2. Configure user authentication with smart cards or digital certificates
        1.  
          Configure smart card authentication with a domain
        2.  
          Configure smart card authentication without a domain
        3.  
          Edit the configuration for smart card authentication
        4.  
          Add or delete a CA certificate that is used for smart card authentication
        5.  
          Disable or temporarily disable smart card authentication
      3.  
        About single sign-on (SSO) configuration
      4. Configure NetBackup for single sign-on (SSO)
        1.  
          Configure the SAML KeyStore
        2.  
          Configure the SAML keystore and add and enable the IDP configuration
        3.  
          Enroll the NetBackup primary server with the IDP
        4.  
          Manage an IDP configuration
        5.  
          Video: Configure single sign-on in NetBackup
      5. Troubleshooting SSO
        1.  
          Redirection issues
        2.  
          Unable to sign in due to authorization-related issues
    10. Managing role-based access control
      1.  
        RBAC features
      2.  
        Authorized users
      3. Configuring RBAC
        1.  
          Notes for using NetBackup RBAC
        2.  
          Add AD or LDAP domains
        3.  
          View users in RBAC
        4.  
          Add a user to a role (non-SAML)
        5.  
          Add a smart card user to a role (non-SAML, without AD/LDAP)
        6.  
          Add a user to a role (SAML)
        7.  
          Remove a user from a role
      4.  
        Default RBAC roles
      5. Add a custom RBAC role
        1.  
          Edit or remove a role a custom role
        2.  
          Add a custom RBAC role to restore Azure-managed instances
        3.  
          Add a custom RBAC role for a PaaS administrator
        4.  
          Add a custom RBAC role for a Malware administrator
      6.  
        Role permissions
      7.  
        Manage access permission
      8.  
        View access definitions
    11. Disabling access to NetBackup interfaces for OS Administrators
      1.  
        Disable command-line (CLI) access for operating system (OS) administrators
      2.  
        Disable web UI access for operating system (OS) administrators
  7. Section VII. Detection and reporting
    1. Detecting anomalies
      1. About backup anomaly detection
        1.  
          How a backup anomaly is detected
      2.  
        Configure backup anomaly detection settings
      3.  
        View backup anomalies
      4.  
        Disable backup anomaly detection and computation of entropy and file attributes for a client
      5.  
        About system anomaly detection
      6.  
        Configure system anomaly detection settings
      7.  
        Configure rules-based anomaly detection
      8.  
        Configure risk engine-based anomaly detection
      9.  
        View system anomalies
    2. Malware scanning
      1. About malware scanning
        1. Workflow for malware scanning
          1.  
            Malware scanning workflow for MSDP backup images
          2.  
            Malware scanning workflow for OST and AdvancedDisk
      2. Configuring a scan host pool
        1.  
          Prerequisites for scan host pool
        2.  
          Configure a new scan host pool
        3.  
          Add a new host in a scan host pool
      3. Managing a scan host
        1.  
          Add an existing scan host
        2.  
          Validating the scan host pool configuration
        3.  
          Remove the scan host
        4.  
          Deactivate the scan host
        5.  
          Managing credentials for malware scanning
      4.  
        Configure resource limits for malware detection
      5. Perform a malware scan
        1.  
          Backup images
        2.  
          Assets by policy type
        3.  
          Assets by workload type
      6. Managing scan tasks
        1.  
          View the malware scan status
        2.  
          Actions for malware scanned images
        3.  
          Recover from malware-affected images (clients protected by policies)
        4.  
          Recover from malware-affected images (clients protected by protection plan)
        5.  
          Clean file recovery for virtual workload (VMware)
    3. Usage reporting and capacity licensing
      1.  
        Track protected data size on your primary servers
      2.  
        Add a local primary server
      3.  
        View license types in usage reporting
      4.  
        Scheduling reports for capacity licensing
      5.  
        Other configuration for incremental reporting
      6.  
        Troubleshooting failures for usage reporting and incremental reporting
  8. Section VIII. NetBackup workloads and NetBackup Flex Scale
    1. NetBackup SaaS Protection
      1.  
        Overview of NetBackup for SaaS
      2.  
        Adding NetBackup SaaS Protection Hubs
      3. Configuring the autodiscovery frequency
        1.  
          Proxy configuration for autodiscovery
      4.  
        Viewing asset details
      5.  
        Configuring permissions
      6.  
        Troubleshooting SaaS workload issues
    2. NetBackup Flex Scale
      1. Managing NetBackup Flex Scale
        1.  
          Access NetBackup from the Flex Scale infrastructure management console
        2.  
          Manage NetBackup and the NetBackup Flex Scale cluster management from the NetBackup Flex Scale web UI
        3.  
          Access NetBackup Flex Scale from the NetBackup web UI
    3. NetBackup workloads
      1.  
        Protection of other asset types and clients
  9. Section IX. Administering NetBackup
    1. Management topics
      1.  
        Configuring the NetBackup Client Service
      2.  
        Units of measure used with NetBackup
      3.  
        NetBackup naming conventions
      4.  
        Wildcard use in NetBackup
    2. Managing client backups and restores
      1.  
        About server-directed restores
      2. About client-redirected restores
        1.  
          About restore restrictions
        2.  
          Allowing all clients to perform redirected restores
        3.  
          Allowing a single client to perform redirected restores
        4.  
          Allowing redirected restores of a specific client's files
        5.  
          Examples of redirected restores
      3.  
        About restoring the files that have Access Control Lists (ACLs)
      4.  
        About setting the original atime for files during restores on UNIX
      5.  
        Restoring the System State
      6.  
        About the backup and restore of compressed files on VxFS file systems
      7.  
        About backups and restores on ReFS
  10. Section X. Disaster recovery and troubleshooting
    1. Disaster recovery of NetBackup
      1.  
        About disaster recovery of NetBackup
    2. Managing Resiliency Platforms
      1.  
        About Resiliency Platform in NetBackup
      2.  
        Understanding the terms
      3. Configuring a Resiliency Platform
        1.  
          Add a Resiliency Platform
        2.  
          Configure a third-party CA certificate
        3.  
          Edit or delete a Resiliency Platform
        4.  
          View the automated or not-automated VMs
      4.  
        Troubleshooting NetBackup and Resiliency Platform issues
    3. Managing Bare Metal Restore (BMR)
      1.  
        About Bare Metal Restore (BMR)
      2.  
        Add a custom role for a Bare Metal Restore (BMR) administrator
    4. Troubleshooting the NetBackup Web UI
      1.  
        Tips for accessing the NetBackup web UI
      2.  
        If a user doesn't have the correct permissions or access in the NetBackup web UI
      3.  
        Unable to validate the user or group when configuring LDAP server
  11. Section XI. Other topics
    1. Additional NetBackup catalog information
      1. Parts of the NetBackup catalog
        1. NetBackup databases and configuration files
          1.  
            About the Enterprise Media Manager (EMM)
        2. About the NetBackup image database
          1.  
            About NetBackup image .f files
        3.  
          About the catalog backup of cloud configuration files
      2. Archiving the catalog and restoring from the catalog archive
        1.  
          Enabling intelligent catalog archiving (ICA) to reduce the number of .f files
        2.  
          Creating a catalog archiving policy
        3.  
          Catalog archiving commands
        4.  
          Catalog archiving considerations
        5.  
          Extracting images from the catalog archives
      3. Estimating catalog space requirements
        1.  
          NetBackup file size considerations on UNIX systems
        2.  
          Moving the image catalog
        3. About image catalog compression
          1.  
            Uncompressing the NetBackup catalog
    2. About the NetBackup database
      1. About the NetBackup database installation
        1. About NetBackup primary server installed directories and files
          1.  
            About the bin directory
          2.  
            About the contents of the NetBackupDB and db directories
          3.  
            About the data directory
          4.  
            vxdbms.conf
        2.  
          NetBackup configuration entry
        3.  
          NetBackup database server management
        4.  
          The NetBackup database and clustered environments
      2. Post-installation tasks
        1.  
          Changing the NetBackup database password
        2.  
          Moving a database after installation
        3.  
          Copying the NetBackup databases
        4. Creating the NBDB database manually
          1.  
            Additional create_nbdb options
      3. Using the NetBackup Database Administration utility on Windows
        1. General tab of the NetBackup Database Administration utility
          1.  
            About fragmentation
        2. Tools tab of the NetBackup Database Administration utility
          1.  
            Changing the DBA password using the NetBackup Database Administration utility
          2.  
            Moving a NetBackup database
          3.  
            Exporting database schema and data
          4.  
            Copying or backing up a database
          5.  
            Restoring a database from a backup
      4. Using the NetBackup Database Administration utility on UNIX
        1.  
          Select/Restart Database and Change Password menu options
        2.  
          Database Space Management menu options
        3.  
          Database Validation Check and Rebuild menu options
        4.  
          Move Database menu options
        5.  
          Unload Database menu options
        6.  
          Backup and Restore Database menu options

Configure the SAML keystore and add and enable the IDP configuration

Before proceeding with the following steps, ensure that you have downloaded the IDP metadata XML file and saved it on the NetBackup primary server.

To configure SAML keystore and add and enable an IDP configuration

  1. Log on to the primary server as root or administrator.
  2. Run the following command.

    For IDP and NetBackup CA SAML KeyStore configuration:

    nbidpcmd -ac -n IDP configuration name -mxp IDP XML metadata file [-t SAML2] [-e true | false] [-u IDP user field] [-g IDP user group field] [-cCert] [-f] [-M primary server]

    Alternatively for IDP and ECA SAML KeyStore configuration:

    Depending on whether you want to configure SAML ECA KeyStore using the configured NetBackup ECA KeyStore or you want to provide the ECA certificate chain and private key, run the following commands:

    • Use NetBackup ECA configured keystore:

      nbidpcmd -ac -n IDP configuration name -mxp IDP XML metadata file[-t SAML2] [-e true | false] [-u IDP user field] [-g IDP user group field] -cECACert -uECA existing ECA configuration [-f] [-M Primary Server]

    • Use ECA certificate chain and private key provided by the user:

      nbidpcmd -ac -n IDP configuration name -mxp IDP XML metadata file[-t SAML2] [-e true | false] [-u IDP user field] [-g IDP user group field] -cECACert -certPEM certificate chain file -privKeyPath private key file [-ksPassPath KeyStore passkey file] [-f] [-M primary server]

    Replace the variables as follows:

    • IDP configuration name is a unique name provided to the IDP configuration.

    • IDP XML metadata file is the path to the XML metadata file, which contains the configuration details of the IDP in Base64URL-encoded format.

    • -e true | false enables or disables the IDP configuration. An IDP configuration must be added and enabled, otherwise users cannot sign in with the single sign-on (SSO) option. Even though you can add multiple IDP configurations on a NetBackup primary server, only one IDP configuration can be enabled at a time.

    • The SAML attribute names IDP user field and IDP user group field are used to map user identity information and group information in the Identity Provider. These fields are optional, and if not provided, they are mapped to the userPrincipalName and memberOf SAML attributes by default.

      For instance, if you have customized the attribute mapping in the Identity Provider to use attributes like email and groups, when configuring the SAML configuration, you need to provide the -u option for email and -g option for groups.

      If you have not provided values for these attributes during configuration, ensure that the Identity Provider returns the values against the userPrincipalName and memberOf attributes.

      For Example:

      If SAML response is as follows:

      saml:AttributeStatement <saml:Attribute Name="userPrincipalName"> <saml:AttributeValue>username@domainname</saml:AttributeValue> </saml:Attribute> <saml:Attribute Name="memberOf"> <saml:AttributeValue>CN=group name, DC=domainname</saml:AttributeValue> </saml:Attribute> </saml:AttributeStatement>

      It implies that you need to map the -u and -g options against the fields "saml:Attribute Name".

      Note:

      Ensure that the SAML attribute values are returned in the format of username@domainname for the field mapped to the -u option that defaults to userPrincipalName. If you include the domain name when returning group information, it should follow the format "(CN=group name, DC=domainname)" or "(domainname\groupname).

      However, if you return the group name as plain text without domain information, it should be mapped without the domain name in the SAML RBAC group.

    • primary Server is the host name or IP address of primary server to which you want to add or modify the IDP configuration. The NetBackup primary server where you run the command is selected by default.

    • Certificate Chain File is the certificate chain file path. The file must be in PEM format and must be accessible to the primary server on which the configuration is being performed.

      Private Key File is the private key file path. The file must be in PEM format and must be accessible to the primary server on which the configuration is being performed.

      KeyStore Passkey File is the KeyStore passkey file path and must be accessible to the primary server on which the configuration is being performed.

    If your Identity Provider is already configured with SAML attribute names as userPrincipalName and memberOf, you do not have to provide the -u and -g option while configuration. If you are using any other custom attributes name, provide those names against -u and -g as follows:

    For example:

    If the Identity Provider SAML attribute names are mapped as "email" and"groups", use the following command for configuration:

    nbidpcmd -ac -n veritas_configuration -mxp file.xml -t SAML2 -e true -u email -g groups -cCert -Mprimary_server.abc.com

    -u and -g are optional and it depends on the Identity Provider configuration. Ensure that you specify the same parameter values that you have provided at the time of configuration.