NetBackup™ Web UI Security Administrator's Guide
- Introducing the NetBackup web user interface
- Managing role-based access control- About role-based access control (RBAC) in NetBackup
- NetBackup default RBAC roles
- Configuring RBAC
- Add a custom role
- Edit or delete a custom role
- Add an object group
- Previewing the assets, application servers, or protection plans for an object group
- Edit or delete an object group
- Add access for a user through access rules
- Edit or remove user access rules
- How can I limit role permissions to specific objects or assets?
 
- Security events and audit logs
- Managing host mappings and certificates- About security management and certificates in NetBackup
- NetBackup host IDs and host ID-based certificates
- View NetBackup host information
- Approve or add mappings for a host that has multiple host names
- Reissue a certificate when a host's certificate is no longer valid
- Remove mappings for a host that has multiple host names
- Reset a host's attributes
 
- Managing global security settings
- Troubleshooting the web UI
About role-based access control (RBAC) in NetBackup
The NetBackup web user interface provides the ability to apply role-based access control in your NetBackup environment. Use RBAC to provide access for the users that do not currently have access to NetBackup. Or, for current NetBackup users with administrator access you can provide limited access and permissions, based on their role in your organization.
For information on access control methods for the NetBackup Administration Console and access control and auditing information for root users and administrators, refer to the NetBackup Security and Encryption Guide.
Table: RBAC features
| Feature | Description | 
|---|---|
| Predefined roles or custom roles allow users to perform specific tasks | Predefined roles in RBAC allow users to perform common tasks for a system administrator, backup administrator, or workload administrator. Or, create custom roles to fit the role of your users. Root users and administrators still have full permissions in all NetBackup interfaces and in the APIs. | 
| Users can access NetBackup areas and features that fit their role | RBAC users can perform common tasks for their business role, but are restricted from accessing other NetBackup areas and features. RBAC also controls the assets that users can view or manage. | 
| Auditing of RBAC events | NetBackup audits successful RBAC events. | 
| DR ready | RBAC settings are protected with the NetBackup catalog. | 
| Enhanced Auditing or authorization (auth.conf) configurations still available for older interfaces | Enhanced Auditing is supported across all interfaces. You can continue to use the authorization (auth.conf) configurations with the NetBackup Administration Console and the CLIs. With these older interfaces you can manage access to workflows that are not yet supported in the NetBackup web UI and NetBackup APIs. Note that the auth.conf file does not restrict access to the NetBackup web UI or the NetBackup APIs. You cannot use the web UI if you have NetBackup Access Control (NBAC) enabled. |