Veritas NetBackup™ Flex Scale Administrator's Guide

Last Published:
Product(s): Appliances (3.2)
Platform: NetBackup Flex Scale OS
  1. Product overview
    1.  
      About Veritas NetBackup™ Flex Scale
  2. Viewing information about the NetBackup Flex Scale cluster environment
    1.  
      Accessing NetBackup Flex Scale and NetBackup
    2.  
      Accessing the NetBackup web user interface on the appliance
    3.  
      About the NetBackup Flex Scale web UI
    4.  
      About the NetBackup Flex Scale infrastructure management UI
    5. About the Dashboard view
      1.  
        Viewing all the activities
    6.  
      Working with NetBackup Flex Scale APIs
  3. NetBackup Flex Scale infrastructure management
    1. User management
      1.  
        Considerations for managing NetBackup Flex Scale users
      2.  
        Adding users
      3.  
        Changing user password
      4.  
        Removing users
      5.  
        Modifying user roles
      6.  
        Considerations for configuring AD/LDAP
      7.  
        Configuring AD server for Universal shares and Instant Access
      8.  
        Configuring AD/LDAP servers for NetBackup services
      9.  
        Configuring additional AD/LDAP servers for managing NetBackup services/Universal Shares/Instant Access
      10.  
        Configuring AD/LDAP servers on clusters deployed with only media servers
      11.  
        Directory services and certificate management
    2.  
      Region settings management
    3.  
      About NetBackup Flex Scale storage
    4. About Universal Shares
      1.  
        Creating a Protection Point for a Universal Share
    5.  
      Cloud bucket support for NetBackup Flex Scale
    6.  
      Backing up data to Data Domain storage
    7. Node and disk management
      1.  
        NetBackup Flex Scale network cabling
      2. Adding a node to the cluster using the NetBackup Flex Scale web interface
        1.  
          Considerations for adding a node when disaster recovery is configured
      3.  
        Adding a node using the REST APIs
      4.  
        Replacing a node in a cluster
      5.  
        Starting and stopping nodes
      6.  
        Rebooting a node
      7.  
        Adding an excluded node to the cluster
      8.  
        Replacing a disk
      9.  
        Adding an excluded disk to the cluster
      10.  
        Viewing the disk sync status
      11.  
        Viewing disk details
      12.  
        Viewing node details
      13.  
        Switching management console to another cluster node
    8. License management
      1.  
        Adding and removing storage licenses
    9.  
      Stopping NetBackup service containers
    10.  
      Starting NetBackup service containers
    11. Managing the Fibre Channel ports
      1. Requirements
        1.  
          Connectivity requirements for Fibre Channel
        2.  
          Storage unit (STU) requirements
      2.  
        Enabling BOM (Bill of Materials) configuration for Fibre Channel
      3.  
        Assigning Fibre Channel ports
      4.  
        Discovering attached devices
      5.  
        Rescanning Fibre Channel cards
      6.  
        Cleaning Fibre Channel ports
      7.  
        Unassigning Fibre Channel ports
      8.  
        Viewing details about the Fibre Channel ports
      9.  
        Disabling BOM (Bill of Materials) configuration for Fibre Channel
    12. Managing hardware vendor packages
      1.  
        Upgrading vendor packages
      2.  
        Uninstalling vendor packages
    13.  
      Updating credentials for HPE iLO administrator users
  4. NetBackup Flex Scale network management
    1.  
      About network management
    2.  
      Modifying DNS settings
    3.  
      Configuring MTU on public interfaces
    4.  
      Configuring the console FQDN
    5.  
      About bonding Ethernet interfaces
    6. Bonding operations
      1. Bonding operations on data network
        1.  
          Creating a bond
        2.  
          Modifying a bond
        3.  
          Removing a bond
      2. Bonding operations on management network
        1.  
          Creating a bond
        2.  
          Modifying a bond
        3.  
          Removing a bond
    7.  
      Configuring NetBackup Flex Scale in a non-DNS environment
    8. Data network configurations
      1.  
        Choosing the correct input method for data network configuration
      2. Network configuration on plain device (eth5)
        1.  
          Adding a data network
        2.  
          Modifying a data network
        3.  
          Deleting a data network
      3.  
        Network configuration on VLAN (eth5)
      4. Network configuration on bonded interfaces (bond0 on eth5 and eth7)
        1.  
          Adding a data network
      5.  
        VLAN on bond of eth5 and eth7 (bond0)
      6.  
        Network configuration on management interface (eth1)
      7.  
        Network configurations for adding a partial data network
      8.  
        Support for multiple VLAN when disaster recovery is configured
    9.  
      Configuring static routes on a NetBackup Flex Scale cluster
  5. NetBackup Flex Scale infrastructure monitoring
    1. About alert management
      1.  
        Viewing information about alerts
      2.  
        Managing alerts
    2. About event notification
      1.  
        Purging events
    3. About AutoSupport and Call Home
      1.  
        Setting up email alerts
      2.  
        Setting up SNMP alerts
      3.  
        Configuring Call Home settings
    4. Monitoring hardware components
      1.  
        Monitoring deviations in firmware, driver, and utilities
    5.  
      Performing health check for the cluster
    6.  
      Locating the disks
    7.  
      Monitoring usage and licensed capacity using Veritas NetInsights Console
  6. Resiliency in NetBackup Flex Scale
    1.  
      Erasure coding in NetBackup Flex Scale
    2.  
      Handling split-brain scenario in NetBackup Flex Scale
    3.  
      High availability of the NetBackup primary service
    4.  
      High availability of NetBackup services
    5.  
      NetBackup catalog protection
    6. NetBackup primary service catalog protection using checkpoints
      1.  
        Performing a recovery of the catalog file system using GUI
      2.  
        Performing a recovery of the catalog file system using REST APIs
  7. EMS server configuration
    1.  
      Configuring an external BYOS media server
    2.  
      Configuring an external NBA media server
  8. Site-based disaster recovery in NetBackup Flex Scale
    1.  
      About site-based disaster recovery in NetBackup Flex Scale
    2.  
      Configuring disaster recovery using GUI
    3.  
      Clearing the host cache
    4.  
      Automated NetBackup SLP management
    5.  
      DNS key management
    6.  
      Managing disaster recovery using GUI
    7. Performing disaster recovery using RESTful APIs
      1.  
        Establishing trust and setting up authentication
      2.  
        Configuring disaster recovery
      3.  
        Managing disaster recovery
    8.  
      Active-Active disaster recovery configuration
    9.  
      NetBackup optimized duplication using Storage Lifecycle Policies
  9. NetBackup Flex Scale security
    1.  
      About the security meter
    2. STIG overview for NetBackup Flex Scale
      1.  
        STIG-compliant password policy rules
      2.  
        Enabling STIG for NetBackup Flex Scale
      3.  
        Viewing the NetBackup Flex Scale STIG status
    3. FIPS overview for NetBackup Flex Scale
      1.  
        Viewing the NetBackup Flex Scale FIPS status
    4.  
      Managing the login banner
    5.  
      Changing the password policy
    6. Support for immutability in NetBackup Flex Scale
      1.  
        About lockdown modes
      2.  
        Selecting or changing the lockdown mode
      3.  
        Restricted access to Remote Management Platform (HPe iLO)
      4.  
        Configuring immutability using GUI
    7.  
      Authenticating users using digital certificates or smart cards
    8.  
      About system certificates on NetBackup Flex Scale
    9. Deploying external certificates on NetBackup Flex Scale
      1.  
        Deploying ECA using the GUI
      2.  
        Log locations
      3.  
        Considerations for performing other operations when ECA is deployed
    10.  
      Configuring isolated recovery environment (IRE)
  10. Configuring multifactor authentication
    1.  
      About multifactor authentication
    2.  
      Considerations before configuring multifactor authentication
    3.  
      Configuring multifactor authentication for your user account
    4.  
      Disabling multifactor authentication for your user account
    5.  
      Enforcing multifactor authentication for all users
    6.  
      Configuring multifactor authentication for your user account when it is enforced in the cluster
    7.  
      Resetting multifactor authentication for a user
  11. Single Sign-On (SSO)
    1.  
      About single sign-on (SSO) configuration
    2.  
      Configuring SSO on a NetBackup Flex Scale cluster on which both primary and media servers are deployed
    3.  
      Configuring SSO on a NetBackup Flex Scale cluster on which only media servers are deployed
  12. Appendix A. Maintenance procedures for HPE servers
    1.  
      Replacement procedure for a chassis fan
    2.  
      Replacement procedure for power supply
    3.  
      Replacement procedure for a single OS disk
    4.  
      Replacement procedure for both OS disks on a non- management console node
    5.  
      Replacement procedure for NVMe disks (SSDs)
    6.  
      Replacement procedure for RAID controller
    7.  
      Replacement procedure for an Integrated Lights-Out (iLO) port
    8.  
      Replacement procedure for quad-port NIC
    9.  
      Procedure for memory expansion (DIMMs)
    10.  
      Replacement procedure for memory (DIMMs)
    11.  
      Replacement procedure for Mellanox port
    12.  
      Replacement procedure for SFP port
    13.  
      Replacement procedure for chassis
    14.  
      Replacement procedure for a hard disk drive
    15.  
      Replacement procedure for a Fibre Channel card for a cluster node
    16.  
      Replacement procedure for a Fibre Channel card for a node that is not in a cluster
  13. Appendix B. Configuring NetBackup optimized duplication
    1. Configuring a Storage Lifecycle Policy for optimized duplication
      1.  
        Creating a Storage Lifecycle Policy for optimized duplication
      2.  
        Configuring a policy to use an SLP
      3.  
        Updating the policy to reverse the replication direction
  14. Appendix C. Disaster recovery terminologies
    1.  
      VVR technology in disaster recovery
    2.  
      About response fields in the GET disaster recovery API
  15. Appendix D. Configuring Auto Image Replication
    1.  
      Auto Image Replication configuration

Considerations for configuring AD/LDAP

The Lightweight Directory Access Protocol (LDAP) is the protocol used to communicate with LDAP servers. LDAP can be used as a directory service for user management. The LDAP server that is present outside the NetBackup Flex Scale cluster is responsible for authentication of users. For sites that use an LDAP server for access or authentication, NetBackup Flex Scale provides a simple LDAP client configuration interface. The NetBackup Flex Scale cluster acts as an LDAP client talking to the LDAP server.

Active Directory (AD) is a technology created by Microsoft that provides a variety of network services including LDAP directory services, Kerberos-based authentication, Domain Name System (DNS) naming, secure access to resources, and more.

  • You can configure AD/LDAP using the NetBackup Flex Scale GUI.

  • You can configure or add only one AD/LDAP server at a time. But you can add multiple AD/LDAP servers to the NetBackup Flex Scale cluster.

  • You can delete an existing AD/LDAP configuration.

  • You cannot modify an existing AD/LDAP configuration. To modify any aspect of the AD/LDAP configuration, you have to delete the existing configuration and add it back with the updated parameters.

  • When disaster recovery is configured between two NetBackup Flex Scale clusters, the AD/LDAP configuration and management must be done from the cluster on which NetBackup primary service is running

When you configure LDAP from the GUI, the domain ID is added as LDAP_Server_FQDN/IP. So, if you add LDAP user from the NetBackup GUI, you have to add the domain name as <user_name>@LDAP_Server_FQDN/IP.

If you have upgraded to NetBackup Flex Scale 3.2 from an earlier version in which the cluster was deployed with both primary server and media servers, the AD/LDAP servers which were already configured in the previous version will have the same name. For AD/LDAP servers which are newly configured on the upgraded cluster can have one of the following domain names:

  • <user name>@AD/LDAP server IP/FQDN

  • <user name>@10.221.xx.xx

  • <user name>@fqdn.domain

Consider the following while configuring AD/LDAP in your NetBackup Flex Scale cluster:

  • In a deployment with both primary and media servers:

    • Role assignment for AD/LDAP users should be done from the NetBackup web UI.

    • Domain users should use the [<AD/LDAP_serverIP|FQDN|domainname>\username] to login to NetBackup UI. Domain name can be used only if it was provided during AD/LDAP configuration.

    • Domain user login to the management IP of the node and console IP over SSH is not supported.

    • Domain user login to the public Appliance/Infrastructure APIs is not supported.

    • AD/LDAP domains can be added using FQDN as well as IP addresses.

    • AD/LDAP servers should be reachable through the data network.

    • Do not create domain user with same name as local user as creating duplicate users may cause ambiguity.

    • Do not configure more than one AD/LDAP server with the same domain as it may cause ambiguity in fetching and displaying information about domain users.

    • AD/LDAP users and groups should have UID and GID assigned in the AD/LDAP server. Role assignment does not work for domain users who do not have UID or GID. If multiple AD/LDAP servers are configured, make sure that none of the servers have conflicting UIDs or GIDs.

  • In a deployment with only media servers:

    • Domain users should use the [<AD/LDAP_serverIP|FQDN|domainname>\username] to login to NetBackup Flex Scale UI. Domain name can be used only if it was provided during AD/LDAP configuration.

    • AD/LDAP users should use only the [username@< AD/LDAP_serverIP/FQDN>] to login to public Appliance/Infrastructure APIs.

    • AD/LDAP domains can be added using FQDN as well as IP addresses.

    • AD/LDAP users should use only the AD/LDAP username to log on to the management IP of the node and console IP using SSH.

    • AD/LDAP servers should be reachable through the management network.

    • Do not create domain user with same name as local user as creating duplicate users may cause ambiguity.

    • Role assignment is not allowed for a domain user who has a space character in the username. For an AD user, the username is considered as the logon name.

    • Do not configure more than one AD/LDAP server with the same domain as it may cause ambiguity in fetching and displaying information about domain users.

  • In a non-DNS environment:

    • If you want to add a domain using FQDN, the IP to FQDN mapping for that domain should be added using the Network > Custom Hosts option in the Appliance UI. If multiple VLANs are configured on the cluster, AD/LDAP servers should be configured with the correct VLAN. Only then the AD/LDAP servers can communicate with the multi-VLAN cluster.

    • When configuring AD/LDAP servers for NetBackup Services on a deployment with both NetBackup primary and media servers, the custom hosts entries must be applied to NetBackup services.

    • When configuring AD/LDAP servers for NetBackup Services on a deployment with only media servers, the custom hosts entries must be applied to Cluster Nodes.

    • When configuring AD/LDAP servers for Universal share/Instant Access, the custom hosts entries must be applied to NetBackup services.