Veritas NetBackup™ Appliance Security Guide
- About the NetBackup appliance Security Guide
- User authentication
- About user authentication on the NetBackup appliance
- About configuring user authentication
- About user name and password specifications
- User authorization
- Intrusion prevention and intrusion detection systems
- Log files
- Operating system security
- Data security
- Web security
- Network security
- Call Home security
- About AutoSupport
- About Call Home
- About SNMP
- Remote Management Module (RMM) I security
- STIG and FIPS conformance
- Appendix A. Security release content
NetBackup appliance user role privileges
User roles determine the access privileges that a user is granted to operate the system or to change the system configuration. The user roles that are described in this topic are specific to LDAP, Active Directory (AD), and NIS users.
The following describes the appliance user roles and their associated privileges:
Table: User roles and privileges
Users can only access the NetBackup CLI.
Users can access the following:
A user account that is assigned the AMSadmin role is provided administrative privileges to access the Appliance Management Console that is hosted on the AMS. An AMS user is allowed to perform all the functions on the Appliance Management Console and centrally manage multiple appliances. The AMS user cannot log on the NetBackup Appliance Shell Menu for AMS. An Administrator can create AMS users.
A role can be applied to an individual user, or it can be applied to a group that includes multiple users.
A user cannot be granted privileges to both user roles. However, a NetBackupCLI user can also be granted access to the NetBackup Appliance Shell Menu in the following scenarios:
The user with the NetBackupCLI role is also in a group that is assigned the Administrator role.
The user with the Administrator role is also in a group that is assigned the NetBackupCLI role.
When granting a user to have privileges to the NetBackupCLI and the NetBackup Appliance Shell Menu, an extra step is required. The user must enter the switch2admin command from the NetBackup CLI to access the NetBackup Appliance Shell Menu.
Granting privileges to users and user groups can be done as follows:
From the NetBackup Appliance Web Console, on the Grant Permissions link.page, click on the
From the NetBackup Appliance Shell Menu, use the following commands in the Settings > Security > Authorization view:
Grant Administrator Group
Grant Administrator Users
Grant NetBackupCLI Group
Grant NetBackupCLI Users
Grant AMS Group
Grant AMS Users