Veritas NetBackup™ Appliance Administrator's Guide
- Overview
- About accessing the NetBackup Appliance Web Console
- About the NetBackup Appliance Shell Menu
- About appliance console components
- Monitoring the NetBackup appliance
- About hardware monitoring and alerts
- About Symantec Data Center Security on the NetBackup appliance
- Managing a NetBackup appliance from the NetBackup Appliance Web Console
- About storage configuration
- About Copilot functionality and Share management
- About viewing storage space information using the Show command
- About appliance supported tape devices
- About configuring Host parameters for your appliance
- Manage > Appliance Restore
- Manage > License
- About the Migration Utility
- Software release updates for NetBackup Appliances
- About installing an EEB
- About installing NetBackup Administration Console and client software
- Manage > Additional Servers
- Manage > High Availability
- Managing NetBackup appliance using the NetBackup Appliance Shell Menu
- About OpenStorage plugin installation
- About mounting a remote NFS
- About running NetBackup commands from the appliance
- About NetBackup administrator capabilities
- Creating a NetBackup touch file from the NetBackup appliance
- Creating NetBackup administrator user accounts
- About NetBackup administrator capabilities
- About Auto Image Replication between appliances
- About forwarding logs to an external server
- About high availability configuration
- About the non-certified disk erasure
- Understanding the NetBackup appliance settings
- Settings > Notifications
- Settings > Network
- Settings > Network > Network Settings
- Settings > Network > Fibre Transport
- Settings > Network > Host
- Settings > Authentication
- About configuring user authentication
- About authorizing NetBackup appliance users
- Settings > Authentication > LDAP
- Settings > Authentication > Active Directory
- Settings > Authentication > Kerberos-NIS
- Settings > Authentication > User Management
- Troubleshooting
- Deduplication pool catalog backup and recovery
Adding an LDAP server configuration
To configure an LDAP server
- Log on to the NetBackup Appliance Web Console.
- Click Settings > Authentication >LDAP to expand the LDAP Server Configuration.
- Select Add new configuration.
The appliance displays the fields to create a new configuration.
- Enter the configuration information based on the following fields:
Field
Description
Example
Server Name/IP
Enter the FQDN or IP address of your LDAP server.
Note:
The specified LDAP server should comply with RFC2307bis. The RFC2307bis specifies that hosts with IPv6 addresses must be written in their preferred form, such that all components of the address are indicated and leading zeros are omitted.
Base DN
Enter the base directory name which is the top level of the LDAP directory tree.
OU= ExampleUsers, dc= mydomain
Bind DN
Enter the bind directory name. The Bind DN is used as an authentication to externally search the LDAP directory within the defined search base.
DC=com
Password
Enter the password to access the LDAP server.
Common User Name
Enter the name of an existing LDAP user on your LDAP server.
NBUApplianceAdmin
Common Group Name
Enter the name of an existing LDAP user group on your LDAP server.
SSL Certificate Required
Displays a drop-down list to enable SSL certificate for your LDAP server. The drop-down list displays the following options:
Yes - Select to enable adding an SSL certificate
No - Select to continue configuring the LDAP server without the SSL certificate
Start TLS
Note:
When you use the Start TLS and Yes options during LDAP configuration, the initial setup is done over a non-SSL channel. After the LDAP connection and initial discover phase is over, the SSL channel is turned on. Even at this phase, the established SSL channel doesn't do the server-side certificate validation. This validation starts after the server's root certificate is explicitly set using the Set Certificate option. For more information, refer to See Setting the SSL certification.
Directory Type
Select the LDAP directory type from the drop-down list. The available options are:
OpenLDAP
ActiveDirectory
Others
Select OpenLDAP if you use a typical OpenLDAP directory service.
Select ActiveDirectory if you use AD as an LDAP directory service.
Select Others if you use a different type of LDAP directory service.
Validate UIDs and GIDs for Conflicts
Select the check-box to validate the User IDs and Group IDs and identify conflicting entires between the NetBackup appliance and the LDAP server.
Note:
The Common User Name and Common Group Name fields are not required to complete LDAP configuration. However, if you do not complete those fields, no LDAP users or LDAP groups appear under Settings > Authentication > User Management until you manually add them.
- Click Configure to configure LDAP authentication using the entered parameters.
The appliance configures and enables the new LDAP server and displays the Attribute Mappings and Configuration Parameters table.