Flex Appliances with MFA and NBITA
In my production environments I currently have NetBackup 10.x instances running on 2 x 5360HA Flex appliances using a single data collector sat on VMware collecting from 4 NetBackup domains spread over both appliances. MFA is due to be turned on the Flex appliances and for NetBackup instances. It's similar in a developer environment also. I'm having a bit of a moment here, the documentation for NBITA seems all over the place with vital potentially solution breaking information just dropped into a single place / a side note.
- Will turning on MFA break my NBITA deployment irreparably given that once MFA is on in the way we want it to be, you can’t turn it off again? Does anyone have any experience with this?
The two items that are causing me concern are both from NBITA Systems Admin Guide Appendix C:
"Note: Remote data collection from Netbackup primary server cannot be configured when multi-factor authentication is configured on Netbackup Appliance"
On the subject of making a primary server running on Flex into a data collector - “On a Flex appliance, connect to the primary server pod first and then switch to the root user” - unpicking this is proving tricky one, switching to root on the Flex host is long winded and needs a support ticket and I wasn't aware you could on the instances.
Is this saying that I need to follow these very less than clear instructions for everyone one of my NetBackup primary servers (currently 4 but 16 planned by the end of the year) or is using MFA just out of the question for Flex and NetBackup if I continue to use NBITA?