Forum Discussion

navar_holmes's avatar
12 years ago

Catalog of B2D files Password

I am testing a complete recovery of B2D files.  I idea is my complete data center is gone and all i have is BE backup files.

I created a new BE2010R3 server on Server2008R2 in a new domain with no contection to the other domain.

Copied the B2D files to the new BE server.  Did an inventory.  but when i try to catalog the B2D files i get prompted for a password.  What password is BE looking for?  I am guessing this is why i get a failed Resource Credentials when i and setting up a restore.

How to i restore B2D files when i have no access to the orignal domain?

The B2D files were created on BE 2010R2 and server2008R2

  • This is the encryption password, not the credential.  Check the properties of the backup job that created the backup set that you are trying to catalog.  Under Network and Security, you would see the encryption key used to encrypt the backup set.  You need to use the passphrase to reply to the password prompt or create a similiar encryption key on the media server that you are trying to do the catalog.

    If you don't know or forget the passphrase, there is no way to recover the passphrase.  The backup set would be unusuable on any other media server, except the one that is used to create it in the first place.

  • If the backup jobs that created the B2D files were originally created on a version of Backup Exec prior to 11D and during any subsequent upgrades you did not completely recreate the backup jobs, then it is possible that your original administrator specified a media password that whilst not visible in the console of later versions of Backup Exec will still be used in the job configuration that was created on an earlier version.

    If this happens and you need to re-catalog then attempt to re-catalog will prompt for the media password and I think that if Encryption is the cause instead of a media password then the text of the reported message is different, as such you might want to post the screenshot of the exact message.

    For information media passwords did not encrypt the data on the tape all they did was enable a security mechanism in the tape header. As such we actually replaced media passwords when full encryption was added to Backup Exec. However we had to leave a method to still recover from media that had been protected with a media password.

    If you do have this problem it i discussed in:

    http://www.symantec.comn/docs/TECH70926

    According to this other document we may have tried to at least add a mechanism to warn users about the problem:

    http://www.symantec.com/docs/TECH128890

     

     

     

     

     

  • This is the encryption password, not the credential.  Check the properties of the backup job that created the backup set that you are trying to catalog.  Under Network and Security, you would see the encryption key used to encrypt the backup set.  You need to use the passphrase to reply to the password prompt or create a similiar encryption key on the media server that you are trying to do the catalog.

    If you don't know or forget the passphrase, there is no way to recover the passphrase.  The backup set would be unusuable on any other media server, except the one that is used to create it in the first place.

  • If the backup jobs that created the B2D files were originally created on a version of Backup Exec prior to 11D and during any subsequent upgrades you did not completely recreate the backup jobs, then it is possible that your original administrator specified a media password that whilst not visible in the console of later versions of Backup Exec will still be used in the job configuration that was created on an earlier version.

    If this happens and you need to re-catalog then attempt to re-catalog will prompt for the media password and I think that if Encryption is the cause instead of a media password then the text of the reported message is different, as such you might want to post the screenshot of the exact message.

    For information media passwords did not encrypt the data on the tape all they did was enable a security mechanism in the tape header. As such we actually replaced media passwords when full encryption was added to Backup Exec. However we had to leave a method to still recover from media that had been protected with a media password.

    If you do have this problem it i discussed in:

    http://www.symantec.comn/docs/TECH70926

    According to this other document we may have tried to at least add a mechanism to warn users about the problem:

    http://www.symantec.com/docs/TECH128890

     

     

     

     

     

  • The initial post contains

    The B2D files were created on BE 2010R2

  • Ahh Ok whilst what I wrote may not apply to B2D (I am not 100% sure), if it was tape, it does not matter what version of BE actually created the backup sets it matters what the version of BE was in use when the job was created.

     i.e. Admin 1 is using backup Exec 10D and creates job to backup with a media password.

    At some point the 10D install is updated to 2010 R3 (via an interim version) as an inplace upgrade meaning the jobs that were created on 10D still exist and have media passwords still enabled.

    The original admin either leaves the company or forgets what passwords he used in the 10D install.

    Then you have an issue that means you need to re-catalog the media - in this instance the10D media password will be needed for the restore. As noted above, I am not sure if you could set media passwords on Backup to Disk files in 10D/9.x

     

    EDIT: I just checked the 10D admin guide and media password don't seem to be limited to tape, so the above could still apply.