Forum Discussion

NAYAB's avatar
NAYAB
Level 4
7 years ago

Account required to backup different Domain controllers

Hi All,  

In our environment, We have 4 different domains e.g. abc.com, 123.com, xyz.com and opq.com

And i have my NBU master server and Media servers sitting in abc.com and i want to backup Domain controllers from other domains and to restore them as Granular objects later. May i know what knid of account do i need for this

1. Local Admin account is enough ?

2. Domain account needed for each Domain controller ?

Thanks,

Nayab

  • Hi Nayab,

    Yes, that is correct.  I currently do the same.  My Master backs up AD from the domain in which it lives, and it also backs up AD from two other separate domains.  One of the additional domains I backup AD but don't do GRT - but that is security related....high security network, so can't open NFS :)

    You just need:

    • Network connectivity/firewall/name resolution between Master, Media and Client - as per normal
    • NFS configured on the DC's and Media Server (if you want GRT).  If your media server is a NetBackup appliance or Unix based, then the NFS is already configured.  The NetBackup Administrator's Manual Volume I contains info on how to configure NFS if your media server is running Windows.
    • NetBackup Client running under AD domain admin credentials

    I think you posted that your are running NetBackup 8.0.  If so, configuring AD GRT backups and restores starts on page 862 of the manual.

    Hope this helps,

    Steve

  • Hi Nayab,

    They will need to be Domain Accounts (one in each domain), as the account used for granular backup and restore needs the correct AD permissions to do this.  This should be a Domain Admin equivalent account, so you have the rights to backup and restore any AD object.

    You'll also need to look at the NFS configuration and ensuring your NetBackup client service is set to run under the accounts you create in each of the AD domains.

    The basic requirements are in the NetBackup Administrator's Manual Volume I, but if you need further help pop back here and someone should be able to point you in the right direction.

    Hope this helps,

    Steve

    • NAYAB's avatar
      NAYAB
      Level 4

      Just to summarize , I can backup respective Domain controllers without my master server being in that actual domain right ? Using the Domain Admin account to run the NBU agent on the respective Domain controller servers.

       

      • Systems_Team's avatar
        Systems_Team
        Level 6

        Hi Nayab,

        Yes, that is correct.  I currently do the same.  My Master backs up AD from the domain in which it lives, and it also backs up AD from two other separate domains.  One of the additional domains I backup AD but don't do GRT - but that is security related....high security network, so can't open NFS :)

        You just need:

        • Network connectivity/firewall/name resolution between Master, Media and Client - as per normal
        • NFS configured on the DC's and Media Server (if you want GRT).  If your media server is a NetBackup appliance or Unix based, then the NFS is already configured.  The NetBackup Administrator's Manual Volume I contains info on how to configure NFS if your media server is running Windows.
        • NetBackup Client running under AD domain admin credentials

        I think you posted that your are running NetBackup 8.0.  If so, configuring AD GRT backups and restores starts on page 862 of the manual.

        Hope this helps,

        Steve