mich2w
15 years agoLevel 3
Authentication failed errors after NBAC installed
Hello,
Since installing NBAC in our Netbackup environment (master server running Windows), I've noticed some of our Netbackup scripts are no longer working. For example if I try to run a bpexpdate for a remote media server (run from our master server), we get an authentication failed.
VxSS authentication failed (116)
We have a script that checks the status of the tape drives, and attempts to bring them back up when they have gone to down status. As part of the script the vmoprcmd command is used, again if we try to up a drive on remote media server we get authentication failed.
authentication failed (187)
Research of the authentication failed (187) error from the Netbackup Troubleshooting guide, shows that it could be due to expired certificate. Running bpnbat -whoami we get
Name: <admin account>
Domain: <domain>
Issued by: /CN=broker/OU=root@server.domain.local/O=vx
Expiry Date: May 11 05:49:34 2010 GMT
Authentication method: Microsoft Windows
Operation completed successfully.
So it looks like the certificate has expired. Could this be the cause of the authentication failures, and if so how do we extend the certificate expiry?
TIA
Michael
Since installing NBAC in our Netbackup environment (master server running Windows), I've noticed some of our Netbackup scripts are no longer working. For example if I try to run a bpexpdate for a remote media server (run from our master server), we get an authentication failed.
VxSS authentication failed (116)
We have a script that checks the status of the tape drives, and attempts to bring them back up when they have gone to down status. As part of the script the vmoprcmd command is used, again if we try to up a drive on remote media server we get authentication failed.
authentication failed (187)
Research of the authentication failed (187) error from the Netbackup Troubleshooting guide, shows that it could be due to expired certificate. Running bpnbat -whoami we get
Name: <admin account>
Domain: <domain>
Issued by: /CN=broker/OU=root@server.domain.local/O=vx
Expiry Date: May 11 05:49:34 2010 GMT
Authentication method: Microsoft Windows
Operation completed successfully.
So it looks like the certificate has expired. Could this be the cause of the authentication failures, and if so how do we extend the certificate expiry?
TIA
Michael
-prplptype
There's an extra, third "P" in there. Take that out. :)
Also you need TWO dashes instead of one.
So I think, even for Windows, it's "--prpltype user" you want.
As an example, 30 days (2592000 seconds) should be something like:
.... vssat setexpiryintervals --pluginname WINDOWS --prpltype user --credexpiry 2592000
setexpiryintervals
Try that and let us know!