Forum Discussion

DoubleP's avatar
DoubleP
Level 5
5 years ago

Can policies randomly select "Encrypt" option?

Hello, we started seeing some of our policies start to fail with status" 9: a necessary extension package is not installed or not configured properly." This usually means that the policy has Encrypt checked in Attributes, but the servers don't have the encryptian packages. We don't have encryptian at this time.

Our masters are on 8.2, media are 8.0/3.0, clients 8.0. 

When I checked the catalog, it showed that one of the policies was successful up until March 6. Once I unchecked "Encrypt" they ran successfully once again.

Has anyone ever heard about a "bug" that could cause this? I don't believe that this is the case, but wanted to check other possibilities before looking into whether someone accidentally (or not accidentally!) changed the policies.

  • Use the nbauditreport command to check if someone is messing with the policies.

    • DoubleP's avatar
      DoubleP
      Level 5

      Can the nbauditreport be run for just specific policies, and does it actually show a userid? In the past, I had asked veritas support if it was possible to "see" who made changes to policies. I was told that that could not be done. 

      • Nicolai's avatar
        Nicolai
        Moderator

        Depends on your Netbackup configuration. 

        If Enhanced Auditing or NBAC is configured, you can see what users did what changes.

        From https://www.veritas.com/support/en_US/doc/15263389-127350397-0/v38711607-127350397

        -user username[:domainname]

        Indicates the name of the user for whom you want to display audit information.

        EXAMPLES

        Example 1 - Display all audit events that are reported from April 1, 2013 to the present.

        # nbauditreport -sdate 04/01/13
        
        USER         DESCRIPTION                                                TIMESTAMP   
        Admin@entry  Schedule 'test1' was added to Policy 'test1'               04/06/13 
        Admin@entry  Audit setting(s) of master server 'server1' were modified  04/06/13
        Admin@entry  Audit setting(s) of master server 'server1' were modified  04/06/13 
        sys@server1  The nbaudit service on master server 'server1' was started 04/06/13 
        sys@server1  The nbaudit service on master server 'server1' was stopped 04/06/13 
        sys@server1  The nbaudit service on master server 'server1' was started 04/06/13 

        /Nicolai

  • That is definitely someone else messing around with your policies.  I have never heard of policies amending themselves.

    Here's what I used to do:  have a script run overnight to collect the config of each policy to a text file, and then diff today's policy config capture with yesterday's policy config capture, and email me the differences.