Solved: Backup Exec 2012 requires Credentials for Backing ...

Gregg_Leventhal · ‎11-30-2012

What is the purpose of an Agent that creates a Beoper group that root is a member of, if in the end you still must supply credentials to backup that server? I have Backup Exec 2012 and I have installed the RALUS agent on a remote Centos 6 Linux Server. To backup this server I choose Add from the Backup and Restore tab under the Server section. I then choose Add Linux Server, Establish trush, and I am then asked to provide credentials for a member of the Beoper group before it will back up the Linux Server to My Windows based Backup Exec Server.

Why must I provide credentials? Isn't the point of an agent to handle that? Is there another way?

RLeon · ‎12-02-2012

Consider this to be part of the Backup Exec security model.

Yes, the fact that you had shown that you have the credential to install a BE agent on the host shows that you are authenticated and authorized.
It is logical to think that if your BE server connects to this host, the BE agent would allow access with no questions asked.
After all, you did demonstrate that you had the credentials.

But, what if a rogue BE server appears in the network and tries to backup files from that host?
Without verifying the credentials, the BE agent would just give out the files to anyone that appears to be a BE server.
The solution is to make the BE agent verify that a connecting server is also genuine.

This happens not only to RALUS, but to RAWS (Windows BE agents) as well.
It is just that with RAWS, this is already done for you as part of the push-install procedure.

View solution in original post

Backup_Exec1 · ‎11-30-2012

Hi

If you are trying to backup centos OS with BE 2012 then it is not supported OS on the first place please check the SCl for BE2012

http://www.symantec.com/docs/TECH175581

Thanks

Gregg_Leventhal · ‎11-30-2012

OK, well then please let's ask the same question for my Red Hat server which is supported. Is there any way to backup a Linux server that has RALUS installed without providing credentials for a member of the Beoper group or any other local linux user to my backup exec server?

Gregg_Leventhal · ‎11-30-2012

I am also curious, If i remove a server from the server list; What happens to the backups for that server that are on tape? Is there any way to perform a restore for a server that was removed from the list if I know that there are backups still available on the tape?

Gregg_Leventhal · ‎12-02-2012

Could someone please answer if there is any way to perform backups on remote machines without supplying/storing credentials for that machine on the backup exec 2012 server?

Backup_Exec1 · ‎12-02-2012

Hi

No there is no way you have to enter the credential on Media server in order to access the your remote server

Thanks

RLeon · ‎12-02-2012

Consider this to be part of the Backup Exec security model.

Yes, the fact that you had shown that you have the credential to install a BE agent on the host shows that you are authenticated and authorized.
It is logical to think that if your BE server connects to this host, the BE agent would allow access with no questions asked.
After all, you did demonstrate that you had the credentials.

But, what if a rogue BE server appears in the network and tries to backup files from that host?
Without verifying the credentials, the BE agent would just give out the files to anyone that appears to be a BE server.
The solution is to make the BE agent verify that a connecting server is also genuine.

This happens not only to RALUS, but to RAWS (Windows BE agents) as well.
It is just that with RAWS, this is already done for you as part of the push-install procedure.

VOX

Backup Exec 2012 requires Credentials for Backing up Linux Servers?