cancel
Showing results for 
Search instead for 
Did you mean: 

Netbackup Appliance 2.6.1.1 Java Console "Unable to login,status:503 Invalid Username"

Di_Ro
Level 4
Partner Accredited

I have a new NetBackup Appliance 5230 wich was updated to 7.6.1.1 and is configured as a master server and I am triyng to login by my Windows 7 laptop with the Java Console 7.6.1.1, but getting this error : "Unable to login,status:503 Invalid Username". I don't know where is the problem, I added the usernames to the auth.conf file and it looks like:

domain\user.last ADMIN=all JBP=all

domain\user2.last2 ADMIN=all JBP=all

domain\user3.last3 ADMIN=all JBP=all

After configuring auth.conf I did restart services, my nbatd proccess is running normaly.  Can somebody tell me what I am missing?

 

Thanks,

 

1 ACCEPTED SOLUTION

Accepted Solutions

Mouse
Moderator
Moderator
Partner    VIP    Accredited Certified

It takes more than that and what to do to set AD authentication up had been discussed here with almost step-by-step instructions http://www.symantec.com/connect/forums/add-ldap-authentication-5230-appliance

Frustrating that we can't have a technote from Symantec that explains all this. There is one technote but it is not a cookbook http://www.symantec.com/docs/HOWTO102490

As I mentioned above, Appliances don't support NBAC when configured as Masters

View solution in original post

7 REPLIES 7

Andrew_Madsen
Level 6
Partner

So you have configured NBAC? The appliance does not come configured with NBAC running. If so what type of authentication did you choose?

watsons
Level 6

Where did you create the auth.conf with the domain users?

Refer to the steps on page 1134 of NB761 admin guide: http://www.symantec.com/docs/DOC7668

CRZ
Level 6
Employee Accredited Certified

I don't think you've set it up correctly, but you haven't given me enough information to pinpoint just WHERE things might have gone wrong.

Symantec NetBackup 52xx and 5330 Appliance Administrator’s Guide – Release 2.6.1.1
 http://symantec.com/docs/DOC8009

Check out the documentation (start at the bottom of page 259, Settings > Authentication to check out some CLISH commands that can help you troubleshoot and/or start over from scratch in getting AD user access.  Especially look at the AD portion of the table on page 262)

If this isn't enough, hopefully somebody who knows more about Appliances than I do can show up in this thread and give you some REAL advice.  ;)  Good luck!

Mouse
Moderator
Moderator
Partner    VIP    Accredited Certified

Well, that's looks like a Java security file, not NBAC.

By the way, NBU Appliances do not support NBAC at all when configured as Masters.

Mouse
Moderator
Moderator
Partner    VIP    Accredited Certified

It takes more than that and what to do to set AD authentication up had been discussed here with almost step-by-step instructions http://www.symantec.com/connect/forums/add-ldap-authentication-5230-appliance

Frustrating that we can't have a technote from Symantec that explains all this. There is one technote but it is not a cookbook http://www.symantec.com/docs/HOWTO102490

As I mentioned above, Appliances don't support NBAC when configured as Masters

chashock
Level 6
Employee Accredited Certified

You should undo the changes you made to the auth.conf.  Direct changes to that file on an appliance are going to put you in a potentially unsupported state.

What you want to do is take a look at the admin guide for 2.6.1.1 starting around page 262.  While it isn't step by step, it does discuss this issue.  I'd also suggest the Command Reference Guide.  HOWTO102490 is more geared toward LDAP, and the addition of the the appliance to AD is a much simpler process.

Once you have the appliance added into AD, and you've set an AD group as authorized as an admin role your users belonging to that group should be able to use their domain credentials to login via the Java GUI.

Di_Ro
Level 4
Partner Accredited

Thank you everybody,

I did undo the changes to the auth.conf file in the appliance.

There is not enough official information that can support the step-by-step kindly Mouse shared with us, so the security department did not like the idea of plug-in required in the AD server, so we decided to use the Local Authentication. Here the way:
1. Create user by:
Main_Menu> Settings> Security> Authentication
Users Add username
* It will ask for a new password
2. Grant permissions by:
Main_Menu> Settings> Security> Authorization
Grant Administrator Users droman

Many thanks for your help!