Showing results for 
Search instead for 
Did you mean: 

Flex Appliances with MFA and NBITA

Level 1

In my production environments I currently have NetBackup 10.x instances running on 2 x 5360HA Flex appliances using a single data collector sat on VMware collecting from 4 NetBackup domains spread over both appliances. MFA is due to be turned on the Flex appliances and for NetBackup instances. It's similar in a developer environment also. I'm having a bit of a moment here, the documentation for NBITA seems all over the place with vital potentially solution breaking information just dropped into a single place / a side note.

  • Will turning on MFA break my NBITA deployment irreparably given that once MFA is on in the way we want it to be, you can’t turn it off again? Does anyone have any experience with this?

The two items that are causing me concern are both from NBITA Systems Admin Guide Appendix C:

"Note: Remote data collection from Netbackup primary server cannot be configured when multi-factor authentication is configured on Netbackup Appliance"

On the subject of making a primary server running on Flex into a data collector - “On a Flex appliance, connect to the primary server pod first and then switch to the root user” - unpicking this is proving tricky one, switching to root on the Flex host is long winded and needs a support ticket and I wasn't aware you could on the instances.

Is this saying that I need to follow these very less than clear instructions for everyone one of my NetBackup primary servers (currently 4 but 16 planned by the end of the year) or is using MFA just out of the question for Flex and NetBackup if I continue to use NBITA?



Level 1

Hello John,

Walt Wintermute has confirmed that if you plan to turn on MFA on your Flex Appliance, then the way you are currently configured with a remote data collector (also known as a Centralized Data Collector) will not work. You will need to use the data collector embedded on the NetBackup Primary on the Flex Appliance instead (also known the Distributed Data Collector). Currently, we are making some major updates to our existing product documentation.






Thank you for that info!!! I've struggled with getting clear direction/instruction from the previous versions of the documentation. Thanks for all you that work on the documenting tasks for these applications. I appreciate it!