07-15-2016 08:33 AM
Friends, please forgive the posting on what I think is a familiar topic. But I've searched through the forum and I've read through the admin guide I for 7.7.2 and I've tried all of the suggestions, including those found in the "Help" section, without success. I've also opened a support case with my RPS at Veritas which is unresolved.
I have
When I attempt to run the admin GUI, I get a pop-up warning as follows:
I'm led to believe that I want to be running /usr/openv/netbackup/bin/admincmd/bpnbaz -setupat on the master, but I'm not 100% clear on a) if this is accurate since it's not a clustered master environment and b) whether I must then restart nbsl for the change to be seen.
I sure would appreciate some assistance. This is driving me crazy.
07-15-2016 08:53 AM
Yes installing security certificate is mandatory
The certificates are issued by certificate authority on master server.
A clear procedure on how to issue and deploy certificates on hosts is documented in admin guide I for Netbackup 7.7.2
http://www.veritas.com/docs/000100623
Refer from page 47 to clear information
07-15-2016 08:57 AM
To deploy a security certificate for media servers or clients
1 Run the following command on the master server, depending on your
environment. Specify the name of an individual host, specify -AllMediaServers,
or specify -AllClients.
Windows: install_path\NetBackup\bin\admincmd\bpnbaz -ProvisionCert
host_name|-AllMediaServers|-AllClients
UNIX: /usr/openv/netbackup/bin/admincmd/bpnbaz -ProvisionCert
host_name|-AllMediaServers|-AllClients
NetBackup appliance (as a NetBackupCLI user): bpnbaz -ProvisionCert
Media_server_name
2 Restart the NetBackup Service Layer service on the master server.
No services need to be restarted if the target host is a NetBackup client.
To create a host identity and then deploy a security certificate for a media
server or client
1 Run the following command on the master server to create an identity for the
target NetBackup host.
Windows: install_path\NetBackup\bin\bpnbat –addmachine
target_hostname
UNIX: /usr/openv/netbackup/bin/bpnbat –addmachine target_hostname
Enter a password of your choice when prompted and make a note of it.
2 Run the following command on the target NetBackup host to obtain a certificate
from the master server and deploy it:
Windows: install_path\NetBackup\bin\bpnbat –loginmachine
UNIX: /usr/openv/netbackup/bin/bpnbat –loginmachine
Enter the master server name as the authentication broker name when
prompted. Enter the same computer name and password that were used to
create the target host identity on the master server.
07-15-2016 12:36 PM
nbutech, thank you for this information.
I want to be sure I fully understand Veritas' documentation: In running this command
/usr/openv/netbackup/bin/admincmd/bpnbaz -ProvisionCert host_name|-AllMediaServers|-AllClients
... on the master server (as documented) am I right that "host_name" would be the name of the host whose access to the master server (i.e. a Windows box on which has been installed the Remote Admin Java GUI ?) I want to grant ?
In other words, if the Java admin GUI is installed on win64 host "adminhost.some.domain", would I want my bpnbaz command to read
/usr/openv/netbackup/bin/admincmd/bpnbaz -ProvisionCert adminhost.some.domain ?