cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Veritas.com
Support

Cannot run bpexpdate and other after nbac

Go to solution
rcdauria
Level 4
Partner Accredited

‎07-30-2015 01:29 PM

Hey guys,

Clustered Netbackup 7.7 Master Server, running on Windows 2012.

After installing NBAC, I looks like it is running fine (login screen, permissions, roles, etc). However, I cannot run a "bpexpdate.exe", "bpimage.exe" and other commands on the command prompt (running as admin, obviously).

They all return something like:

expire not allowed: cannot connect on socket (25).

If I take nbac down (chanking registry key from AUTOMATIC to PROHIBITED), it works.

The user I am using has ALL the possible permissions on the authorization screen.

Any guesses?

Thanks a lot,

Rafael

0 Kudos
1 ACCEPTED SOLUTION

Accepted Solutions

Go to solution
GulzarShaikhAUS
Level 6
Partner Accredited Certified

‎07-30-2015 02:48 PM

To run these commands first you need to login using bpnbat -login command

Once you have successfully logged in you will be able to run those commands

View solution in original post

0 Kudos
7 REPLIES 7

Go to solution
revarooo
Level 6
Employee

‎07-30-2015 02:12 PM

Can you post the admin log after you have reproduced the error?
0 Kudos

Go to solution
GulzarShaikhAUS
Level 6
Partner Accredited Certified

‎07-30-2015 02:48 PM

To run these commands first you need to login using bpnbat -login command

Once you have successfully logged in you will be able to run those commands

0 Kudos

Go to solution
GulzarShaikhAUS
Level 6
Partner Accredited Certified

‎07-30-2015 02:51 PM

Example - 

# bpnbat -Login
Authentication Broker: test.example.com
Authentication port[ Enter = default]:
Authentication type (NIS, NISPLUS, WINDOWS, vx, unixpwd): NIS
Domain: example.com
Name: username
Password:
You do not currently trust the server: test.example.com, do
you wish to trust it? (y/n): y
Operation completed successfully.

0 Kudos

Go to solution
rcdauria
Level 4
Partner Accredited

‎07-31-2015 01:15 PM

Actually I went back to test it today, and it was working - never used the login command. :)

Is it mandatory to login every time I open a cmd.exe? Or maybe it have a cache or something?

Tks!

0 Kudos

Go to solution
GulzarShaikhAUS
Level 6
Partner Accredited Certified

‎07-31-2015 01:47 PM

With NBAC it creates a security tocket for every session to EMM, its just like TGT system in windows. It also has a time to live after which the ticket expired so you need to login again 

0 Kudos

Go to solution
watsons
Level 6

‎08-02-2015 03:50 PM

The "bpnbat -login" is like a credential ticket issued to the user by the AB (authentication broker) for a certain period of time.

You don't need to do a login every time, but you will need to check if your current credential has or has not expired. You can do so by "bpnbat -whoami", the output will be like this:

Name: ADMINISTRATOR
Domain: w2k8master
Issued by: /CN=broker/OU=root@w2k8master/O=vx
Expiry Date: Jun 13 22:12:34 2015 GMT
Authentication method: Microsoft Windows
Operation completed successfully.

If your system time has passed the expiry date, you will need to "bpnbat -login" for a new credential ticket.

0 Kudos

Go to solution
rcdauria
Level 4
Partner Accredited

‎08-03-2015 11:39 AM

Pretty clear, thank you guys!

0 Kudos