cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Veritas.com
Support

Duplicate Host ID

Jim_MacD
Level 3

‎08-19-2019 09:06 AM

During and upgrade from 8.0 to 8.2 I discovered an underlying issue with NetBackup client Host ID's.  Prior to taking over as the admin it appears a number of our Red Hat application servers were cloned with the client software installed and active in NetBackup.  For example App Server 8 was cloned to App Server 18, but they are both assigned to the same master server.  When the 8.2 client software was pushed to App Server 8 both it and App Server 18 were associated together in Host Management, Mapped Host/Names.  Is there anyway to change the NetBackup Host ID on these cloned clients?  I know I can remove the client software from the cloned system and reset it's host attributes and then reinstall the client software but I'm trying to find a solution that is not so laborious.

0 Kudos
1 REPLY 1

davidmoline
Level 6
Employee

‎08-19-2019 03:29 PM - edited ‎08-19-2019 03:31 PM

Hi

Have a look at the nbcertcmd comannd. Run from one of the clients (server 18) that you wish to create a new certificate for.
You will need the hostid of the certificate to complete. For instance from the host:
> nbcertcmd -listallcertdetails

Master Server : nbumaster.example.com
Host ID : bd13367a-b94d-4879-99f3-dc4394a4ed6b
Issued By : /CN=broker/OU=root@nbumaster.example.com/O=vx
Serial Number : 0x73f7050700002209
Expiry Date : Aug 18 22:19:05 2020 GMT
SHA1 Fingerprint : D5:21:0F:49:46:F7:BB:7C:C9:B0:DA:5C:E8:54:E0:6C:43:4A:1E:5F

Operation completed successfully.

Then delete the certificate from the local host - this wont delete the cert from the master, nor the real client.

> nbcertcmd -deletecertificate -hostid bd13367a-b94d-4879-99f3-dc4394a4ed6b
Deleting security certificates can adversely impact the NetBackup functionality.
Do you want to proceed? (y/n) y
Certificate is successfully removed.

Now you will need to login the the admin console and find the host (server 8) in "Security Management->Host Management"
Right click on the host and "Add or Remove Host Mappings", and remove the problem host (server 18).

Now go back to the client (server 18) and obtain a new certificate:

> nbcertcmd -getcertificate

Depending on security setting, you may need to create a token to obtain the new certificate. 

Have fun
David