02-06-2018 05:40 AM
We use Chocolatey to install Netbackup client on our servers. We've recently moved to NB 8.1. from 7.7.3.
Whilst testing with the chocolatey client to install and uninstall the client, I've noticed that to then re-install the client I need to get a new token generated on the master server.
Does anyone know of a way to generate the token remotely (we have Windows and Appliance master servers)? I was hoping the talk of an API would allow me to do this, but I didn't get very far with that.
Either that, or completely remove the client from the master, so that a reinstall would see it as 'new'?
02-06-2018 06:17 AM
See if this post helps ? (Ignore reference to 2nd master.)
02-06-2018 07:30 AM
It may be too late for you, but a word to others. Don't uninstall and reinstall the clients if you don't have to. Upgrade them instead. From the master server's point of view, there had been a client named X. Now there seems to be a new host trying to register as client X. You need to assure the master that it's ok.
This needs a reissue token rather than a regular installation token. The bad news is that the reissue token is specific to one client, which will make it more work to automate. A regular installation token can be used to install N clients. Here's the syntax from the NetBackup Command Reference Manual:
nbcertcmd -createToken -name token_name [-reissue -host host_name | -hostId host_id] [-maxUses number] [-validFor numDnumHnumM] [-reason description_for_auditing] [-server master_server_name]
02-07-2018 01:17 AM
A token cannot be generated remote - it must either be re-issues or generated on the master server.
A token is a security measurement - the master servers ensure clients are what they claim to be.
Then imaging if token could be generated on the client - then every client could claim being whatever a evil admin would have them to be.
Hope this explain
Best Regards
Nicolai
02-21-2018 04:32 AM
Hi @ally_wilson
I am trying to install client on server 2016 through chocolatey package. But its failing.
Can you share how you have created package for NB Client?
Thanks
Manan
02-22-2018 03:42 PM
Sure, make sure your "silentclient.cmd" is working then zip it all up.
chocolateyinstall.ps1 looks like this:
$ErrorActionPreference = 'Stop'; $packageName= 'netbackupclient' $toolsDir = "$(Split-Path -parent $MyInvocation.MyCommand.Definition)" $validExitCodes = @(0) If ((Test-Path $env:Temp\netbackupclient-8.1.zip) -ne $true){ Invoke-Webrequest -Uri "https://choco.domain.name.net:8443/netbackupclient/netbackupclient-8.1.zip" -OutFile "$env:TEMP\netbackupclient-8.1.zip" } If ((Test-Path $env:Temp\netbackupclient) -ne $true){ New-Item -ItemType Directory $env:TEMP\netbackupclient Expand-Archive $env:TEMP\netbackupclient-8.1.zip -DestinationPath $env:TEMP\netbackupclient\ } $whereIam = Get-Location Set-Location $env:TEMP\netbackupclient\ $cmdBatch = "/c `"$env:TEMP\netbackupclient\silentclient.cmd`"" Start-ChocolateyProcessAsAdmin -Statements $cmdBatch -ExeToRun "cmd.exe" -validExitCodes $validExitCodes set-location $whereIam Remove-item -recurse $env:TEMP\netbackupclient -Force Remove-item $env:TEMP\netbackupclient-8.1.zip -Force
Not particularly elegant.
Due to the inability to reinstall without generating a reissued token though means we've abandoned this until Veritas gets their **bleep** in order.
05-27-2020 08:54 AM
For anyone who might be looking, this is now possible in 8.1.2+, using a script (e.g. PowerShell) and a couple of calls to the NBU REST API.
I've attached an example here and on github: