cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Veritas.com
Support

How to perform a recovery for Netbackup 7.5 KMS ( databases and keys)

Go to solution
demo4119
Level 6
Partner Accredited Certified

‎10-23-2012 12:33 AM

I have configued the Netbackup KMS on the my master server and tested with a test key successfully with a restoration .

Im planning for a recovery of KMS databases and Key to a dr site netbackup master .

Can i just copy the 3 files from the production to Dr master and start the Netbackup KMS service.

 

·         KMS_DATA.dat (DATA file) is located in the /kms/db/ directory
·         KMS_HMKF.dat (HMKF file) is located in the /kms/key/ directory
·         KMS_KPKF.dat (KPKF file) is located in the /kms/key/ directory
 
 
please advise.
0 Kudos
1 ACCEPTED SOLUTION

Accepted Solutions

Go to solution
sksujeet
Level 6
Partner Accredited Certified

‎10-23-2012 02:06 AM

You have to run below commands after copying.

nbkms –resetkpk command.
nbkms –resethmk command.

From Admin Guide:

Recovering KMS by restoring only the KMS data file
You can restore the backed up copy of the KMS data file kms/db/KMS_DATA.dat
by regenerating the KMS_HMKF.dat and KMS_KPKF.dat files with passphrases. So,
if you have written down passphrases for the host master key and key protection
key, you can run a command to regenerate those files. The system will prompt
you for the passphrase and if the passphrase you now enter matches the
passphrase originally entered, you will be able to reset the files.
To recover KMS by restoring only the KMS data file
1 Run the nbkms –resetkpk command.
2 Run the nbkms –resethmk command.
3 Start up the nbkms service.

More you can read in Symantec Netbackup Security and Encryption Key 7.5 Page 317

View solution in original post

0 Kudos
4 REPLIES 4

Go to solution
sksujeet
Level 6
Partner Accredited Certified

‎10-23-2012 02:06 AM

You have to run below commands after copying.

nbkms –resetkpk command.
nbkms –resethmk command.

From Admin Guide:

Recovering KMS by restoring only the KMS data file
You can restore the backed up copy of the KMS data file kms/db/KMS_DATA.dat
by regenerating the KMS_HMKF.dat and KMS_KPKF.dat files with passphrases. So,
if you have written down passphrases for the host master key and key protection
key, you can run a command to regenerate those files. The system will prompt
you for the passphrase and if the passphrase you now enter matches the
passphrase originally entered, you will be able to reset the files.
To recover KMS by restoring only the KMS data file
1 Run the nbkms –resetkpk command.
2 Run the nbkms –resethmk command.
3 Start up the nbkms service.

More you can read in Symantec Netbackup Security and Encryption Key 7.5 Page 317

0 Kudos

Go to solution
demo4119
Level 6
Partner Accredited Certified

‎10-24-2012 12:06 AM

thanks for recommendation .

Will test it out on my poc environment .

0 Kudos

Go to solution
demo4119
Level 6
Partner Accredited Certified

‎10-29-2012 10:01 AM

I have tested out and able to recovery the KMS infomation to my POC master server without any reseting of HMK and KPK .

 

0 Kudos

Go to solution
jim_dalton
Level 6

‎11-01-2012 03:01 AM

I have also tested: Im sure the doc says copy the files and indeed thats all I did and it works.The reset cmds above are for when you are missing the kpk and the hmk.

Jim 

0 Kudos