cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Veritas.com
Support

NB 8.1.1 - Upgrade WIndows Client 2K12 to 2K16 - Best practice

laguns97
Level 4

‎07-24-2019 10:46 AM

hello,

currently we are migrating our windows clients. We migrate our servers Windows 2008 and 20012 to Windows 2016. In the past, we made a migration to windows 2016 and I know we had problems with the token. We had to do a reissu token. Is there a way that the administrator of the Windows server can do everything without calling me. I would not want to do a reissu token with every server migration.  I tried to find some documentation about this but find nothing. 

my question: what is the best practice if you have to migrate multiple Windows clients (OS only) The NB client version does not change, remains 8.1.1. All this without my having to intervene
 
Sorry for my english, i'm french speaking and Google Translate is my friend !
0 Kudos
3 REPLIES 3

sdo
Moderator
Moderator
Partner    VIP    Certified

‎07-25-2019 01:49 AM - edited ‎07-25-2019 01:52 AM

AFAIK there is no way around this... because as soon as NetBackup certificate management becomes aware of a client name, then that client can never be removed from certificate management - and any and all client names that are ever "learned" are remembered forever, and can only ever be in a state of authorised, blocked, or revoked.  When blocked or revoked the only way to re-authorise a client is to use a re-issue token.

I'm also hoping that I am wrong, and that someone else can explain how there is a way of making handling this process a bit easier.

Michal_Mikulik1
Moderator
Moderator
Partner    VIP    Accredited Certified
In response to sdo

‎07-25-2019 04:59 AM

Hello,

if acceptable for you, use Medium Security Level instead of High (Global Security Settings). With this setting clients (even new) should not ask for tokens.

Regards

Michal

 

0 Kudos

davidmoline
Level 6
Employee
In response to Michal_Mikulik1

‎07-25-2019 06:14 PM

If your NetBackup master server version is 8.1.2 or greater, then you could also look into providing the Windows admins WebUI access to generate the tokens they require. With RBAC, you should be able to restrict their level of access to prevent them playing where they should not. 

If this is an option - have a look at the WebUI Security admin Guide.

Cheers
David