cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Veritas.com
Support

NetBackup granular permissions for restore

HermannSchmidt
Level 2

‎07-04-2019 05:38 AM

Hi,

First I try to explain, what we are trying to accomplish. We got many offices around the world. In most offices we have a netbackup media server, which are connected to our master server in our main office. In most offices we have it-supporters. These guys only should to be able to restore data from the clients in their offices. 

I tried to configure the access the administration console to the media server. In this scenario the users first were able to browse the backups, but if they started the restore the restore job did fail with the error code 37. I contacted the veritas support. They recommended to configure the media server in the administration console > NetBackup Management > Host Properties > Master Servers > Servers as an additional server. The restore is now successful, but the users now are able to browse all backups from all offices.

I also tried to configure opscenter, but opscenter doesn't seem to be able to restore VMware backups or Exchange backups.

Does someone know a way to accomplish what we try to do?

Kind Regards

Hermann Schmidt

0 Kudos
5 REPLIES 5

RiaanBadenhorst
Moderator
Moderator
Partner    VIP    Accredited Certified

‎07-04-2019 05:58 AM

Hi,

If you perform the restores from the client instead of the media server. The client can only see it's own images (unless No.Restrictions or altnames configuration is in place). This will cover file and exchange type backups.

For VMware, depending on the configuration you could try give them access via the vCenter plugin (assuming that each country/site has its own vCenter).

 

HermannSchmidt
Level 2
In response to RiaanBadenhorst

‎07-04-2019 07:23 AM

Hi 

yes that seems to be a good idea, but what about the granular file restore of a vm backup? Do we need to install the netbackup client on every vm? 

Is there a way to configure the media server for our use case? We also tried the altnames configuration for our media servers, but the error 37 still occured without the additional server configuration. I would prefer a somewhat central management for our it supporters.

0 Kudos

RiaanBadenhorst
Moderator
Moderator
Partner    VIP    Accredited Certified
In response to HermannSchmidt

‎07-04-2019 08:25 AM

Hi,

Yes, for file restores it is required in version prior to 8.2 (not that I've test the agentless restore in 8.2 yet).

Are you running 8.1.2?

I've not tried it but I'm sure you could give the user access to only recover files, and limit their scope to just vmware policy, or to specfic object in the WebUI

Page 18 - Add custom role

https://sort.veritas.com/DocPortal/pdf/130706365-133278116-1

 

0 Kudos

HermannSchmidt
Level 2
In response to RiaanBadenhorst

‎07-08-2019 01:18 AM

Hi, 

yes we are using 8.1.2. We also tried the Web UI with RBAC, but currently the Web UI does not offer the features we need, like exchange restore, file restore and so on. 

0 Kudos

RiaanBadenhorst
Moderator
Moderator
Partner    VIP    Accredited Certified
In response to HermannSchmidt

‎07-08-2019 08:59 PM

Yes i was referring to vmware. For file and exchange they can do restore from the client and will therefore not have access to other servers’ restores.
0 Kudos