cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Veritas.com
Support

SQL permission issues

mchabot1
Level 2

‎04-12-2016 07:17 AM

Hi, 

We just implemented NetBackup and are having SQL restore permission issues. We’re trying to do redirected database restores from some of our DEV or BETA servers to our PRODs, or vice versa. The only way we were able to get this working was to add each of our SQL servers to the listing of additional master servers, under the servers tab of the master server.

This ended up being a security concern because if we launch the bar GUI from any of the SQL machines, they can browse and do file restores from any of our backed up machines. Ideally, we’d like to set it up so all of our SQL servers can restore databases from each other, but not files from other servers. If this level of security isn’t possible, could we create a machine to do all of our redirected restores from? I'm thinking that it's not possbile, because everything I read talks about says you have to do the restore from the client itself. 

Any help would be greatly appreciated.

Thanks,
Mike

0 Kudos
3 REPLIES 3

Michal_Mikulik1
Moderator
Moderator
Partner    VIP    Accredited Certified

‎04-12-2016 07:51 AM

Hello,

restores between differnet clients are prohibited/allowed through altnames directory, did you try it?

https://www.veritas.com/support/en_US/article.HOWTO89603

Yes putting the client into Servers is not good way..

Michal

mchabot1
Level 2

‎04-12-2016 10:01 AM

Thanks for your reply Michael. I did see the article you're referring to about the altnames directory and was thinking this might work, but in the SQL Admin guide, it mentions that adding a client in the altnames directory can see any other client's data that was backed up on the master. I'm hoping I just read it wrong, and adding all of our SQL servers in here will be able to talk to each other and not any other client that was backed up. Is that what it's supposed to do?

Thank you,

Mike

0 Kudos

Michal_Mikulik1
Moderator
Moderator
Partner    VIP    Accredited Certified

‎04-12-2016 11:55 PM

Hello,

there is an excerpt from SQL Admin Guide:

Create a install_path\NetBackup\db\altnames\HostB file to allow HostB to restore HostA's data. The client named HostB can then access HostA's data on the master as well as any other client's data that was backed up on the master.

I admit this note is confusing. I think they could originally mean "any other type of data" of the client HostA, so filesystem data etc. , not data of clientC, clientD etc. - Because altnames configuration is nothing special for SQL restores, it is used by all types of restores between HostA and HostB.

Only No.Restriction file allows unrestricted cross-client data access.

Just test it and you will see that it works.

Regards

Michal