When adding a new client, previously i would push install the client using the ssh method.
/usr/openv/netbackup/bin/install_client_files ssh unixclient099
That was fine and dandy because root was trusted between systems. We have had to harden the environment up a bit and they don't allow the root trust anymore. In fact I cannot ssh as root from the backup server to a client at all even if I provide the password.
So what is the best way to install these clients now?
Any kind of product installation needs root access. That is an OS requirement, not NetBackup.
A workaround could be to extract the software on a central server and share via NFS.
Each client would then need to mount the share and install locally.
Upgrades should still be possible using update_clients as it does not use ssh.
Paul, like you we are in a hardened area covering many apsects and such. What we've had to do was setup a "trusted" Linux server that would allow us to use "wget http://....file_name" from the trusted server from another Linux client. We pull the software across the network to an LZ that we setup on the new host (i.e. /u01/nbu_sw). From there we simply gunzip the bundle, untar the tar archive file, and do the install. Once completed, we just removed the /u01/nbu_sw directory and it's contents. Takes longer to pull the files across than it does to do all the steps for the install. :)
For client side upgrades, we simply "restore" the upgrade s/w bundle from a backup to the "client" and then upgrade the client from the client side. This has proven to be quick and easy over several hundred clients. :)