Previous  |  Next >  
Product: NetBackup System Administrator's Help  

Configuring the Authorization Server

The bpnbaz command is used during Authorization setup to perform two functions necessary for Access Management:

  • Create the object hierarchy that appears in the NetBackup Administration Console under Access Management.
  • Set up user groups and add the first identity to the security administration group (NBU_Security Admin).

bpnbaz is located in directory /usr/openv/netbackup/bin/admincmd

Before running bpnbaz commands, check that both the Authentication daemon (vxatd) and the Authorization daemon (vxazd) are running. If necessary, start the At daemon first, then the Az daemon.

Note   Note    The user named in the following command will be set up as the first NetBackup security administrator.
  1. On the machine where the VxSS Authorization server software is installed and contains the Authorization server, run:
       bpnbaz -SetupSecurity master_server [-server AZ_server]
    Where:
    master_server is the fully qualified name of the NetBackup master server.
    AZ_server is the fully qualified name of the machine where Authorization server software is installed.
    Note   Note    bpnbaz -SetupSecurity must be run by root (UNIX) or Administrator (Windows).
    This process may take a number of minutes.
  2. Allow authorization:
    Run the following command on the Authorization server. If configuring the Root Broker, the machine being added and the Az server will be the same:

       bpnbaz -AllowAuthorization AZ_server
    Note   Note    bpnbaz -AllowAuthorization AZ_server must be run by root (UNIX) or Administrator (Windows).
    Where:
    AZ_server is the fully qualified name of the machine where Authorization server software is installed.
    If adding a different machine, the command would be run on the Az server, then a new machine would be named:

       bpnbaz -AllowAuthorization AZ_client
    AZ_client is the fully qualified name of the machine where Authorization client software is installed.
    This command must be run on the Az server for each master or media server that will utilize NetBackup Access Control.
  3. Start NetBackup daemons on the machine(s).
  4. Continue with for instructions on configuring NetBackup Access Control host properties for the master server (Root Broker).
 ^ Return to Top Previous  |  Next >  
Product: NetBackup System Administrator's Help  
VERITAS Software Corporation
www.veritas.com