Previous  |  Next >  
Product: NetBackup System Administrator's Help  

Using the Administration Console to Specify Preferred Groups (Optional)

You can specify a preferred group of administrative users in the NetBackup Administration Console. The preferred group entry is intended specifically for use with NetBackup enhanced authorization and determines the domain_group_name that is sent to the NetBackup server.

Some NetBackup processes also use the preferred group entry for Media Manager authorization. For more information on this subject, see "Media Manager Configuration File (vm.conf)" in the NetBackup Media Manager System Administrator's Guide.

  To specify a preferred group

  1. Expand NetBackup Management > Host Properties > Master Server (or Media Servers) > Selected master or media server > Universal Settings.
    Note   Note    To facilitate a platform-independent implementation, the string in the preferred group entry is case sensitive for both UNIX and Windows.
    Adding a Preferred Group in the NetBackup Administration Console has the following effect on UNIX and Windows systems.

On UNIX

The PREFERRED_GROUP entry is added to the bp.conf file:
    PREFERRED_GROUP = netgroup name
    • If the bp.conf configuration file has a PREFERRED_GROUP entry, the innetgr() function is used to determine if the user is in the netgroup (for further details refer to the innetgr man page).
    • If the PREFERRED_GROUP entry does not exist or the user is not a member of the netgroup, the local group name is obtained.
      • Note   Note    Netgroups are not supported for Sequent systems.

On Windows

The PREFERRED_GROUP NetBackup configuration is added to the
KEY_LOCAL_MACHINE\SOFTWARE\VERITAS\NetBackup\CurrentVersion\Config registry key.
A check is made to determine if the user is a member of domain\group. This check is limited to NT global groups. In other words, if PREFERRED_GROUP is set to a domain local group, a match will not occur and the user's primary domain\group will be used.
If the PREFERRED_GROUP configuration option does not exist or the user is not a member of the domain\group, the user's primary domain\group is obtained. When the domain name is an empty string or is the name of the local machine, it is considered to be local.
  1. Click OK.

 ^ Return to Top Previous  |  Next >  
Product: NetBackup System Administrator's Help  
VERITAS Software Corporation
www.veritas.com