Client verification points for Windows

The following topics describe the client verification procedures for Windows:

Verify the credential for the client.
Verify that the authentication client libraries are installed.
Verify correct authentication domains.

The following table describes the client verification procedures for Windows.

Table: Client verification procedures for Windows

Procedure	Description
Verify the credential for the client	Check that the credential for the client is indeed for the correct client and comes from the correct domain. Run bpnbat -whoami with -cf for the client's credential file. For example: bpnbat -whoami -cf "install_path \Netbackup\var\vxss\credentials\ win_client.company.com " Name: win_client.company.com Domain: NBU_Machines@win_primary.company.com Issued by: /CN=broker/OU=root@win_primary.company.com/ O=vx Expiry Date: Oct 31 20:11:45 2007 GMT Authentication method: Veritas Private Security Operation completed successfully. If the domain listed is not NBU_Machines@win_primary.company.com, consider running bpnbat -addmachine for the name in question (win_client). This command is run on the computer with the authentication broker that serves the NBU_Machines domain (win_primary). Then, on the computer where we want to place the certificate (win_client), run: bpnbat -loginmachine
Verify that the authentication client libraries are installed	Note: Run bpnbat -login on the client to verify that the authentication client libraries are installed. bpnbat -login Authentication Broker: win_primary Authentication port [Enter = default]: Authentication type (NIS, NIS+, WINDOWS, vx, unixpwd) : WINDOWS Domain: ENTERPRISE Name: Smith Password:Operation completed successfully. If the libraries are not installed, a message displays: The NetBackup Authentication and Authorization libraries are not installed. This verification can also be done by looking at the Windows Add/Remove Programs.
Verify correct authentication domains	Check that any defined authentication domains for the client are correct either in the Access Control host properties or by using regedit. Ensure that the domains are spelled correctly. Ensure that the authentication brokers that are listed for each of the domains is valid for that domain type.

Procedure

Description

Verify the credential for the client

Check that the credential for the client is indeed for the correct client and comes from the correct domain. Run bpnbat -whoami with -cf for the client's credential file.

For example:

bpnbat -whoami -cf "install_path
   \Netbackup\var\vxss\credentials\
    win_client.company.com
    "
   Name: win_client.company.com
   Domain: NBU_Machines@win_primary.company.com
   Issued by: /CN=broker/OU=root@win_primary.company.com/
    O=vx
   Expiry Date: Oct 31 20:11:45 2007 GMT
   Authentication method: Veritas Private Security
   Operation completed successfully.

If the domain listed is not NBU_Machines@win_primary.company.com, consider running bpnbat -addmachine for the name in question (win_client). This command is run on the computer with the authentication broker that serves the NBU_Machines domain (win_primary).

Then, on the computer where we want to place the certificate (win_client), run: bpnbat -loginmachine

Verify that the authentication client libraries are installed

Note:

Run bpnbat -login on the client to verify that the authentication client libraries are installed.

   bpnbat -login
   Authentication Broker: win_primary
   Authentication port [Enter = default]:
   Authentication type (NIS, NIS+, WINDOWS, vx, unixpwd)
     : WINDOWS
   Domain: ENTERPRISE
   Name: Smith
   Password:Operation completed successfully.

If the libraries are not installed, a message displays: The NetBackup Authentication and Authorization libraries are not installed. This verification can also be done by looking at the Windows Add/Remove Programs.

Verify correct authentication domains

Check that any defined authentication domains for the client are correct either in the Access Control host properties or by using regedit. Ensure that the domains are spelled correctly. Ensure that the authentication brokers that are listed for each of the domains is valid for that domain type.

Client verification points for Windows

Feedback

Feedback