Changing the web service user account
To support changing web service user accounts, use the utility script wmcUtils. This utility script does not validate if a web service user and group exist. Before you use this utility, you must ensure that the web service user and the group exist and the user is part of the group. Consider the following when changing the web service user account:
If your environment uses Windows domain users, use the DOMAIN\USER format.
If you use a clustered environment on a Windows platform, the NetBackup web services user account must be a DOMAIN user. (Example: AD user)
If you use non-clustered environments, the NetBackup web service user can be a local or a domain user.
If you use a clustered environment on Linux or UNIX platforms, the NetBackup web service user can be a local user. Additionally, the group can be a local group. The NetBackup web service user must have the same name and UID on all nodes of the cluster. Also, the group must have the same name and GID on all nodes of the cluster. It is recommended to use domain users (Example: NIS) for clustered environments.
Note:
Do not use the logged on user to run the wmcUtils utility script. If you are logged into an environment as my_domain\my_user, you cannot use this account to run the NetBackup Web Management Console service. NetBackup does not support this scenario.
To correct file permissions, run the following command:
wmcUtils -fixPerms/-forceFixPerms
Refer to the NetBackup Commands Reference Guide for more details.
To change the web service user account on Windows
- Open command prompt.
- Change the directory to:
install_path\wmc\bin\install - Run wmcUtils.bat -changeUser to change the web service user.
Example: (nbwebsvc1 is the web service user and nbwebgrp1 is the user group that nbwebsvc1 is a member of)
wmcUtils.bat -changeUser nbwebsvc1 nbwebgrp1
For more information about the wmcUtils.bat utility script, use the wmcUtils.bat -help option.
- (Conditional) If using a clustered environment, run wmcUtils.bat -changeUser on the active and the inactive nodes.
- Enter the web service user password (example: nbwebsvc1) when prompted by the script.
The NetBackup Web Management Console service is restarted when the correct password is entered. If you enter an incorrect password, a Logon failure error is displayed before the NetBackup Web Management Console service starts.
- To verify that the web service user is changed, ensure that install_path\bin\nbcertcmd.exe -ping works.
Note:
The output of wmcUtils.bat utility script is captured in the nbwmc_support.log. The log is located here: install_path\wmc\webserver\logs\nbwmc_support.log
To change the web service user account on Linux or UNIX
- Open a shell.
- Change the directory to:
/usr/openv/wmc/bin/install - Run wmcUtils -changeUser to change the web service user.
Example: (nbwebsvc1 is the web service user and nbwebgrp1 is the user group that nbwebsvc1 is a member of)
usr/openv/wmc/bin/install/wmcUtils -changeUser nbwebsvc1 nbwebgrp1
For more information about the wmcUtils utility script, use the wmcUtils -help option.
- (Conditional) If using a clustered environment, run wmcUtils.bat -changeUser on the active and the inactive nodes.
- Enter the web service user password (example: nbwebsvc1) when prompted by the script.
The NetBackup Web Management Console service is restarted when the correct password is entered. If you enter an incorrect password, a Logon failure error is displayed before the NetBackup Web Management Console service starts.
- To verify that the web service user is changed, ensure that /usr/openv/netbackup/bin/nbcertcmd -ping works.
Note:
The output of wmcUtils utility script is captured in the nbwmc_support.log. The log is located here: /usr/openv/wmc/webserver/logs/nbwmc_support.log