Notes for using NetBackup RBAC
Note the following when you configure the permissions for RBAC roles:
RBAC only controls access to the web UI and not the NetBackup Administration Console.
When you create roles, be sure to enable the minimal number of permissions so the user can sign in to and use the web UI. Some individual permissions do not have a direct correlation with a screen in the web UI. Users that attempt to sign in but that only have a permission of this kind receive an "Unauthorized" message.
If a user is added to or removed from a role, the user must sign out and sign in again before the user's permissions are updated.
Most permissions are not implicit.
In most cases a permission does not give a user permission. A permission does not give a user permission or other recovery options like .
Not all RBAC-controlled operations can be used from the NetBackup web UI. These types of operations are included in RBAC so a role administrator can create roles for API users as well as for web UI users.
Some tasks require a user to have permissions in multiple RBAC categories. For example, to establish a trust relationship with a remote primary server, a user must have permissions for both and .