NetBackup operations that need multiperson authorization
The following operations require multiperson authorization and therefore a ticket is generated for these operations:
Configuring multiperson authorization
Enabling and disabling operations that require multiperson authorization
Adding exempted users
Changing any multiperson authorization settings
Expiring images
Updating image expiration time
Changing the MSDP WORM configuration
Removing the MSDP WORM retention lock
Removing hold applied on the images
Updating CLI expiration period
Adding, updating, and deleting an API key
Adding, updating, and deleting KMS configuration, keys, and key groups
Adding, updating, deleting malware scan host
Adding, updating, deleting, copying backup and deployment policies
Configuring network access control
Updating the following global security settings:
Enabling and disabling NetBackup host communication with insecure hosts
Adding host aliases with or without NetBackup administrator's approval
Setting automatic deployment of certificates on a host
Enabling and disabling CAC/PIV authentication
Setting values for CAC/PIV certificate mapping attribute
Setting the value of the CAC/PIV certificate mapping attribute that is used to perform a search in active directory
Setting the value of the CAC/PIV certificate mapping attribute that is used to perform a search in LDAP directory
Enabling and disabling AD/LDAP domain mapping
Setting the value of the domain name that is used for user look-ups in active directory or LDAP
Setting the value of the OCSP URI that is used for certificate revocation checks with respect to CAC/PIV authentication
Enabling and disabling the data-in-transit encryption (DTE)
Setting unique identifier for external certificates
Allowing or disallowing the NetBackup web UI access to Operating System Administrators
Allowing or disallowing the default CLI access to OS administrators
Pausing client protection
Pausing client image expiration
Enabling and disabling TLS session resumption
Enabling and disabling rule engine for anomaly detection
Changing multifactor authentication configuration settings
Setting audit retention period for audit report
Even if multiperson authorization is configured for image expiry, the following operations do not require multiperson authorization:
Changing values for image retention level
Modifying retention levels in policy and SLP
Canceling incomplete SLPs using the nbstlutil command:
Refer to the NetBackup Commands Reference Guide.