Authorization file (auth.conf) characteristics
By default, the authorization file or auth.conf file grants access for the following:
On NetBackup servers | Administrator applications and capabilities for the root user. User backup and restore capabilities for all other users. |
On NetBackup clients | User backup and restore capabilities for all users. |
Windows NetBackup servers |
Use this template file to create an |
UNIX NetBackup servers |
Contains the following entries: root ADMIN=ALL JBP=ALL * ADMIN=JBP JBP=ENDUSER+BU+ARC |
Configure the auth.conf file as follows:
If the auth.conf file exists, it must contain an entry. Provide an entry for each user or use an asterisk (*) to indicate all users. Users without entries in the file cannot access any NetBackup applications.
Entries for specific users must be listed first, followed by any entries with an asterisk (*).
Use the first field of each entry to indicate the user name that is granted or denied access rights. Use an asterisk to indicate any user name.
The remaining fields specify the specific access rights for the user or users. You cannot use an asterisk (*) authorize all users for all applications. Each user (or all users) must have specific application keywords. To deny all capabilities to a specific user, do not provide any keywords for the interface. For example:
mydomain\ray ADMIN= JBP=
The credentials that are entered in the logon screen must be valid on the computer that is specified in the host field. The NetBackup application server authenticates with the specified computer. The user name is the account used to back up, archive, or restore files. To perform remote administration or user operations with jbpSA, a user must have valid accounts on the NetBackup UNIX server or client computer. The Backup, Archive, and Restore application (jbpSA) relies on system file permissions of when to browse directories and files to back up or restore.
The password must be the same password that was used upon logon at that computer. For example, assume you log on with the following information:
username = joe password = access
You must use this same user name and password to log into NetBackup.
You can log on to the NetBackup application server under a different user name than the name used to log on to the operating system. For example, if you log on to the operating system with a user name of joe, you can subsequently log on to jnbSA as root.
Upon exit, some application state information is automatically saved in the directory of joe $HOME/.java/.userPrefs/vrts directory. (For example, table column order.) The information is restored the next time you log on to the operating system under account joe and initiate the NetBackup application. This logon method is useful if there is more than one administrator because it saves the state information for each administrator.
Note:
NetBackup creates a user's $HOME/.java/.userPrefs/vrts directory the first time an application is exited. Only NetBackup applications use the .java/.userPrefs/vrts directory.