Chat now with support
Chat with Support

NetVault 13.0.3 - Administration Guide for Managed Service Providers

Introduction Getting started Configuring clients Managing catalog search Configuring storage devices
About storage devices SAN considerations Quest DR Series systems Quest QoreStor NetVault SmartDisk EMC Data Domain Systems Snapshot Array Manager Virtual Tape Libraries Virtual standalone drives Shared Virtual Tape Libraries Physical tape devices Storage tiers
Backing up data Managing policies Restoring data Managing NetVault dashboard Managing jobs Monitoring logs Managing storage devices
Role-based access to manage storage devices Monitoring device activity Managing disk-based storage devices in list view Managing disk-based storage devices in tree view Managing the Snapshot Array Manager Managing tape libraries in list view Managing tape libraries in tree view Managing tape drives in list view Managing tape drives in tree view Adding shared devices
Managing storage media Managing user and group accounts Managing Tenant Monitoring events and configuring notifications Reporting in NetVault Working with client clusters Configuring default settings for NetVault
About configuring default settings Configuring encryption settings Configuring plug-in options Configuring default settings for post-scripts Configuring default settings for Verify Plug-in Configuring Deployment Manager Settings Configuring Job Manager settings Configuring Logging Daemon settings Configuring Media Manager settings Configuring Network Manager settings Configuring Process Manager settings Configuring RAS device settings Configuring Schedule Manager settings Configuring Web Service settings Configuring Auditor Daemon settings Configuring firewall settings Configuring general settings Configuring security settings Synchronizing NetVault Time Configuring the reporting utility Configuring NetVault WebUI default settings Configuring NetVault to use a specific VSS provider Configuring default settings using Txtconfig
Diagnostic tracing Managing diagnostic data Using the deviceconfig utility NetVault processes Environment variables Network ports used by NetVault Troubleshooting
Common errors Safe Mode in NetVault

Starting or stopping the NetVault Service

The NetVault Service is configured to start automatically on the server and client machines. You can use the Txtconfig utility or CLI to manually start or stop the NetVault Service.

a
In a terminal or command prompt window, type, txtconfig, and press Enter or Return.
b
On the Machine page, press p to view the main menu, and then press the option number for the Services page.
a
To start the service, type: $NV_HOME/etc/startup.sh start
To stop the service, type: $NV_HOME/etc/startup.sh stop
To start the service, type: net start “NetVault Process Manager”
To stop the service, type: net stop “NetVault Process Manager”

Enabling Web Service over HTTP or HTTPS

By default, the Web Service is enabled over HTTPS. You can modify the Web Service settings to change the port or protocol. These settings also let you specify the security certificate file and private key file for HTTPS communications.

You can modify the Web Service settings through the following interfaces: NetVault WebUI (through the Change Settings page), or Txtconfig.

b
On the NetVault Server Settings page, under Services, click Web Service.
a
In a terminal or command prompt window, type, txtconfig, and press Enter or Return.
b
On the Machine page, press p to view the main menu, and then press the option number for the Web Service page.

HTTP settings

To access the Web Service through HTTP, configure the following settings:

Enable Web Service over HTTP: Select this check box.

HTTPS settings

To access the Web Service through HTTPS, configure the following settings:

Enable Web Service over HTTPS: This protocol is selected by default.
HTTPS Listen port for incoming Web Service connections: By default, NetVault uses port 8443 for HTTPS. If this port is in use by any other server or application, configure an alternate port.
WebService security certificate file: To use HTTPS, provide a SSL certificate.
NetVault provides a self-signed certificate (server.crt), which resides in the etc directory under the NetVault installation directory. This certificate generates warnings in most browsers.
Ciphers to disable for incoming Web Service connections: You can modify the Web Service configuration to disable ciphers for incoming web service connections settings to prevent from allowing one or more ciphers. These settings can be configured from the NetVault Server Settings page. By default, this field is blank and all the ciphers are allowed.
Protocols to disable for incoming Web Service connections: You can modify the Web Service configuration to disable protocol for incoming web service connections settings to prevent from allowing one or more protocols. These settings can be configured from the NetVault Server Settings page. By default, this field is blank and all the protocols are allowed.
WebService private key file: Provide the private key file required for HTTPS communications.
The default key file is server.key, which resides in the etc directory under the NetVault installation directory.
NetVault WebUI: Click Apply to apply the settings and close the WebUI dialog box.
Txtconfig: Press s to save the settings, and then press q to quit Txtconfig.

Understanding Managed Service Provider

Managed Service Provider (MSP) offers back up as a service to multiple client organizations (tenant). It offers on-demand backup service through an intuitive interface. NetVault provides multi-tenant environment, which provides an easy management of multiple clients (tenants) on the same instance, where, tenants register with the MSP to protect and manage their data. In this environment, the MSP performs all required NetVault Server tasks and the tenants and tenant users can view only the data pertaining to respective organization and its groups. Tenants can also perform required backup tasks for their associated clients.The user roles ensure that users have access to only the information that they are authorized to see.

NetVault allows you to install and manage the NetVault Server at MSP site. The backup target storage is managed and provided by MSP to transfer the backup data. Tenants backup and restore operations are managed through various roles assigned to tenant users. NetVault Server maintains data abstraction between different tenants and their users based on role assigned to them.

About user and roles

NetVault multi-tenant environment includes a service provider (MSP) and multiple tenants. Each role has distinct responsibilities, associated activities, and access restriction between the tenants. The different users available in this environment are:

MSP administrator: The MSP administrator owns the NetVault system and manages its use by multiple tenants.
Tenant administrator: Each client organization has a tenant administrator who is part of tenant users group in MSP AD. The tenant administrator can configure tenant-specific deployments, but they cannot access or change the information for another tenant user or administrator.
Tenant user: Tenant users have no administrative privileges and can see only the data that they have access. A user can belong to more than one role. These users can create, submit, monitor, and restore backup jobs.

All the users like, MSP administrator, tenant administrator, and tenant users must be created under the MSP organizations AD domain. NetVault Server can have multiple MSP Admin, and MSP admin performs all the required NetVault Server tasks. Each tenant must have two unique groups, one group for tenant administrator and another for tenant users. Where all users of tenant administrators group are required to perform tenant administrators task in NetVault Server.

Related Documents

The document was helpful.

Select Rating

I easily found the information I needed.

Select Rating