NetWorker: How to update AD information for NMC AD/LDAP external authentication

AD/LDAP auth fields that require updating (e.g: service provider hostname, service account user/password) can be updated using the authc_config script. The default NetWorker administrator account password must be known. If the administrator password has expired or is not known, follow NetWorker: How to reset Administrator password; Otherwise, use one of the following options to update the external authority in NetWorker.

Option 1

This method is preferred, particularly if AD over SSL (LDAPS) authentication is configured. If the NetWorker Web User Interface (NWUI) is not available, use option 3 to update AD over SSL integrations. Log in to the NWUI using the NetWorker Administrator account. Go to Authentication Server->External Authorities. Select the external authority and click Edit:

Option 2

Log in to the NetWorker Management Console (NMC) using the NetWorker Administrator account. Go to Setup->Users and Roles->External Authority. Open the External Authority configuration and update the fields which require updating:

Option 3

The authc script template can be modified to contain update-config instead of add-config. This allows the required fields to be updated when the script is run from the command line:

Windows: C:\Program Files\EMC NetWorker\nsr\authc-server\scripts\
Linux: /opt/nsr/authc-server/scripts/

Option 4

Run the authc_config command with the options which require updating.

Example: The AD/LDAP service account password must be specified in the command:

C:\>authc_config -u administrator -p nmc_admin_password -e update-config -D "config-tenant-id=tenant_id" -D "config-name=config_name" -D "config-user-dn-password=new_service_account_password"
Configuration lab is updated successfully.

Confirm that the changes by either logging into the NMC or using the nsrlogin command:

nsrlogin -t tenant -d domain -u user

nsrlogout