NetWorker: NVP vProxy: How To Configure AD/LDAP Users For "VMware FLR Users"
摘要: This KB goes over how to integrate AD/LDAP users/groups with the NetWorker server User Group "VMware FLR Users." This group can be used to perform Virtual Machine (VM) FLR using the Data Protection Restore Client on the VM needing the FLR. ...
本文章適用於
本文章不適用於
本文無關於任何特定產品。
本文未識別所有產品版本。
說明
The steps go over how to integrate Active Directory (AD) or the Lightweight Directory Access Protocol (LDAP) users/groups with the NetWorker server user group "VMware FLR Users." The AD users can then be used to authenticate using the Data Protection Restore Client (DPRC) on the VM that requires a File Level Restore (FLR). The KB assumes that the environment already has an external AD/LDAP authentication authority configured in the NetWorker data zone.
Prerequisite:
For information to configure an external AD/LDAP authentication authority, see: NetWorker: How To Set up AD/LDAP Authentication
Process:
- Log in to the NetWorker Web User Interface (NWUI) and go to Authentication Server -> External Authorities. Open the properties of the External Authority resource. Make note of the Tenant and Domain values:
- On the NetWorker server, run the following command to identify the Distinguished Name (DN) of the AD/LDAP group you want to grant "VMware FLR Users" rights to
Syntax:
authc_mgmt -u administrator -e query-ldap-groups-for-user -D query-tenant=TENANT_NAME -D query-domain=DOMAIN_NAME -D user-name=AD/LDAP_USERNAME
Example:
[root@nsr ~]# authc_mgmt -u Administrator -e query-ldap-groups-for-user -D query-tenant=default -D query-domain=amer.lan -D user-name=flradmin Enter password: The query returns 1 records. Group Name Full Dn Name FLR_Administrators CN=FLR_Administrators,CN=Users,dc=amer,dc=lan
NOTE: You are prompted to enter the NetWorker administrator password. You can add a
-p 'PASSWORD' flag to the command; however, this fails on some OS due to OS security settings that prevent plain text passwords from being specified. Replace the TENANT_NAME and DOMAIN_NAME values with the corresponding values from step 1.
- From NWUI, go to Server -> User Groups -> VMware FLR Users -> Edit.
- In the External Roles field, enter the DN of the FLR users group, then click Save.
- Log in to a VM that has been backed up and access the Data Protection Restore Client (DPRC) from a web browser:
https://NETWORKER-SERVER-NAME:9090/flr
- Select User and enter the AD user information, then click Login
NOTE: If you are not using the "default" tenant (shown in step 1). You must specify the tenant name before the domain and username values, e.g:
TENANT\DOMAIN\USER
- Once authenticated, a list of the VMs backups is presented.
其他資訊
The web-based Data Protection Restore Client lets you browse VM backups as file systems to locate and restore specific directories or files. The browser also allows you to restore individual SQL databases and instances.
User: For file-level restore, a user account that can restore folders or files to the original virtual machine. For SQL restore, a user account that can restore individual SQL databases and instances to the original machine from the virtual machine you are logged into.
Admin: For file-level restore, use a NetWorker admin or Auth Service user authorized to restore files from any VM to any destination client. For SQL restore, use a NetWorker admin or Auth Service user authorized to restore SQL databases to the original or another VM with valid backups.
NOTE: When a file-level restore operation is in progress on a virtual machine, no other backup or recovery operation can be performed on this virtual machine. Wait until the file-level restore session completes before starting any other operation on the virtual machine.
Additional Resources:
受影響的產品
NetWorker產品
NetWorker文章屬性
文章編號: 000158028
文章類型: How To
上次修改時間: 09 6月 2025
版本: 6
向其他 Dell 使用者尋求您問題的答案
支援服務
檢查您的裝置是否在支援服務的涵蓋範圍內。