Friday, December 16, 2011

Setting up an account for the antivirus agent on a NetApp

When you install an antivirus server like Trend Micro ServerProtect or McAfee VirusScan Enterprise for Storage or a backup agent (such as HP Data Protector) and you want to plug them on your NetApp, there is one action which is necessary to allow the Trend or ePO agent to communicate with the filer.

This action is to set up a user account which can bypass file security to scan or backup the shared files wherever they are stored on the NetApp qtrees.

So, the first step to accomplish this action is to create an Active Directory user account named yourdomain\youravuser (if you don't have one already). Then you have to add yourdomain\youravuser to the local backup operator group on the NetApp.

The commands to use are shown below.

Start by opening a ssh session on the filer then run the following command to add yourdomain\youravuser to the Backup Operators group:

useradmin domainuser add yourdomain\youravuser -g "Backup Operators"

The output of this command is:

SID = S-1-5-21-2008546643-30345388-3495930542-111619 successfully added to Backup Operators

To double check that your configuration is good, run the following command:

useradmin domainuser list -g "backup operators"

The SID of the user you just added should be listed inside the members of this group. For sake of completeness, do a reverse lookup of the SID:

cifs lookup S-1-5-21-2008546643-30345388-3495930542-111619

The expected output is:

name = yourdomain\youravuser

I hope this post helped you. For additional NetApp commands check this.

1 comment:

Related Posts Plugin for WordPress, Blogger...