Avamar Admin Guide
Avamar Admin Guide
Avamar Admin Guide
Version 18.2
Administration Guide
302-005-101
REV 01
Copyright © 2001-2018 Dell Inc. or its subsidiaries. All rights reserved.
Dell believes the information in this publication is accurate as of its publication date. The information is subject to change without notice.
THE INFORMATION IN THIS PUBLICATION IS PROVIDED “AS-IS.“ DELL MAKES NO REPRESENTATIONS OR WARRANTIES OF ANY KIND
WITH RESPECT TO THE INFORMATION IN THIS PUBLICATION, AND SPECIFICALLY DISCLAIMS IMPLIED WARRANTIES OF
MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE. USE, COPYING, AND DISTRIBUTION OF ANY DELL SOFTWARE DESCRIBED
IN THIS PUBLICATION REQUIRES AN APPLICABLE SOFTWARE LICENSE.
Dell Technologies, Dell, EMC, Dell EMC and other trademarks are trademarks of Dell Inc. or its subsidiaries. Other trademarks may be the property
of their respective owners. Published in the USA.
Dell EMC
Hopkinton, Massachusetts 01748-9103
1-508-435-1000 In North America 1-866-464-7381
www.DellEMC.com
Figures 11
Tables 13
Preface 17
Chapter 1 Introduction 21
Avamar system overview............................................................................ 22
Avamar server............................................................................... 22
Avamar clients............................................................................... 25
User interfaces.............................................................................. 27
Data Domain system support......................................................... 29
Data deduplication......................................................................................29
Security and networking.............................................................................30
Encryption..................................................................................... 30
IPv4 and IPv6 support................................................................... 30
TSL 1.2 encryption protocol required..............................................31
SSH MAC algorithms..................................................................... 31
Clients...................................................................................................... 334
Client and server tools................................................................. 334
Add Clients.................................................................................. 340
Registered Clients....................................................................... 345
Activated Clients......................................................................... 346
Failed Clients............................................................................... 348
Idle Clients...................................................................................349
Upgrade Clients........................................................................... 349
Policies..................................................................................................... 352
Adding clients to a group............................................................. 352
Removing clients from a group.................................................... 353
Viewing the dataset policy of a group.......................................... 353
Viewing the retention policy of a group....................................... 353
Viewing the schedule policy of a group........................................ 354
Queues..................................................................................................... 354
Canceling a task.......................................................................... 354
Logs......................................................................................................... 355
Viewing the client log after upgrading an Avamar client.............. 356
Clearing all log entries in a section...............................................356
Glossary 419
1 Typographical conventions..........................................................................................18
2 MCS functions............................................................................................................24
3 Supported plug-ins..................................................................................................... 26
4 Avamar system management features of Backup & Recovery Manager..................... 27
5 Dashboard launcher link..............................................................................................40
6 System State fields on the Avamar Administrator dashboard......................................41
7 Backup job fields in the Avamar Administrator dashboard...........................................44
8 System alerts in the Critical Events panel...................................................................46
9 Launcher shortcut icons on the status bar..................................................................46
10 Scheduler and backup dispatching status messages................................................... 47
11 Status messages for unacknowledged events............................................................ 48
12 Operational status messages for Avamaror Data Domain............................................48
13 AUI navigation pane....................................................................................................53
14 System alerts............................................................................................................. 58
15 Session details available in the Activity Monitor ......................................................... 61
16 Client details available in the Activity Monitor............................................................. 61
17 Policy details available in the Activity Monitor............................................................ 62
18 Attributes for each entry in a clients definition file......................................................72
19 Client Summary Information....................................................................................... 78
20 Avamar user account information............................................................................... 84
21 Supported directory service types..............................................................................86
22 Required Key Distribution Center ports...................................................................... 88
23 Parameter requirements for LDAP base functionality................................................. 92
24 Additional parameter for LDAP base functionality ..................................................... 92
25 OpenLDAP directory service parameters....................................................................98
26 Error messages during directory service configuration'............................................. 101
27 Administrator roles....................................................................................................105
28 Operator roles...........................................................................................................106
29 User roles.................................................................................................................. 107
30 AUI feature pane access by administrator user role...................................................108
31 AUI feature pane access by operator user role.......................................................... 109
32 Directories excluded from Default Dataset backups ..................................................116
33 Directories excluded from UNIX Dataset backups ..................................................... 117
34 Directories excluded from Windows Dataset backups ............................................... 117
35 Schedule types..........................................................................................................122
36 Schedule catalog.......................................................................................................124
37 Settings for each type of schedule............................................................................125
38 Basic retention settings............................................................................................ 130
39 Retention policy catalog............................................................................................132
40 VMware groups......................................................................................................... 134
41 Settings for each type of schedule............................................................................138
42 Jobs | Backups pane..................................................................................................147
43 Backup statistics dialog box information................................................................... 148
44 Target locations for system recovery backups of an Oracle Solaris client................. 172
45 Session Monitor tab properties.................................................................................. 181
46 Avamar server maintenance activities....................................................................... 187
47 Checkpoint states..................................................................................................... 188
48 Services Administration tab information....................................................................192
49 Default live file directory for MCS configuration files................................................195
50 MCS backup timestamp files.....................................................................................196
51 Solutions for common NAT problems........................................................................ 199
52 Read-only fields on the View/Edit Contact Information dialog box...........................200
53 Editable fields on the View/Edit Contact Information dialog box...............................201
As part of an effort to improve the product lines, revisions of the software and
hardware are periodically released. Therefore, some functions that are described in
this document might not be supported by all versions of the software or hardware
currently in use. The product release notes provide the most up-to-date information
on product features.
Contact the technical support professional when a product does not function correctly
or does not function as described in this document.
Note
This document was accurate at publication time. To find the latest version of this
document, go to Online Support (https://support.EMC.com).
Purpose
This guide describes how to configure, administer, monitor, and maintain the Avamar
system.
Audience
The information in this guide is primarily intended for system administrators who are
responsible for maintaining servers and clients on a network, as well as operators who
monitor daily backups and storage devices.
Revision history
The following table presents the revision history of this document.
Related documentation
The following publications provide additional information:
l E-lab Navigator at https://elabnavigator.emc.com/eln/
modernHomeDataProtection
l Avamar Release Notes
l Avamar Operational Best Practices Guide
l Avamar and Data Domain System Integration Guide
l Avamar Reports Guide
l All Avamar client and plug-in user guides
DANGER
WARNING
CAUTION
NOTICE
Note
Typographical conventions
These type style conventions are used in this document.
Italic Used for full titles of publications that are referenced in text
Monospace Used for:
l System code
l System output, such as an error message or script
l Pathnames, filenames, prompts, and syntax
l Commands and options
Note
To open a service request, you must have a valid support agreement. Contact a sales
representative for details about obtaining a valid support agreement or with questions
about an account.
To review an open service request, click the Service Center link on the Service
Center panel, and then click View and manage service requests.
Enhancing support
It is recommended to enable ConnectEMC and Email Home on all Avamar systems:
l ConnectEMC automatically generates service requests for high priority events.
l Email Home sends configuration, capacity, and general system information to
Customer Support.
Comments and suggestions
Comments and suggestions help to continue to improve the accuracy, organization,
and overall quality of the user publications. Send comments and suggestions about
this document to DPAD.Doc.Feedback@emc.com.
Please include the following information:
l Product name and version
l Document name, part number, and revision (for example, 01)
l Page numbers
l Other details to help address documentation issues
Introduction 21
Introduction
Avamar server
Avamar is a hard disk based IP network backup and restore solution. Avamar servers
use internal hard disk storage. An Avamar server is a logical grouping of one or more
nodes that is used to store and manage client backups.
Hardware manufacturers typically call their equipment servers (for instance, the Dell
PowerEdge 2950 server). In the context of an Avamar system, this equipment is called
a node. An Avamar node is a self-contained, rack-mountable, network-addressable
computer that runs Avamar server software on the Linux operating system.
Avamar ensures fault tolerance by managing disk drive space in units of space called
stripes.
In the Avamar system, an object is a single instance of deduplicated data. Each
Avamar object inherently has a unique ID. Objects are stored and managed within
stripes on the Avamar server.
Figure 1 Avamar server nodes, stripes, and objects
1. Avamar server.
2. Avamar node.
3. Disk drive storage on the node.
4. Stripe on the disk drive.
5. Object on the stripe.
All Avamar servers store client backups and also provide essential processes and
services that are required for client access and remote system administration.
Avamar servers are available in either single-node or scalable multi-node
configurations. For the most part, when using Avamar Administrator management
console software, all Avamar servers look and behave the same. The main differences
among Avamar server configurations are the number of nodes and disk drives that are
reported in the server monitor.
Documenting specific differences in Avamar server hardware configurations is beyond
the scope of this guide. Whenever specific limitations and best practices for certain
configurations are known, they are noted. However, these occasional notes should not
be considered definitive or exhaustive. Consult an Avamar Sales representative or an
Avamar reseller for more information about specific hardware.
Nodes
The primary building block in any Avamar server is a node. Each node is a self-
contained, rack-mountable, network-addressable computer that runs Avamar server
software on the Linux operating system.
Nodes can also contain internal storage in the form of hard disk drives. If the node is
configured with internal storage (that is, a single-node server), it is internally mirrored
to provide robust fault tolerance.
There are three types of nodes.
Utility node
A utility node is dedicated to scheduling and managing background Avamar server
jobs. In scalable multi-node Avamar servers, a single utility node provides essential
internal services for the server, such as:
l Management Console Server (MCS)
l External authentication
l Network Time Protocol (NTP)
l Web access
Because utility nodes are dedicated to running these essential services on multi-node
Avamar servers, they cannot be used to store backups. Single-node Avamar servers
combine all of the features and functions of utility and storage nodes on a single node.
Storage nodes
Storage nodes are nodes that store backup data. Multiple storage nodes are
configured with multi-node Avamar servers which are based on performance and
capacity requirements. You can add storage nodes to an Avamar server over time to
expand performance with no downtime.
Avamar clients connect directly with Avamar storage nodes. Client connections and
data are load that is balanced across storage nodes.
NDMP Accelerator
An NDMP Accelerator node is a specialized node that uses NDMP to provide data
protection for certain NAS devices, including the EMC Celerra® IP storage systems
and Network Appliance filers.
Avamar server 23
Introduction
Avamar server 01
EM
Data Avamar
Tomcat
Server Scheduler/ PostgreSQL server 03
Reporting (EMT)
dispatcher database
Avamar
Events server 04
Data server
When performing a backup, restore, or validation, Avamar backup clients
communicate directly with the data server. All scheduled backups are initiated by the
MCS scheduler.
Function Description
Client registry Controls client registration and activation.
Function Description
PostgreSQL database Stores Avamar server data. PostgreSQL is an
open architecture database management
system. Information in the MCS database is
accessible through any PostgreSQL-
compliant ODBC interface. The MCS
database file name is mcdb, and it is on the
utility node in the /usr/local/
avamar/var/mc/server_data/
postgres directory. The MCS database
contents are fully backed up on the Avamar
server and can be restored when the MCS
fails.
NOTICE
Avamar clients
Avamar provides client software for various computing platforms. Each client
comprises a client agent and one or more plug-ins.
Figure 3 Avamar client agent and plug-ins
Avamar client
Avamar server
Avamar clients 25
Introduction
Agents
Avamar agents are platform-specific software processes that run on the client and
communicate with the Management Console Server (MCS) and any plug-ins that are
installed on that client.
Plug-ins
There are two types of Avamar plug-ins:
l File system plug-ins that are used to browse, back up, and restore files or
directories on a specific client file system.
l Application plug-ins that support backup and restore of databases or other special
applications.
The following table lists the file system and application plug-ins that Avamar supports.
User interfaces
Several user interfaces are available in the Avamar system to enable management and
monitoring.
Avamar Web User Interface
The Avamar Web User Interface (AUI) is a web management application that is used
to administer an Avamar server.
Avamar Administrator
Avamar Administrator is a graphical management console software application that is
used to administer an Avamar system from a supported Windows client computer.
Avamar Backup & Recovery Manager
Backup & Recovery Manager manages all Avamar systems in the enterprise. Backup &
Recovery Manager also has an integrated user interface to manage the enterprise’s
NetWorker servers and Data Domain backup targets.
The following table lists some of the enterprise management capabilities of Backup &
Recovery Manager. The table does not include additional features in Backup &
Recovery Manager that are specific to NetWorker servers and to Data Domain backup
targets.
Display warnings, errors, and system alerts Yes, in a quick-look graphical display and in
detailed text. Filter the view by product,
system, and category.
User interfaces 27
Introduction
Table 4 Avamar system management features of Backup & Recovery Manager (continued)
The Backup & Recovery Manager product documentation provides complete details
on the user interface.
Avamar Client Manager
Avamar Client Manager is a web-based management application that provides
centralized Avamar client administration capabilities for larger businesses and
enterprises. Avamar Client Manager helps with the management of large numbers of
Avamar clients.
Avamar Client Manager works with Avamar clients on a supported native operating
system and Avamar clients on a supported operating system running in a VMware
virtual machine. Avamar Client Manager cannot work with Avamar clients through
virtual center, virtual machine, or virtual proxy configurations. The Avamar Client
Manager UI displays supported Avamar clients and hides all unsupported clients.
Avamar Desktop/Laptop
Avamar Desktop/Laptop is a version of the Avamar client software that adds
enhanced features for enterprise desktop and laptop computers.
The Avamar Desktop/Laptop features are designed to improve the functionality of
Avamar client for Windows and Macintosh desktops and laptops. Many of the features
are also supported on qualifying Linux computers.
Avamar Desktop/Laptop functionality is available through two user interfaces:
l The client local user interface (client UI) is installed on the client computer when
you install either the Avamar Client for Windows or the Avamar Client for Mac OS
X. With the client UI, an Avamar icon appears in the notification area ("system
tray") on Windows computers or on the menu bar on Mac computers. Right-click
the icon on Windows or click the icon on Mac to open the client menu, which
provides access to backup, restore, program settings, and logs.
l Use the web browser user interface (web UI) to start an on-demand backup or
restore, view backup and restore activity for a client computer, or configure other
backup settings for a client computer.
Avamar Installation Manager
The Avamar Installation Manager user interface is part of the AvInstaller software that
Customer Support installs on the utility node during an Avamar server software
installation or upgrade. Use the Avamar Installation Manager to install and upgrade
software on the Avamar server.
Avamar Downloader Service
The Avamar Downloader Service manages the process of checking for and
downloading Avamar server software updates. The Avamar Downloader Service
software runs on a stand-alone Microsoft Windows server that allows network access
to Avamar sites on the Internet and to all Avamar servers at a site.
Avamar Web Restore
Avamar Web Restore provides access to the following functionality:
Data deduplication
Data deduplication is a key feature of the Avamar system. Data deduplication ensures
that each unique sub-file, variable length object is stored only once across sites and
servers.
During backups, Avamar client software examines the client file system and applies a
data deduplication algorithm that identifies redundant data sequences and breaks the
client file system into sub-file, variable length data segments. Each data segment is
assigned a unique ID.
The client software then determines whether this unique ID has already been stored
on the Avamar server. If this object resides on the Avamar server, a link to the stored
object is referenced in the backup.
Once an object has been stored on the server, it is not sent over the network again, no
matter how many times it is encountered on any number of clients. This feature
significantly reduces network traffic and provides for greatly enhanced storage
efficiency on the server.
Encryption
To provide enhanced security, Avamar can encrypt all data that is sent between
clients and the server “in flight.”
You can set the encryption level on a client-by-client basis in client properties, or for
an entire group of clients in group properties. You can also disable “in-flight”
encryption entirely.
Each Avamar server can also be configured to encrypt data that is stored on the
server “at rest.” The decision to encrypt all data that is stored in an Avamar server is
typically a one-time decision that is made when the server is initially deployed at a
customer site.
Note
Older versions of SSH clients, such as PuTTY or Plink, use weak MAC algorithms for
an SSH connection and must be upgraded. To view the latest release of PuTTY, see
http://www.putty.org/
Avamar Administrator 33
Avamar Administrator
Note
Before installing Avamar Administrator, ensure that the platform has already been
manually upgraded to Java 7 or 8. Ensure that the DNS environment is configured so
that all clients that run the Administrator can resolve the Hash File System address
(hfsaddr) value.
l If you are installing the software on 32-bit Windows, click + next to the
Microsoft Windows Vista, 7, 8, 8.1, 10, Microsoft Windows Server 2008
(Console) folder.
l If you are installing the software on 64-bit Windows, click + next to the
Microsoft Windows Vista, 7, 8, 8.1, 10, Microsoft Windows Server 2008,
2008 R2, 2012, 2012 R2 (Console) folder.
6. Locate the Java Runtime Environment (JRE) install package, which is typically
the last entry in the folder.
7. If the JRE on the client computer is older than the JRE hosted on the Avamar
server, download and install the newer JRE from the Avamar server:
a. Click the jre-version.exe install package, where version is the JRE
version.
b. Open the installation file, or download the file and then open it from the
saved location.
c. Follow the onscreen instructions to complete the JRE installation.
8. Click the AvamarConsoleMultiple-windows-version.exe install
package, where version is the Avamar Administrator software version.
9. Open the installation file, or download the file and then open it from the saved
location.
10. Follow the onscreen instructions to complete the Avamar Administrator
software installation.
Note
Use the Red Hat Enterprise Linux 5 install packages for all supported Linux
versions.
6. Locate the JRE RPM install package, which is typically the last entry in the
folder.
7. If the JRE on the client computer is older than the JRE hosted on the Avamar
server, then download the install package to a temporary folder such as /tmp.
The install package filename is jre-version-platform.rpm, where version
is the JRE version and platform is the computing platform.
The configuration process prompts you to specify the location of the JRE
installation.
15. Press Enter to accept the default install location.
The configuration process prompts you to specify the root directory of the
Avamar software.
16. Press Enter to accept the default install location.
A confirmation message appears.
Note
Note
Before installing the new version of Avamar Administrator, ensure that the
platform has already been manually upgraded to Java 7 or 8.
Procedure
1. Open a command shell and log in by using one of the following methods:
l For a single-node server, log in to the server as admin.
l For a multi-node server:
a. Log in to the utility node as admin.
b. Load the admin OpenSSH key by typing the following command:
ssh-agent bash
ssh-add ~admin/.ssh/admin_key
2. Stop the Management Console Server (mcs) service by typing dpnctl stop
mcs.
3. Change the working directory to /usr/local/avamar/var/mc/
server_data/prefs by typing cd /usr/local/avamar/var/mc/
server_data/prefs.
4. Open mcserver.xml in a plain text editor.
5. Find the <node name="mon"> entry.
6. Edit the value of the <entry key="consoleInactiveMinutesToReport"
value="n" /> entry within the <node name="mon"> entry, where n is the
session time-out value in minutes.
7. Save the change and close the text editor.
8. Start the MCS and the scheduler by typing the following command:
Note
Automatically supply the Server and Domain Name boxes with an Avamar
server name and an Avamar domain by clicking Options and typing the server
name in Default Administrator Server and the domain name in Default
Domain.
launcher link
The dashboard launcher link run persistent windows to perform tasks in Avamar
Administrator.
Backup & Restore Backup, Restore, and Perform on-demand backups and
Manage restore, and manage completed
backups.
Data Movement Policy Data Movement Policy Configure policy-based replication and
cloud tier.
Field Description
Field Description
Last Validated Checkpoint Specifies the amount of time since the last
checkpoint validation occurred:
l A green check mark indicates that a
checkpoint validation has successfully
completed on this Avamar server within
the past 48 hours.
l A yellow caution icon indicates that a
checkpoint validation has successfully
completed on this Avamar server between
48 hours and 72 hours ago.
l A red x icon indicates that more than 72
hours have elapsed since a checkpoint
validation successfully completed on this
Avamar server.
Last Garbage Collection Specifies the amount of time since the last
garbage collection occurred:
l A green check mark indicates that
garbage collection has successfully
completed on this Avamar server within
the past 30 hours.
Field Description
Data Domain System(s) State Summarizes the operational state of all Data
Domain systems that have been added to this
Avamar server:
l A green check mark indicates that all Data
Domain systems are fully operational.
l A yellow caution icon indicates that there
is one or more issues with Data Domain
systems that require attention. However,
backups can continue.
l A red x icon indicates that there is one or
more problems with Data Domain systems
that require immediate attention. Backups
cannot occur until all problems are
resolved.
Scheduler State
The Scheduler State field indicates whether scheduled activities are running or
suspended. Scheduled activities include backups, email notifications, and replications.
If scheduled activities are running, then the activities occur at the scheduled time. If
scheduled activities are suspended, then the activities do not occur until you resume
the activities.
To suspend or resume scheduled activities, click Suspend or Resume.
Maintenance Activities State
The Maintenance Activities State field indicates whether maintenance activities are
running or suspended. Maintenance activities include checkpoints, checkpoint
validation, and garbage collection. If maintenance activities are running, then the
activities occur at the scheduled time. If maintenance activities are suspended, then
the activities do not occur until you resume the activities from the Server window.
License Expiration
The License Expiration field lists the calendar date on which the license for the
Avamar server expires.
Activities panel
The Activities panel in the Avamar Administrator dashboard provides status and
detailed information for backup and replication jobs.
Backup Jobs
The main status icon for backup jobs in the Activities panel indicates whether
scheduled backups occur at the scheduled time or if there is a problem that is
preventing scheduled backups from occurring.
To display detailed status information, click the arrow button next to the Backup Jobs
field. The following table provides details on the status information available for
backup jobs.
Field Description
You can also view the total number of backup jobs that:
l Are pending.
l Are currently running.
l Failed within the specified period.
l Succeeded with exceptions within the specified period.
l Succeeded within the specified period.
To control the period for the results of completed backups, select a value from the
Period list.
To view detailed information for a backup job in the Activity Monitor, click a numeric
button.
Replication Jobs
The main status icon for replication jobs in the Activities panel indicates whether
replication jobs occur:
l A green check mark icon indicates that scheduled replication jobs occur at the
scheduled time.
l A yellow caution icon indicates that one or more replication groups are disabled.
l A red x icon indicates that scheduled replication jobs are blocked. The block might
be due to the scheduler being in a suspended state, all replication groups being
disabled, or some other issue with the system.
To configure replication groups in the Replication window, click the window icon to
the right of the icon.
You can also view the total number of replication jobs that:
l Are pending.
l Are currently running.
l Failed within the specified period.
l Succeeded with exceptions within the specified period.
l Succeeded within the specified period.
To control the period for the results of completed replication jobs, select a value from
the Period list.
To view detailed information for a replication job in the Replication Report, click a
numeric button.
Capacity panel
The Capacity panel on the Avamar Administrator dashboard provides system capacity
usage information for the Avamar server and any Data Domain systems that have been
added.
Avamar server capacity information
The capacity usage of the Avamar server is shown as a vertical bar with color
indicators for usage levels that are based on the percentage of total capacity. A text
field lists the percentage of used capacity.
If the Avamar system configuration includes a Data Domain system, then Avamar
server capacity calculations include metadata usage for the Data Domain system.
Click the link on the Avamar server name to view detailed system information in the
Server Monitor, including Data Domain metadata utilization, if applicable.
Data Domain system capacity information
Each configured Data Domain system is listed separately in the Capacity panel.
The capacity usage of the Data Domain system is shown as a vertical bar with color
indicators for usage levels that are based on the percentage of total capacity.
Text fields list the total capacity of the Data Domain system in gibibytes (GiB), the
amount of used capacity as a percentage and value in GiB, and the total amount of
available capacity in GiB.
To view the Data Domain Enterprise Manager web page for that system, click the link
on the Data Domain system name.
Capacity panel 45
Avamar Administrator
Status bar
The status bar at the bottom of each Avamar Administrator persistent window
conveys status information and provides a single-click shortcut to specific features
and functions.
Figure 6 Avamar Administrator status bar
Launcher shortcuts
The shortcut icons on the left side of the status bar provide shortcuts to the six main
Avamar Administrator windows.
The following table lists the shortcut icons that are available on the status bar.
Backup & Restore Backup, Restore, and Perform on-demand backups and
Manage restore, and manage completed
backups.
Data Movement Policy Data Movement Policy Configure policy-based replication and
cloud tier.
Status messages
The right side of the status bar shows status messages for scheduler and backup
dispatching, unacknowledged events, and the Avamar server and Data Domain
systems.
Scheduler and backup dispatching status
The scheduler controls whether scheduled backups occur. The backup dispatching
status indicates whether backups can occur based on whether the health check limit
has been reached. The following table lists the available status messages.
Sch/Disp: Suspended/Running Although the health check limit has not been
reached, backups do not occur at the
scheduled time because scheduled backups
are disabled. Backups can resume when you
resume scheduled operations.
Status bar 47
Avamar Administrator
Unacknowledged events
Certain system events to require acknowledgement by an Avamar server administrator
each time they occur. The following table lists the available status messages.
To suspend or resume Avamar server activities, click the Server status icon or text
label to display the Avamar Server window Session Monitor tab. From there, select
Actions > Resume Backups/Restores or Actions > Suspend Backups/Restores to
resume or suspend server activities, respectively.
To view additional details about Data Domain system status, open the Server window
by clicking Navigation > Server. Select the Server Management tab, and then select
the Data Domain system in the tree. The Monitoring Status of the Data Domain
system appears in the right pane. The Avamar and Data Domain System Integration
Guide provides details on the available detailed status messages.
The upper pane shows the Avamar server domain structure. The lower pane shows
contents of any domain that is selected in the upper pane. You can click the split pane
icon to the left of the filter field between the two panes to split the two panes
vertically instead of horizontally.
To show all clients in subfolders, click the double folder icon to the left of the filter
field.
Type one or more characters in the filter field to filter the list to have only clients with
names that contain those characters.
Mouse shortcuts
The Avamar Administrator user interface supports context-sensitive left-click, right-
click, and double-click shortcuts.
Right-click
All GUI elements that can enable features or functions when clicked, have right-click
support added to them. However, when the GUI element only acts as a navigation
mechanism, there is no right-click support. For example, the Policy window client tree
has a right-click shortcut menu because specific features and functions become
available based on which node of the tree is selected.
Double-click
For all tables where properties or edit dialog boxes can be invoked, double-click any
row of the table to display the properties or edit dialog box. Additionally, when lists are
used, double-click an element in the list to display the edit dialog box.
Column heading sort
Click a table column heading to sort that column. For example, double-click the
Activity Monitor State column to sort the Activity Monitor by the state of each
backup.
Press Shift and then click any table column heading to reverse sort the values in a
table column.
Note
Note
To browse to another location in the UI, click a link in the navigation pane. This action
opens the menu item in the main window.
The links provide access to the following features in the AUI:
Replication Policy Copies client backups from the source Avamar system
to an alternate destination. Replicating backups to an
alternate destination protects against data loss if the
source Avamar system fails.
Cloud Tier Policy Moves Avamar backups from Data Domain to the cloud
and performs seamless recovery of these backups.
b. Click YES.
You are logged out of the AUI.
AUI dashboard
The Avamar Web User Interface dashboard provides an at-a-glance view of Avamar
system status.
The dashboard appears when you log in to the AUI and is divided into sections with
each section displaying summary information.
The following figure illustrates the Dashboard view.
Note
When you run a backup job for a client, the Avamar server updates this value.
You can manage assets from the AUI by selecting Asset Management in the
navigation pane.
Icon Description
Indicates the number of clients within the domain.
Clients
Indicates the number of activities (backup and replication jobs) that have
been initiated by clients within the domain.
Activities
Indicates the number of policies that apply to the clients within the
domain.
Policies
Property Description
Name Descriptive client name.
Domain The Avamar domain for the client.
Enabled Whether Avamar can perform backups for the client. Regardless
of this setting, the client can restore files as long as a previous
backup exists in the system.
Activated Whether the client is activated with the Avamar server.
Client type The type of client (for example, regular, virtual machine, Image
Proxy, or VMware vCenter).
Note
Only the backups within the past 24 hours appear in the Activities | Backup panel. If
you restart the Avamar Management Console Server (MCS), this value is reset.
Note
Only the replication jobs within the past 24 hours appear in the Activities |
Replication panel. If you restart the Avamar Management Console Server (MCS), this
value is reset.
Note
To view Avamar client details, ensure that you run the scheduler service:
1. In the AUI header pane, click .
2. Toggle the Scheduler State switch to Running.
Note
The AUI Activity Monitor window has been optimized for at least 1366 pixels-wide
screens. Display issues might occur for smaller screens. To properly display the AUI,
ensure that your display is at least 1366 pixels wide.
The Activity Monitor provides you with options to filter the information that appears:
l Filter activities by duration—By default, the Activity Monitor displays the most
recent 5,000 client activities. To select a different duration, in the Filter activities
by duration drop-down list, select Last 24 hours or Last 72 hours.
l Filter activities by domain—By default, the Activity Monitor displays all activities
regardless of domain. To display only the activities for a specific domain, in the
Filter activities by domain drop-down list, select a domain or subdomain.
l Filter activities by status—By default, the Activity Monitor displays all activities
regardless of status.
To display only activities with a specific status, at the top of the Activity Monitor,
select one of the following options:
n Canceled
n Completed
n Completed with Exceptions
n Failed
n Running
n Waiting
To filter activities by client, start time, plug-in, or type, click in their respective
column.
The Activity Monitor displays the date and time that an activity began, and the total
number of bytes examined during an activity.
Field Description
Status Status of the backup, restore, or validation
activity.
Field Description
ID The unique identifier for the Avamar client.
Field Description
Client Avamar client name.
Field Description
Sched. Start Time Date and time that this activity was scheduled
to begin.
Sched. End Time Date and time that this activity was scheduled
to end.
Field Description
l Y—Yearly
l N—No specific retention type
Monitor backups
You can monitor backups to ensure a successful completion of restores and
troubleshooting of issues. The Activity Monitor in the Avamar Web User Interface
enables you to view status information for backups.
Procedure
1. In the AUI navigation pane on the left, click , and then click Activity.
The Activity Monitor appears with a list of all activities.
2. To filter the results to display only backup activity:
a. Click next to the Type column.
b. Type On-Demand Backup.
c. Press Enter.
Cancel backups
You can cancel a backup any time before it completes. The cancellation might take 5
minutes or longer. The backup might complete before the cancellation finishes.
Procedure
1. In the AUI navigation pane on the left, click , and then click Activity.
The Activity Monitor appears with a list of activities.
2. Select the backup from the list.
3. Click CANCEL.
A confirmation dialog box is displayed.
4. Click YES.
Monitor backups 63
Avamar Web User Interface
2. Select an activity from the list, and then click VIEW LOGS.
The Log details window appears. By default, the Activity Monitor displays a
detailed log of all client backup activity for the past 72 hours.
3. To filter the content based on a search string, in the search field, type the
string.
4. To download the log file, click Download.
Monitor restores
You can monitor and view status information for backup and restore operations in the
Activity Monitor.
To access the Activity Monitor, open the navigation pane, and then click Activity.
The Activity Monitor appears with a list of all activities.
Note
The AUI Activity Monitor window has been optimized for at least 1366 pixels-wide
screens. Display issues might occur for smaller screens. To properly display the AUI,
ensure that your display is at least 1366 pixels wide.
The Activity Monitor provides you with options to filter the information that appears:
l Filter activities by duration—By default, the Activity Monitor displays the most
recent 5,000 client activities. To select a different duration, in the Filter activities
by duration drop-down list, select Last 24 hours or Last 72 hours.
l Filter activities by domain—By default, the Activity Monitor displays all activities
regardless of domain. To display only the activities for a specific domain, in the
Filter activities by domain drop-down list, select a domain or subdomain.
l Filter activities by status—By default, the Activity Monitor displays all activities
regardless of status.
To display only activities with a specific status, at the top of the Activity Monitor,
select one of the following options:
n Canceled
n Completed
n Completed with Exceptions
n Failed
n Running
n Waiting
To filter activities by client, start time, plug-in, or type, click in their respective
column.
The Activity Monitor displays the date and time that an activity began, and the total
number of bytes examined during an activity.
Cancel restores
You can cancel a restore any time before it completes. The cancellation might take 5
minutes or longer. The restore might complete before the cancellation finishes.
Procedure
1. In the AUI navigation pane on the left, click , and then click Activity.
The Activity Monitor appears with a list of activities.
2. Select the restore from the list.
3. Click CANCEL.
A confirmation dialog box is displayed.
4. Click YES.
Cancel restores 65
Avamar Web User Interface
Client Management 67
Client Management
Client domains
Avamar client domains are distinct zones to organize and segregate clients in the
Avamar server. The server provides enhanced security by enabling you to define
administrative user accounts on a domain-by-domain basis.
Avamar client domains are completely internal to the Avamar server and have nothing
to do with Internet domains.
Nested structure
You can nest domains to create a rich tree structure. Consider the following example
domain.
Figure 10 Avamar domain example
Create a domain
Procedure
1. In the AUI navigation pane on the left, click , and then click Asset
Management.
2. In the Asset Management pane, perform the following steps:
a. In the hierarchical Domain tree, select a location in the tree where you
would like to create a domain.
b. Click .
The Create domain dialog box is displayed.
3. In the Name field, type the name of the domain.
Domain names must be 63 characters or fewer, and must not use any of the
following characters: =~!@$^%(){}[]|,`;#\/:*?<>'"&.
4. (Optional) Type the name, telephone number, email address, and location for a
contact for the domain in the remaining fields.
5. Click OK.
A confirmation message is displayed.
Create a domain 69
Client Management
Delete a domain
When you delete a domain, the process also deletes any clients in the domain. To
preserve the clients in the system, move the clients to a new domain before you delete
the domain.
If you use directory service authentication, Avamar removes the LDAP maps that use
that domain for access. The associated directory service groups are otherwise
unaffected by the deletion.
Procedure
1. In the AUI navigation pane on the left, click , and then click Asset
Management.
2. In the hierarchical Domain tree, select the domain that you would like to delete.
3. To delete the domain, perform either of the following steps:
l
Click the overflow menu ( ), and then select Delete Domain.
l In the DOMAIN ACTIONS pane, select Delete Domain.
The Delete Domain dialog box is displayed.
4. Click Yes.
Client registration
Client registration is the process of establishing an identity with the Avamar server.
Once Avamar “knows” the client, it assigns a unique client ID (CID), which it passes
back to the client during activation.
There are three ways to register a client:
l Client-side registration
l Interactive server-side registration by using Avamar Administrator
l Batch client registration
Note
When registering a client to another server, unregister the client from the original
server before registering it with another server.
Client-side registration
The client-side registration process depends on the operating system.
The Avamar Backup Clients User Guide describes client-side registration for each
supported operating system.
Client-side registration also activates the client at the same time. However, the client
is automatically added to the Default Group and must use the default dataset,
schedule, and retention policy. As a result, this method may not provide enough
control for some sites.
Note
The Avamar for VMware User Guide provides information about VMware
vCenter, Image Proxy, and virtual machine client types.
NOTICE
The clients definition file in this topic is for reference purposes only. Do not try to
copy and paste this example into a clients definitions file. Invisible formatting
characters prevent you from successfully doing so.
Define each client by using a separate <entry> element. The following table
describes the available attributes for each <entry> element.
Attribute Description
host_name Network hostname or IP address for this
client.
Attribute Description
overrides the default retention policy that
would normally be inherited from the group.
Note
CSV format
CSV clients definition files use the same element and attribute names as the XML
format. However, you must define each client on a single line and separate each
attribute value by a comma, as shown in the following example:
host_name,mcs_domain,mcs_group,dataset,retention_policy,
contact_address,contact_port,access_list,encryption,
encryption_override
Activating a client
Client activation is the process of passing the client ID (CID) back to the client, where
it is stored in a file on the client file system.
Before you begin
l The client must be present on the network.
l The Avamar client software must be installed and running on the client.
l The Avamar server must be able to resolve the hostname that was used to register
the client.
There are two ways to activate a client:
l Begin activation from the client. The Avamar Backup Clients User Guide describes
this method.
l Invite the client to activate with the server by using the AUI
NOTICE
HP-UX, Linux, and Solaris clients can either be activated during installation or by using
Avamar Administrator. There is no client-side command to begin client activation on
these computing platforms.
Procedure
1. In the AUI navigation pane on the left, click , and then click Asset
Management.
2. In the domain tree, select the domain for the client.
3. In the list of clients, select the client that you want to activate.
You can only view clients in the domain for the login account. To view all clients,
log in to the root domain.
4. Click MORE ACTIONS > Invite Client.
A status message indicates that the client was sent an invitation to activate
with the server.
Reactivating a client
In certain circumstance, such as client computer replacement, you may need to
reactivate a client account with newly installed client software.
Procedure
1. In the AUI navigation pane on the left, click , and then click Asset
Management.
2. In the domain tree, select the domain for the client.
3. In the list of clients, select the client that you want to reactivate.
You can only view clients in the domain for the login account. To view all clients,
log in to the root domain.
4. Click MORE ACTIONS > Edit Client.
The Edit Client window is displayed.
5. Select the Activated check box.
6. Click UPDATE.
After you finish
After deactivating the client, follow instructions in the user guide for the specific plug-
in to complete client registration. This procedure deactivates the client so that it can
be activated again.
Client paging
Avamar clients can be either pageable or non-pageable. If a client is pageable you can
specify settings to control how the MCS determines the paging settings for the client.
You may need to use workarounds for limitations that exist in environments with non-
pageable clients.
Pageable clients
Pageable clients have provided the Avamar server with a page address and port
number, which enable performance of on-demand backups and restores. Avamar
Administrator can also browse the client file system during backups and restores in
Avamar Administrator.
You can specify one of the following client paging settings to control how the MCS
determines the paging settings for a client:
l Automatic — With the default setting of automatic paging, the MCS tries to
automatically determine the paging settings for the client. If the MCS receives
updated paging information from the client, it automatically updates the settings.
l Manual — With manual paging, specify the IP address and data port number for
client/MCS communications. You may want to use manual paging when using
Network Address Translation (NAT). With NAT, the MCS probably cannot
automatically determine the correct client paging settings. In manual mode, the
MCS never overwrites the IP address and port number settings for the client.
You can also disable automatic paging without specifying an IP address or data port
number for client/MCS communications. Disabling automatic paging might be useful
to support clients that are off the network for extended periods of time, as can be the
Reactivating a client 75
Client Management
case with laptop computers. These clients must launch their own on-demand backups.
For this reason, you should enable client paging whenever possible.
Non-pageable clients
A client is non-pageable when the Avamar Administrator server is not running on the
Avamar server utility node or on a single-node server cannot establish a TCP/IP
connection to port 28002 on the Avamar client.
When a client might be non-pageable
A client might be non-pageable in the following situations:
l The environment (including the client) has firewall rules that prevent incoming
connections on port 28002 to the client.
l The client is behind a router that does not support port-forwarding for
connections that were initiated from the Avamar server. (This step is the common
situation that managed service providers to enable encounter when they deploy
Avamar without using VPN.)
l The Avamar Administrator server cannot connect to the Avamar client on the
paging address that is used by the Avamar Administrator server. An example is
when the client is multi-homed and the paging address that the Avamar
Administrator server uses for connecting the client does not have a route to the
paging address.
l The environment requires authentication to establish a host-to-host connection to
port 28002 on the client, and the Avamar Administrator server process is not able
to support the required authentication protocol.
l An IPSec environment. In a Windows environment, Microsoft best practices
recommend enabling IPSec. Clients are not pageable in an IPSec environment.
MCS should automatically detect non-pageable clients and adjust settings. Usually no
manual changes are needed in MCS. You can determine whether a client is pageable or
non-pageable by viewing the Client Summary in the AUI. If No appears in the Paging
Enabled field for the client, then MCS cannot connect to the avagent process on
the client, which makes the client non-pageable.
Limitations in environments with non-pageable clients
You can use Avamar Administrator to perform backups or restores, or define policies in
environments with non-pageable clients. In some cases, you must type explicit path
names.
The following limitations apply when the client is non-pageable:
l If the MCS cannot page the client on port 28002, then Avamar cannot invite the
client to activate by using Avamar Administrator.
l You cannot browse the client file system when defining datasets or when browsing
to select a target for restore. To work around this limitation, explicitly define the
backup dataset without browsing a client. During a restore, explicitly type the
restore target path.
l You cannot view client logs. To work around this limitation, get the logs from the
client computer.
l You cannot page the client when there is a work order waiting for the client. In this
case, the client connects to the MCS and polls for the existence of a work order
approximately once every minute.
If you are backing up several hundred or more non-pageable clients, you may need
to increase the polling interval. The default polling interval is 60 s. If MCS
performance is slowing down, increase the polling interval until you achieve
acceptable performance.
You can only view clients in the domain for the login account. To view all clients,
log in to the root domain.
4. Click MORE ACTIONS > Edit Client.
The Edit Client window is displayed.
5. Edit the name, contact information, or location information for the client.
6. Click UPDATE.
A confirmation message is displayed.
The client details that are described in the following table appear in the right
pane of the window.
Column Description
Name Descriptive client name.
Enabled Whether Avamar can perform backups for the client. Regardless of this
setting, the client can restore files as long as a previous backup exists in
the system.
Activation Time The time that the client is activated with the Avamar server.
Last Check-in The date and time that the Avamar client agent last checked in with the
Avamar server.
Encryption The encryption method that is used for client/server data transfer.
CID The Client ID, a unique identifier for this client in the Avamar server. CIDs
are assigned during client activation.
Client Paging Whether the client has provided the Avamar server with a page address
and port number, by that allowing it to perform on-demand backups and
restores. In addition, Avamar Administrator can browse its file system
during Avamar Administrator-initiated backups and restores.
Column Description
Backup Status information for backup jobs for the client.
Statistics
Retiring a client
When you retire a client, Avamar stops running backups of the client. Avamar uses the
specified retention setting for the existing backups of a retired client to determine
how long to retain the existing backups. Avamar also uses the specified retention
setting for existing replicas of a retired client's backups to determine how long to
retain the existing replicas.
To restore data from existing backups or replicas of a retired client, use Avamar
Administrator.
Procedure
1. In the AUI navigation pane on the left, click , and then click Asset
Management.
2. In the domain tree, select the domain for the client.
3. In the list of clients, select the client that you want to retire.
You can only view clients in the domain for the login account. To view all clients,
log in to the root domain.
4. Click MORE ACTIONS > Retire Client.
The Retire Client window appears.
5. In the Local Backups section, choose how long to keep backups for the client:
l To keep backups until their existing expiration dates, select Retain local
backups with existing expiration date.
l To keep backups indefinitely, regardless of the existing expiration dates,
select Retain all local backups indefinitely.
l To keep backups until a new expiration date, select Reset local backup
expiration date and in New Expiration Date, select a new date.
6. For clients with replicas, in the Remote Backups section, choose how long to
keep replicas for the client:
l To keep replicas until their existing expiration dates, select Retain remote
backups with existing expiration date.
l To keep replicas indefinitely, regardless of the existing expiration dates,
select Retain all remote backups indefinitely.
l To keep replicas until a new expiration date, select Reset remote backup
expiration date and then select a new date.
7. To retire child VMware clients, in the Force Retire section, select Ignore
running acitivity and force retire child vm client.
8. Click SUBMIT.
A confirmation message appears.
Deleting a client
Delete a client and all backups of the client. Optionally, choose to delete all replicas
that exist on replication destination systems.
When you delete a client, Avamar permanently deletes all backups that are stored for
that client. Only delete a client when you are certain that there is no reason to retain
the backups. If there is any doubt, retire the client instead.
Procedure
1. In the AUI navigation pane on the left, click , and then click Asset
Management.
2. In the hierarchical Domain tree, select the domain.
3. In the list of clients, select the client that you want to delete.
You can only view clients in the domain for the login account. To view all clients,
log in to the root domain.
4. Click MORE ACTIONS > Delete Client.
The Delete Client dialog box appears and displays the number of existing
backups for the client.
5. Select I understand this action is permanent and irreversible.
This field is a safety net to avoid unintentionally deleting a client and the client's
backups.
6. Click YES.
Icon Description
Indicates the number of clients within the domain.
Clients
Indicates the number of activities (backup and replication jobs) that have
been initiated by clients within the domain.
Activities
Indicates the number of policies that apply to the clients within the
domain.
Policies
Property Description
Name Descriptive client name.
Domain The Avamar domain for the client.
Enabled Whether Avamar can perform backups for the client. Regardless
of this setting, the client can restore files as long as a previous
backup exists in the system.
Activated Whether the client is activated with the Avamar server.
Client type The type of client (for example, regular, virtual machine, Image
Proxy, or VMware vCenter).
The following table describes the information that comprises an Avamar user account.
Information Description
Username The username depends on the authentication
system and must be in the format that the
authentication system accepts. For example,
the internal authentication system uses case-
sensitive usernames, whereas Windows Active
Directory usernames are case-insensitive.
Usernames cannot be longer than 31
characters.
User authentication
An authentication system is a username/password system that is used to grant users
access to the Avamar server.
Avamar supports the following authentication systems:
l Avamar internal authentication, as described in Avamar internal authentication on
page 86.
l Directory service authentication, as described in Directory service authentication
on page 86.
Avamar also supports the deprecated authentication method Enterprise
Authentication. Enabling backward compatibility with Enterprise Authentication on
page 104 describes how to enable continued support for Enterprise Authentication.
User authentication 85
User Management and Authentication
4. When the login information does not meet the requirements of any of the previous
steps, then the login fails and a failure message appears.
Avamar supports encrypted LDAP and OpenLDAP directory service authentication via
SSL/TLS. By default, Avamar uses TLS 1.2 if supported by the LDAP or OpenLDAP
server. Otherwise, Avamar falls back to a supported version of SSL/TLS. However,
the Avamar server does not provide an SSL/TLS certificate to the LDAP or
OpenLDAP server for client authentication.
LDAP maps
Directory service authentication uses LDAP maps to form a group of Avamar domain
users by using information from a directory service. Link Avamar authorization levels
to mapped directory service user accounts to create LDAP maps. The Adding an LDAP
map section provides more information.
NOTICE
Deleting an Avamar domain removes the LDAP maps that rely on that Avamar domain
for access. However, removing LDAP maps does not affect the directory service
groups or the directory service user records that are associated with the removed
maps.
encrypts usernames and passwords before sending them to port 88 on the Key
Distribution Center.
To use Avamar's LDAP directory service authentication without the Kerberos protocol,
in a Simple Bind, manually edit the ldap.properties file.
Port Description
number
88 Kerberos authentication system
3. Open a command shell and log in by using one of the following methods:
l For a single-node server, log in to the server as admin.
l For a multi-node server, log in to the utility node as admin.
4. Switch user to root by typing the following command:
su -
6. Import the LDAP server certificate into the keystore by typing the following
command on one line:
NOTICE
Do not use the wizard to add a directory service that performs authentication using
Simple Bind (plaintext). Instead, manually edit the ldap.properties file as
described in Editing the directory service configuration files on page 91.
Procedure
1. Log in to the root domain in Avamar Administrator as an administrator.
a. Launch Avamar Administrator.
b. In Server, type the IP address or DNS name of the Avamar server to log in
to.
c. In User Name, type a username.
The username must be for an account that is assigned to the administrator
role at the root domain level.
When Avamar is already configured to use a directory service, alternatively
log in by using an LDAP account with administrator authorization at the root
domain level. Use the format: username@ldap-domain.
e. Click Add.
A confirmation message appears.
f. Click Yes.
A success message appears. If an error message appears instead, then
resolve the issue and re-add the directory service. Error messages during
directory service configuration on page 101 provides details.
g. Click OK.
The changes are applied to the Management Console Server (mcs) and EM
Tomcat (emt) services.
6. (Optional) Repeat the previous step to add other authentication domains.
7. Test the directory service entries:
a. In the Directory Service Management dialog box, select one of the entries
from Configured Directory Services.
The Testing section appears.
b. In Username, type the username for an account that is authorized to read
the directory service database.
c. In Password, type the password that is associated with the username.
d. Click Run Test.
If an error message appears, then resolve the issue. Error messages during
directory service configuration on page 101 provides details.
edit the file by using the LDAP Management tool, the format must comply with
specific parameter requirements. You can manually add other settings to
ldap.properties to meet an organization's authentication requirements.
LDAP base functionality parameter requirements
The following table lists the parameter requirements for LDAP base functionality.
ldap.url.ds.example.abc.com=ldaps:
//dchost.r1.example.abc.com:636
where:
Additional parameters
You can add other parameters to ldap.properties by using the LDAP
Management tool in Avamar Administrator. The following table lists the available
settings.
ldap.auth.domain.boston=boston.edu
ldap.auth.domain.boston=boston.edu
ldap.query.domain.boston=science.boston.edu,art.
boston.edu
ldap.entry.lookup.type.ldap-domain Defines the method that is used by the LDAP server when
looking up a username, where ldap-domain is the
authentication domain. Possible values are:
l UN for username, the method that is commonly used by
LDAP directory services. (Default)
l DN for distinguished name, the method that is commonly
used by OpenLDAP directory services.
For example, if the users for the domain example.com can be found in Users,
inside Employees, inside People, at the tree root, and in Admins at the tree
root, then type:
ldap.userdn.example.com=ou=Users,ou=Employees,ou=People;ou=Admin
s
7. In the text entry area, type the following, on a new line:
ldap.rootdn.ldap-domain=rootdn-format
where:
l ldap-domain is the domain name of the OpenLDAP server
l rootdn-format is the root distinguished name format that is used by the
LDAP server
This parameter is required, unless the LDAP server uses the following root
distinguished name format: dc=domain-segment,dc=domain-segment
For example, an LDAP server that stores the root distinguished name as
dc=example, dc=com, does not require this parameter in
ldap.properties.
However, an LDAP server that stores the root distinguished name as
u=example, o=com requires the following parameter in ldap.properties:
ldap.rootdn.exaple.com=u=example,o=com
8. In the text entry area, add optional OpenLDAP parameters.
Type each parameter on a new line.
9. Click Save.
10. Test the directory service entries:
a. In the Directory Service Management dialog box, select one of the entries
from Configured Directory Services.
The Testing section appears.
b. In Username, type the username for an account that is authorized to read
the directory service database.
c. In Password, type the password that is associated with the username.
d. Click Run Test.
If an error message appears, then resolve the issue. Error messages during
directory service configuration on page 101 provides details.
e. To close the Testing section, click Close.
11. Click Close on the Directory Service Management dialog box.
Results
The Avamar system enables authentication through the OpenLDAP directory service.
After you finish
To associate the directory service group to Avamar user information, create an LDAP
map. Adding an LDAP map on page 101 provides instructions.
8. Click Save.
9. Click Close on the Directory Service Management dialog box.
Results
The Avamar system enables the specified mix of Avamar authentication and
OpenLDAP authentication.
For an LDAP domain "xyz.com" that uses the object class search filter. This parameter is optional. Replace ldap-domain
attribute "cn" in user searches: with the domain name of the LDAP server and replace search-
ldap.user.search.attrs.xyz.com=cn attribute with a single attribute that is used by the user search
filter. The default value is uid.
ldap.group.search.byUpn.classes.ldap-domain=search- Specifies the object class type that is used by the group
upn
search User Principal Name filter. This parameter is optional.
For an LDAP domain "xyz.com" that uses the User Principal
Replace ldap-domain with the domain name of the LDAP
Name object class types: sambaGroupMapping and server and replace search-upn with the value that specifies
posixGroup in group searches: the object class type that is used by the group search User
ldap.group.search.byUpn.classes.xyz.com=sambaGroupM Principal Name filter. Comma separated values can be used.
apping,posixGroup The default value is *.
ldap.group.search.byUpn.attrs.ldap-domain=upn- Specifies the object class attributes used by the group search
attributes
User Principal Name filter. This parameter is optional. Replace
ldap-domain with the domain name of the LDAP server and
ldap.unique.group.search.classes.ldap- Specifies the object class type that is used by the Unique
domain=unique-type
Groups group search filter. This parameter is optional.
For an LDAP domain "xyz.com" that uses the object class Replace ldap-domain with the domain name of the LDAP
type "posixGroup" in Unique Groups group searches: server and replace unique-type with the value that specifies
ldap.unique.group.search.classes.xyz.com=posixGroup the object class type that is used by the Unique Groups group
search filter. Comma separated values can be used. The
default value is
sambaGroupMapping,posixGroup,groupOfUniqueNam
es.
ldap.unique.group.search.attrs.ldap-domain=unique- Specifies the object class attributes used by the Unique
attributes
Groups group search filter. This parameter is optional.
For an LDAP domain "xyz.com" that uses the object class Replace ldap-domain with the domain name of the LDAP
attributes "cn" and "uid" in Unique Groups group searches: server and replace unique-attributes with the value that
ldap.unique.group.search.attrs.xyz.com=cn,uid specifies the object class attributes used by the Unique
Groups group search filter. Comma separated values can be
used. The default value is cn.
user-login-module=mix Enables authentication using the mix mode of Avamar
authentication with OpenLDAP authentication. Configuration
must also include: user-login-module-mix-ldap=ldap
and avamar-authentication-domains=av-domain-list.
user-login-module-mix-ldap=ldap Specifies that the Avamar system uses Avamar authentication
with OpenLDAP authentication. Configuration must also
include: user-login-module=mix and avamar-
authentication-domains=av-domain-list.
avamar-authentication-domains=av-domain-list Specifies the internal Avamar domains that the Avamar
For an Avamar system that uses OpenLDAP and uses Avamar system checks during Avamar authentication. Replace av-
authentication for the domains: /, /swclients, and / domain-list with a comma-separated list of Avamar domains.
adminclients: Configuration must also include: user-login-module=mix
avamar-authentication-domains=/,/swclients,/ and user-login-module-mix-ldap=ldap.
adminclients
If you already configured a directory service, then you can log in with an
account for an LDAP user with the administrator role at the root domain
level.
Cannot discover KDC A key distribution center (KDC) could not be found by using
the specified domain information.
Parameters are not correct The directory service domain information in the
ldap.properties file is invalid.
Clock skew too great The differential between the clock on the Avamar server host
and the clock on the directory service host is too large.
Cannot open LDAP configuration file The ldap.properties file does not exist or the file
permissions prevent access.
Cannot open Kerberos configuration file The krb5.conf file does not exist or the file permissions
prevent access.
Cannot get kdc for realm The KDC is improperly configured in the krb5.conf file.
a. From the Auth Domain list, select a domain to use for authentication.
b. In the User Name box, type a username for an account that has Read
privileges for the domain.
c. In the Password box, type the password for the username.
d. Click OK.
The Directory Service Authentication dialog box closes and the search starts.
The Search button on the New LDAP Group Map dialog box changes to Stop.
To terminate a search, click Stop. Searching a directory service can take a long
time.
The search is complete when groups appear in the LDAP Groups list.
10. From the LDAP Groups list, select the group to map.
11. From the Role list, select a role for the group.
12. Click OK.
The group is mapped and the New LDAP Group Map dialog box closes. To see
the mapping on the LDAP Maps tab, select the administrative node.
ssh-agent bash
ssh-add ~admin/.ssh/admin_key
2. Stop the Management Console Server (mcs) service by typing dpnctl stop
mcs.
3. Change the working directory by typing the following command:
cd /usr/local/avamar/var/mc/server_data/prefs
ssh-agent bash
ssh-add ~admin/.ssh/admin_key
2. Stop the Management Console Server (mcs) service by typing dpnctl stop
mcs.
3. Change the working directory by typing the following command:
cd /usr/local/avamar/var/mc/server_data/prefs
Roles
Roles define the allowable operations for each user account.
There are three types of roles:
l Administrator roles
l Operator roles
l User roles
Administrator roles
Administrators are responsible for maintaining the server.
You can only assign the role of administrator to user accounts at a domain level.
Domain level includes the top-level (root) domain and any other domain or subdomain.
You cannot assign the administrator role to user accounts at a client level.
You can assign the administrator role to users at the top-level (root) domain or to a
specific domain or subdomain.
Avamar 18.2 introduces the concept of the vCenter administrator. This role is specific
to the AUI and has no counterpart in Avamar Administrator.
Domain administrators Administrators at domains other than root generally have access to most of the features that are
described in this guide. Administrators typically can only view or operate on objects in the domain.
Any activity that would allow a domain administrator to view data outside the domain is disallowed.
Access to server features of a global nature (for example, suspending or resuming scheduled
operations or changing runtimes for maintenance activities) is disallowed. Domain administrators:
l Cannot add or edit other subdomain administrators.
l Cannot change their assigned role.
l Can change their password.
Domain administrators do not have access to the AUI dashboard.
vCenter administrator vCenter administrators have access to the same features as domain administrators, but additionally
have access to the AUI dashboard and to event management area within the vCenter domain.
Operator roles
Operator roles are generally implemented to allow certain users limited access to
certain areas of the server to perform backups and restores, or obtain status and run
Roles 105
User Management and Authentication
reports. These roles allow greater freedom in assigning backup, restore, and reporting
tasks to persons other than administrators.
You can only assign operator roles to user accounts at the domain level. You cannot
assign these roles to user accounts at the client level. To add the user account to
subdomains, you must have administrator privileges on the parent domain or above.
Users with an operator role do not have access to all administrative features. Instead,
after login, they are presented with an interface that provides access to the features
that they are allowed to use.
The following table describes the four operator roles.
Backup only operator Backup only operators are generally only allowed to perform backups and to monitor those activities
to determine when they complete and if they completed without errors. Backup only operators at
the top-level (root) domain can perform backups for any client or group in the server. Backup only
operators at domains other than root can only perform backups for clients or groups in that domain.
Backup only operators can perform on-demand backups of a client or a group, as well as monitor
activities in the assigned domain.
l By default, backup only operators cannot perform restores to a different location or restores to
multiple locations. To enable this option, you must set the
restore_admin_can_direct_restores attribute to true in the mcserver.xml file.
l By default, backup only operators cannot perform backups from the command line. To enable
command line backups for a backup only operator, add the noticketrequired privilege by
using the avmgr chgv avmgr chgv --acnt=location --u=name --ud=auth \ --
pv="enabled,read,mclogin,backup,noticketrequired"command: where location is
the subdomain of the operator, name is the Avamar username of the user, and auth is the
external authentication system that is used to authenticate the user.
Backup/restore Backup/restore operators are generally only allowed to perform backups or restores and to monitor
operator those activities to determine when they complete and if they completed without errors. As with roles
that are assigned to other domain user accounts, backup/restore operators at the top-level (root)
domain can perform backups and restores for any client or group in the server. Backup/restore
operators at domains other than root can only perform backups and restores for clients or groups in
that domain. Backup/restore operators can perform the following tasks in the assigned domain:
Activity operator Activity operators are generally only allowed to monitor backup and restore activities and to create
certain reports. Activity operators at the top-level (root) domain can view or create reports for
backup and restore activities in all domains and subdomains. Activity operators at domains other
than root can only view or create reports for backup and restore activities in that domain. Activity
operators can perform the following tasks in the assigned domain:
l Monitor activities.
l View the group status summary.
l View the Activity Report.
l View the Replication Report.
User roles
User roles limit the operations that are allowed for a user account to a specific client.
Users who are assigned to one of the user roles cannot log in to the Avamar
Administrator, the AUI, Avamar Client Manager, or the Avamar client web UI.
Note
Avamar Administrator provides the ability to add a user account to a client. However,
you cannot add a user account to a client from the Avamar Web User Interface (AUI).
Restore (Read) Only Users assigned this role can start restores directly from the client by using the avtar command line
User or Management Console Server (MCS) web services.
Back Up/Restore User Users assigned this role can start backups and restores directly from the client by using the avtar
command line or MCS web services.
Restore (Read) Only/ Similar to the Restore (Read) Only User role except that operating system file permissions are
Ignore File Permissions ignored during restores. This user is allowed to restore any file that is stored for an Avamar client.
Dashboard No No No No
Backup Policy No No No No
Advanced No No No No
Policy
Replication No No No No
Policy
Cloud Tier No No No No
Policy
Setting No No No No
Proxy No No No No
Management
System No No No No
Event No No No No
Note
5. Click Add.
The User Management window appears.
6. (Optional) From the Authentication System list, select an authentication
system.
The Authentication System list normally appears in a dimmed state, with
Axion Authentication System (the internal system) that is selected. This step
indicates that the ability to select an enterprise authentication system is not
currently enabled.
The enterprise authentication system, which is described in the Avamar Product
Security Guide, is deprecated and will be removed in future releases. However it
can be used with this release. To enable the ability to select an enterprise
authentication system, complete the procedure that is described in Enabling
backward compatibility with Enterprise Authentication on page 104.
For a more robust alternative to enterprise authentication, use the method that
is described in Preparing to use LDAP directory service authentication on page
88.
d. Click OK.
A confirmation message appears.
Deleting a user
Procedure
1. In the AUI navigation pane, click , and then click Setting.
The Setting pane appears.
2. Click the User tab.
3. In the hierarchical Domain tree, select the domain with the user.
4. Select the user.
5. Click Delete.
A confirmation message appears.
6. Click Yes.
A second confirmation message appears.
Backup 113
Backup
l To automatically delete this backup from the Avamar server after a specific
amount of time, select Retention period. Specify the number of days,
weeks, months, or years for the retention period.
l To automatically delete this backup from the Avamar server on a specific
calendar date, select End date and browse to that date on the calendar.
l To keep this backup for as long as this client remains active in the Avamar
server, select No end date.
8. From the Avamar encryption method list, select the encryption method to use
for data transfer between the client and the Avamar server during the backup.
The encryption technology and bit strength for a client/server connection
depends on several factors, including the client operating system and Avamar
server version. The Avamar Product Security Guide provides additional
information.
9. From the Optionally select a proxy to perform backup list, select the proxy.
The default setting is Automatic, which enables the Avamar server to choose
the best proxy for this operation.
Dataset catalog
The Avamar system includes a set of preconfigured datasets by default. You can use
these datasets for scheduled backups of clients, or you can create a custom dataset.
Note
You cannot edit or delete the settings for the Avamar server preconfigured installed
datasets. Modification of a user-defined dataset impacts the existing backup policies
that use the selected dataset. If you edit the settings of a user-defined dataset, the
changes are enforced on all members of the backup policy, unless you override the
backup policy settings and assign another dataset at the client level.
Base Dataset
The Base Dataset defines a set of minimum, or baseline, backup requirements. The
initial settings in the Base Dataset are:
l No source data plug-ins
l No explicit exclusion or inclusion list entries
It is essentially an empty dataset.
Default Dataset
The Default Dataset defines persistent backup selections for the Default Group. The
initial settings in the Default Dataset are:
l All available source data plug-ins
l No explicit exclusion or inclusion list entries
It ensures that all members of the Default Group can back up their client computers
regardless of platform type.
The directories that are listed in the following table are also inherently excluded from
all backups, although they do not explicitly appear in the exclusion list.
Exclusion Description
.snapshot/ NetApp mounts
UNIX Dataset
The UNIX Dataset is optimized for use with AIX, FreeBSD, HP-UX, Linux, and Solaris
clients. The initial settings in the UNIX Dataset are:
l Only the AIX, FreeBSD, HP-UX, Linux, Macintosh OS X, and Solaris file system
source data plug-ins
l Explicit exclusion of various temp directories (/tmp, /var/tmp, /usr/tmp), core
dump files (core), and local cache files (*cache.dat, *scan.dat)
l No explicit inclusion list entries
The directories that are listed in the following table are also inherently excluded from
all UNIX Dataset backups, although they do not explicitly appear in the exclusion list.
Exclusion Description
.snapshot/ NetApp mounts
Windows Dataset
The Windows Dataset is optimized for use with Microsoft Windows clients. The initial
settings in the Windows Dataset are:
l Only Windows file system source data plug-in
l No explicit exclusion or inclusion list entries
The directories that are listed in the following table are also inherently excluded from
all Windows Dataset backups, although they do not explicitly appear in the exclusion
list.
Exclusion Description
.snapshot/ NetApp mounts
All files that the following registry keys are Files that are explicitly designated by
referencing to: Microsoft to exclude from backups
l HKEY_LOCAL_MACHINE\SYSTEM
\CurrentControlSet\Control
\BackupRestore
\FilesNotToBackup
l HKEY_CURRENT_USER\SYSTEM
\CurrentControlSet\Control
\BackupRestore
\FilesNotToBackup
l The only available source data plug-ins are Linux and Windows virtual disks, and
both are selected by default.
l The Select Files and/or Folders option, as well as the Exclusions and Inclusions
tabs, are disabled.
l Change block tracking is enabled by default using an embedded
utilize_changed_block_list=true plug-in option statement.
The Avamar for VMware User Guide provides details on using the VMware Image
Dataset to back up VMware entities.
Add a dataset
A dataset specifies the data to include in a scheduled backup and the options to use
for the backup. Create at least one dataset for scheduled backups on a client or group
of clients. Create multiple datasets to segregate client data.
Note
When the Avamar server is using Data Domain for back-end storage, the Data Domain
system is the default backup storage location. The system can be changed in the
Options tab.
Procedure
1. In the AUI navigation pane on the left, click , and then click Settings.
The Setting pane is displayed.
2. Click the Dataset tab.
3. Click ADD.
The Create Dataset window is displayed.
4. In the Dataset Name field, type a name for the dataset.
The name can include alphanumeric characters (A-Z, a-z, 0–9) and the
following special characters: period (.), hyphen (-), and underscore (_). Do not
use Unicode characters or the following special characters: ` ~ ! @ # $ % ^ & *
()=+[]{}|\/;:'"<>,?
5. In the Plugins list, select the plug-in to use for the backups.
6. Click the Options tab, and then set plug-in options either by using the graphical
controls or by typing option names and values as text entries.
(Optional) Toggle the Show Advanced Options switch to view advanced
configuration options.
Plug-in options enable you to further customize the behavior of a dataset. The
user guide for each plug-in provides details on the options available for the plug-
in.
7. Click the Source Data tab, and then define the source data plug-ins that
contribute data to this dataset.
l To include data from all plug-ins on the client, select Select All Data for All
Local File Systems.
l To include data only from a specific plug-in and limit the dataset to specific
data:
a. From the Plugins list, select the plug-in to use for the backups.
Additional options might be displayed below the Select Plug-In Type list.
8. Click SUBMIT.
Dataset changes take effect on the next scheduled backup. Backups that have
already begun or have been completed are not affected.
Edit a dataset
To edit a dataset, complete the following steps.
Note
You cannot edit or delete the settings for the Avamar server preconfigured installed
datasets. Modification of a user-defined dataset impacts the existing backup policies
that use the selected dataset. If you edit the settings of a user-defined dataset, the
changes are enforced on all members of the backup policy, unless you override the
backup policy settings and assign another dataset at the client level.
Procedure
1. In the AUI navigation pane on the left, click , and then click Settings.
2. Click the Dataset tab.
The list of configured datasets be displayed.
3. Select a dataset from the list that you want to edit, and then click EDIT.
The Edit DataSet window is displayed.
4. In the Edit DataSet window, complete the following tasks:
a. From the Plugins list, select the plug-in to use for the backups.
b. On the Option tab, edit the plug-in options either by using the graphical
controls or by typing option names and values as text entries.
c. Click the Source Data tab, and then define the source data plug-ins that
contribute data to this dataset.
l To include data from all plug-ins on the client, select Select All Data for
All Local File Systems.
l To include data only from a specific plug-in and limit the dataset to
specific data:
a. From the Plugins list, select the plug-in to use for the backups.
Additional options might be displayed below the Select Plug-In Type
list.
b. To back up all available data with the plug-in:
n Select the option.
n Select Select Files and/or Folders and then type the path to the
data.
c. To type the path to the data to back up, type the path in the File/
Folder Path field and then click Add.
You can limit scheduled backups to a set of data by specifying the
path to the data in the dataset. The following rules apply when you
type the path:
n If you are using a file system plug-in, the first occurrence of an
asterisk (*) in a path is treated as a folder wildcard. For example,
to specify the My Documents folder for all users on a Windows
computer, type C:\Documents and Settings\*\My Documents.
n To specify the Documents folder for all users on a Macintosh,
type /Users/*/Documents.
n When you specify a data path, only the first occurrence of an
asterisk is treated as a folder wildcard. Subsequent occurrences
are interpreted literally.
n The path can include alphanumeric characters (A-Z, a-z, 0–9) and
an asterisk (*) as a wildcard. Do not use any of the following
characters in the data path: ~!@$^%(){}[]|,`;#:*?<>'"&.
l To include data from all plug-ins on the client, select Select All Data for
All Local File Systems.
l To include data only from a specific plug-in and limit the dataset to
specific data:
a. From the Plugins list, select the plug-in to use for the backups.
Additional options might appear below the Select Plug-In Type list.
b. To back up all available data with the plug-in:
n Select the option.
n Select Select Files and/or Folders and then browse to the data
to include in the backups.
c. To type the path to the data to back up, type the path in the File/
Folder Path field and then click Add.
You can limit scheduled backups to a set of data by specifying the
path to the data in the dataset. You can browse to or type the path to
the data. Several rules apply when you type the path.
If you are using a file system plug-in, then the first occurrence of an
asterisk (*) in a path is treated as a folder wildcard. For example, to
specify the My Documents folder for all users on a Windows
computer, type C:\Documents and Settings\*\My Documents. To
specify the Documents folder for all users on a Macintosh, type /
Users/*/Documents.
NOTICE
When you specify a data path, only the first occurrence of an asterisk
is treated as a folder wildcard. Subsequent occurrences are
interpreted literally.
The path can include alphanumeric characters (A-Z, a-z, 0–9) and an
asterisk (*) as a wildcard. Do not use any of the following characters
in the data path: ~!@$^%(){}[]|,`;#:*?<>'"&.
5. Click SUBMIT.
Dataset changes take effect on the next scheduled backup. Backups that have
already begun or have been completed are not affected.
Delete a dataset
To delete a dataset, complete the following steps.
Before you begin
Ensure that the dataset is not currently assigned to a client or group. You cannot
delete a dataset if it is assigned to a client or group.
Note
You cannot edit or delete the settings for the Avamar server preconfigured installed
datasets. Modification of a user-defined dataset impacts the existing backup policies
that use the selected dataset. If you edit the settings of a user-defined dataset, the
changes are enforced on all members of the backup policy, unless you override the
backup policy settings and assign another dataset at the client level.
Procedure
1. In the AUI navigation pane on the left, click , and then click Settings.
2. Click the Dataset tab.
The list of configured datasets is displayed.
3. Select a dataset from the list that you want to delete, and then click DELETE.
A confirmation message is displayed.
4. Click YES.
Managing schedules
This section describes how to manage schedules.
Schedules
Schedules are reusable objects that control when backups, custom event profile email
notifications, and policy-based replication occur.
Schedule types
You can configure an Avamar schedule to repeat a system activity at one of the
intervals that are listed in the following table.
Schedu Description
le type
Daily Repeats a system activity every day at one or more times of the day. With daily
schedules, you must also limit the duration of the activity to prevent job overlap.
Weekly Repeats a system activity every week on one or more days of the week. With
weekly schedules, you must also define the earliest start time for the activity, as
well as the time at which the activity is stopped, even if it is still in progress.
Monthly Repeats a system activity on a specific calendar date or on a designated day of the
week each month, such as the first Sunday of every month. With monthly
schedules, you must also define the earliest start time for the activity, as well as
the time at which the activity is stopped, even if it is still in progress.
client computers that are used for a specific development project will be obsolete at a
specific future date. You can create a schedule for backups that would automatically
cease backups on a certain date. Similarly, if you are administering a large site, you
can create schedules ahead of time, assign them to backup policies, and then activate
them on a certain date. These backup policy backups would not occur until the
schedule took effect.
Because scheduled activities often straddle two calendar days, it is important to
understand that Avamar allocates the full window of time to any activity started by a
schedule. For example, consider a schedule with an earliest start time of 10 p.m., a
latest end time of 6 a.m. (the following morning), and an end after date of December
31 of the current calendar year. On the evening of December 31, the activity starts as
expected and runs until completed, typically sometime during the morning of January 1
the following year. However, beginning January 1, the schedule does not start any new
scheduled activities.
The following figure illustrates how the start time, end time, and duration of a
schedule interact with one another, using the initial settings of the Default schedule.
Figure 12 Schedule start time, end time, and duration
This system activity begins at 10 p.m. (22:00), and can run until 6 a.m. (06:00) the
next day, creating an effective 8 hour duration.
In practice, scheduled activities rarely start or end precisely on time. Server load
affects actual start times, and complexity of the activity affects actual end times. The
complexity of the activity includes the amount of new client data that must be backed
up, the number of backup policy backups that are started, and the number of email
messages that must be sent.
Specifying a schedule start time sets that time as the earliest point that the system
activity can begin. Also, specifying a duration or end time establishes the latest
possible end time for the system activity.
Schedule time zones
When you create or edit schedules, all times are shown relative to the local time zone
for the Avamar Administrator client. For example, assume that you create a schedule
in the Pacific Standard time zone with a next runtime of 10 p.m..The next runtime for
the schedule appears as 1 a.m. the following day (3 hours later) for an administrative
user in the Eastern Standard time zone.
Schedule catalog
The Avamar system includes a set of preconfigured schedules by default. You can use
these schedules or create a custom schedule.
Note
You cannot edit or delete the settings for the Avamar server preconfigured installed
schedules. Modification of a user-defined schedule impacts the existing backup
policies that use the selected schedule. If you edit the settings in user-defined
schedule, the changes are enforced on all members of the backup policy, unless you
override the backup policy settings and assign another schedule at the client level.
Default Tiering Controls backup scheduling for cloud tiering that moves Avamar
Schedule backups from Data Domain to the cloud and performs seamless
recovery of these backups.
Evaluation Schedule Controls when the Evaluation Profile email notification is sent. It is
initially configured to run every Monday at 6 a.m.
Notification Schedule Controls when custom event profile email notification messages are
sent.
Override Daily Defines the available start times for clients that have the Override
Schedule group schedules setting enabled. This schedule is editable. Copies
of this schedule are not used with the Override group schedules
setting.
Statistics Schedule Controls how often various Avamar server statistics (for example, the
Avamar server detail Bytes protected value) are retrieved or
calculated. The default setting for this schedule is hourly.
Usage Intelligence Controls how often the Avamar server collects and transfers
Schedule reporting information to Avamar Support via the ESRS gateway.
Add a schedule
Procedure
1. In the AUI navigation pane on the left, click , and then click Settings.
2. Click the Schedule tab.
3. Click ADD.
The Create Schedule dialog box is displayed.
Schedul Settings
e type
Daily To select the recurrence pattern by interval, perform the following steps:
a. Select By interval.
b. In the From field, select the time when the schedule should take effect. To
make a schedule effective immediately, select the current time.
c. In the To field, select the time when the schedule should end.
To select the recurrence pattern by a point in time, perform the following steps:
b. Specify the time. To make a schedule effective immediately, select the current
time.
c. Click ADD.
The selected times appear in the list.
d. Click NEXT.
Note
Weekly Select the check box next to the days of the week on which the schedule should
run.
7. Click NEXT.
The Recurrence Pattern pane is displayed.
8. Select how often the schedule runs:
a. Select the recurrence pattern. You can choose between by interval or by
time point.
b. Select how long the interval runs and then click ADD.
The selected times appear in the list.
c. Click NEXT.
The Activites Constraint page is displayed.
9. On the Activities Constraint page, complete the following tasks:
a. In the Select schedule start time field, define the activity operating hours
by using the At and From fields. You can modify the date.
You can type the times, or select the time and use the arrow buttons to
change the times.
The server workload affects the start time for an activity. Also, the first time
that a backup is performed for any client, the backup is allowed to continue
past the specified end time. This behavior is permitted because initial
backups can take longer than subsequent backups of the same client.
b. In the Select schedule stop time field, select an end date option for the
schedule.
Choose when to discontinue the schedule:
l To enable a schedule to run indefinitely, select No End Date.
l To discontinue a schedule on a specific date, select End after and then
select a date from the list.
Edit a schedule
Note
You cannot edit or delete the settings for the Avamar server preconfigured installed
schedules. Modification of a user-defined schedule impacts the existing backup
policies that use the selected schedule. If you edit the settings in user-defined
schedule, the changes are enforced on all members of the backup policy, unless you
override the backup policy settings and assign another schedule at the client level.
Procedure
1. In the AUI navigation pane on the left, click , and then click Settings.
2. Click the Schedule tab.
3. Select a schedule and then click EDIT.
The Edit Schedule dialog box appears.
4. Edit the schedule settings.
5. Click OK.
Delete a schedule
Ensure that the schedule is not currently assigned to a group. If a schedule is assigned
to a group, you cannot delete the schedule.
Note
You cannot edit or delete the settings for the Avamar server preconfigured installed
schedules. Modification of a user-defined schedule impacts the existing backup
policies that use the selected schedule. If you edit the settings in user-defined
schedule, the changes are enforced on all members of the backup policy, unless you
override the backup policy settings and assign another schedule at the client level.
Procedure
1. In the AUI navigation pane on the left, click , and then click Settings.
2. Click the Schedule tab.
3. Select the schedule, and then click DELETE.
4. In the confirmation message dialog box, click YES .
Manage rules
Rules are used by the Avamar Server for domain map and automatic backup policy
assignment for auto-discovered VMs.
You can create a new rule, edit an existing rule, or delete a rule.
Create a rule
Rules are used by the Avamar server for domain map and automatic backup policy
assignment for autodiscovered VMs.
When creating rules, ensure that rules are mutually exclusive, to avoid the situation
where a VM might qualify under multiple rules.
Procedure
1. In the AUI navigation pane on the left, click , and then click Settings.
2. Click the Rule tab.
3. In the domain tree, select a vCenter domain or subdomain for the client.
4. On the Setting page, complete the following tasks:
a. Click ADD.
The New Rule window is displayed.
5. In the Rule Name field, type a name for the rule.
6. In the Match Type field, select whether the rule should match Any of the listed
filter mechanisms, or All of them.
This selection allows you to configure multiple different filters to select VMs,
and to determine how these filters interact with one another to select the
correct virtual machines. For example, you might create a filter that uses a
virtual machine folder path to select virtual machines, and another filter that
uses a virtual machine naming convention.
Use this option to determine which virtual machines are included under this rule:
l To include only virtual machines that are in the defined folder path and also
follow the naming convention, select All.
This step excludes virtual machines that are in the folder path but that do
not follow the naming convention. It also excludes virtual machines that
follow the naming convention but are not in the folder path
l To include any virtual machines that are either in the virtual machine folder
path or that follow the naming convention, select Any.
7. To add a filter:
a. Click .
This step adds a row to the list of filters.
Edit a rule
When editing a rule, ensure that rules are mutually exclusive, to avoid the situation
where a virtual machine might qualify under multiple rules.
Procedure
1. In the AUI navigation pane on the left, click , and then click Settings.
2. Click the Rule tab.
3. In the domain tree, select a vCenter domain or subdomain for the client.
4. In the Settings page, complete the following tasks:
a. Select a folder that contains a VMware entity.
b. Select a rule from the list that you want to edit, and then click EDIT.
The Edit Rule window is displayed.
7. To add a filter:
a. Click .
This step adds a row to the list of filters.
Delete a rule
Procedure
1. In the AUI navigation pane on the left, click , and then click Settings.
2. Click the Rule tab.
3. In the domain tree, select a vCenter domain or subdomain for the client.
4. In the Setting page, complete the following tasks:
a. Select a rule from the list.
b. Click DELETE.
Retention policies
Backup retention policies enable you to specify how long to keep a backup in the
system.
A retention policy is assigned to each backup when the backup occurs. Specify a
custom retention policy when you perform an on-demand backup, or create a
retention policy that is assigned automatically to a group of clients during a scheduled
backup.
When the retention for a backup expires, then the backup is automatically marked for
deletion. The deletion occurs in batches during times of low system activity.
If required, you can manually change the retention setting for an individual backup that
has already occurred. If you change a configured retention policy, however, the
change applies only to backups that occur after the change. The retention setting
remains the same for backups that have already been performed. Therefore, it is
important to consider and implement the best retention policy for a site before too
many backups occur.
There are two types of retention settings:
l Basic retention settings specify a fixed expiration date.
l Advanced retention settings specify the number of daily, weekly, monthly, and
yearly backups to keep.
Basic retention settings
Basic retention settings are used to assign a fixed expiration date to a backup using
one the settings in the following table.
Retention Description
setting
Retention period Enables you to define a fixed retention period in days, weeks, months, or
years after the backup is performed. For example, you could specify that
backups expire after 6 months.
End date Enables you to assign a calendar date as the expiration date. For example,
you could specify that backups expire on December 31, 2013.
No end date Enables you to keep backups indefinitely. This setting is useful for ensuring
that all backups that are assigned this retention policy are retained for the
life of the system.
NOTICE
For backups of 32-bit Windows or 32-bit Linux client computers, do not assign a
retention period for a date after February 7, 2106. If you assign an extended retention
period to a 32-bit Windows client, the backup completes with exceptions. For 32-bit
Linux clients, the backups complete but do not appear in Avamar Administrator.
NOTICE
Always use daily scheduled backups with retention policies with advanced retention
settings. The Always keep: n weeks of daily backups setting has no effect unless
there are daily backups in the system. Depending on the schedule you use, daily
backups may not be in the system. For example, if you assign a schedule to a group
that only performs weekly backups, then there are no daily backups in the system.
Note
You cannot edit or delete the settings for the Avamar server preconfigured installed
retention policies. Modification of a user-defined retention policy impacts the existing
backup policies that use the selected retention policy. If you edit the settings in a
user-defined retention policy, the changes are enforced on all members of the backup
policy, unless you override the backup policy settings and assign another retention
policy at the client level.
Default Retention Defines backup retention settings for the Default Group. By default,
the Default Retention policy assigns a retention period of 60 days and
retains 60 days of daily backups.
End User On Demand Controls the retention settings for on-demand backups that the client
Retention begins with, such as using the Back Up Now command on the
Avamar Windows client. Advanced retention settings are disabled on
this retention policy because advanced retention settings never apply
to on-demand backups. The End User On Demand Retention policy is a
global system object that only controls retention for on-demand
backups that the client begins with. Therefore, you cannot assign the
End User On Demand Retention policy to a backup policy.
Monthly Retention Sets the expiration date to 1 month after the backup is performed.
Weekly Retention Sets the expiration date to 1 week after the backup is performed.
Note
Best practice is to specify a retention that is greater than or equal to 14 days. When
you create a retention policy for less than 14 days, an alert is displayed.
Procedure
1. In the AUI navigation pane on the left, click , and then click Settings.
2. Click the Retention tab.
3. Click ADD.
The Add Retention Policy dialog box is displayed.
4. In the Retention Name field, type a name for the retention policy.
Do not use any of the following characters in the retention policy name: ~!@$^
%(){}[]|,`;#\/:*?<>'"&.
5. To delete backups automatically after a specific number of days, weeks,
months, or years:
a. Select Retention period.
b. Specify the number of days, weeks, months, or years.
Note
You cannot edit or delete the settings for the Avamar server preconfigured installed
retention policies. Modification of a user-defined retention policy impacts the existing
backup policies that use the selected retention policy. If you edit the settings in a
user-defined retention policy, the changes are enforced on all members of the backup
policy, unless you override the backup policy settings and assign another retention
policy at the client level.
Procedure
1. In the AUI navigation pane on the left, click , and then click Settings.
2. Click the Retention tab.
3. Select a retention policy and then click EDIT.
The Edit Retention Policy dialog box appears.
4. Edit the retention policy settings.
5. Click SAVE.
Note
You cannot edit or delete the settings for the Avamar server preconfigured installed
retention policies. Modification of a user-defined retention policy impacts the existing
backup policies that use the selected retention policy. If you edit the settings in a
user-defined retention policy, the changes are enforced on all members of the backup
policy, unless you override the backup policy settings and assign another retention
policy at the client level.
Procedure
1. In the AUI navigation pane on the left, click , and then click Settings.
2. Click the Retention tab.
3. Select the retention policy, and then click DELETE.
4. On the confirmation message dialog box, click YES.
Group Description
Default Group The Avamar system includes a Default Group. In the default
Avamar server configuration, the Default Group always uses the
system default dataset, schedule, and retention policy. You cannot
change these system default assignments. However, you can edit
the settings within the system default dataset, schedule, and
retention policy.
If you do not create any other groups, then new clients are
automatically added to the Default Group.
Default Proxy Group The Default Proxy Group is the default group for VMware Image
Proxy clients. You cannot delete the Default Proxy Group. Enabling
the Default Proxy Group does not conflict with scheduled backups
that other plug-ins perform that are configured on the proxy client.
Default Virtual Machine New virtual machine clients are automatically added to the Default
Group Virtual Machine Group when they are registered. You cannot
manually delete the Default Virtual Machine Group, but it is
automatically deleted when you delete the vCenter domain.
4. To add a dataset to a backup policy and complete the wizard, click NEXT.
The Dataset pane appears.
Note
When the Avamar server is using Data Domain for back-end storage, the Data Domain
system is the default backup storage location. The system can be changed in the
Options tab.
Procedure
1. In the Dataset field, select a dataset from the drop-down list.
6. Click the Source Data tab, and then define the source data plug-ins that
contribute data to this dataset.
l To include data from all plug-ins on the client, select Select All Data for All
Local File Systems.
l To include data only from a specific plug-in and limit the dataset to specific
data:
a. From the Plugins list, select the plug-in to use for the backups.
Additional options might be displayed below the Select Plug-In Type list.
b. To back up all available data with the plug-in:
n Select the option.
n Select Select Files and/or Folders and then type the path to the
data.
c. To type the path to the data to back up, type the path in the File/Folder
Path field and then click Add.
You can limit scheduled backups to a set of data by specifying the path
to the data in the dataset. The following rules apply when you type the
path:
n If you are using a file system plug-in, the first occurrence of an
asterisk (*) in a path is treated as a folder wildcard. For example, to
specify the My Documents folder for all users on a Windows
computer, type C:\Documents and Settings\*\My Documents.
n To specify the Documents folder for all users on a Macintosh, type /
Users/*/Documents.
n When you specify a data path, only the first occurrence of an asterisk
is treated as a folder wildcard. Subsequent occurrences are
interpreted literally.
n The path can include alphanumeric characters (A-Z, a-z, 0–9) and an
asterisk (*) as a wildcard. Do not use any of the following characters
in the data path: ~!@$^%(){}[]|,`;#:*?<>'"&.
7. To add a schedule to a backup policy and complete the wizard, click NEXT.
Schedu Settings
le type
Daily To select the recurrence pattern by interval, perform the following steps:
a. Select By interval.
b. In the From field, select the time when the schedule should take
effect. To make a schedule effective immediately, select the current
time.
c. In the To field, select the time when the schedule should end.
Schedu Settings
le type
Note
Weekly a. Select the check box next to the days of the week on which the
schedule should run.
b. In the Select schedule start time field, define the activity
operating hours by using the At and From fields. You can modify the
date.
You can type the times, or select the time and use the arrow buttons
to change the times.
The server workload affects the start time for an activity. Also, the
first time that a backup is performed for any client, the backup is
allowed to continue past the specified end time. This behavior is
permitted because initial backups can take longer than subsequent
backups of the same client.
c. In the Select schedule stop time field, select an end date option
for the schedule.
Choose when to discontinue the schedule:
l To enable a schedule to run indefinitely, select No End Date.
l To discontinue a schedule on a specific date, select End after
and then select a date from the list.
d. Click NEXT. The Retention window is displayed
Schedu Settings
le type
The server workload affects the start time for an activity. Also, the
first time that a backup is performed for any client, the backup is
allowed to continue past the specified end time. This behavior is
permitted because initial backups can take longer than subsequent
backups of the same client.
c. In the Select schedule stop time field, select an end date option
for the schedule.
Choose when to discontinue the schedule:
l To enable a schedule to run indefinitely, select No End Date.
l To discontinue a schedule on a specific date, select End after
and then select a date from the list.
d. Click NEXT. The Retention window is displayed
Note
Best practice is to specify a retention that is greater than or equal to 14 days. When
you create a retention policy for less than 14 days, an alert is displayed.
Procedure
1. To select an existing schedule, select a schedule type from the Retention drop-
down list, and then click NEXT.
The Summary window is displayed
2. To edit retention policy:
a. In the Retention field, select a retention policy that you would like to edit
from the drop-down list.
b. Toggle the Edit Retention switch to ON.
c. Edit the retention settings, and then click NEXT.
The Retention window is displayed
3. To add a retention:
a. In the Retention field, select New from the drop-down list.
b. In the Retention Name field, type a name for the schedule.
Do not use any of the following characters in the name: ~!@$^%(){}
[]|,`;#\/:*?<>'"&.
5. To copy the entire client list to this new backup policy, select the Include
Client Members check box.
6. Click OK.
3. Select a backup policy from the list, and then click START BACKUP.
The instance receives protection that is based on the schedule and retention
period that are specified in the backup policy.
Monitoring backups
You can monitor and view status information for backup and restore operations by
using the Activity Monitor.
To access the Activity Monitor, open the navigation pane, and then click Activity.
The Activity Monitor appears with a list of all activities.
Note
The AUI Activity Monitor window has been optimized for at least 1366 pixels-wide
screens. Display issues might occur for smaller screens. To properly display the AUI,
ensure that your display is at least 1366 pixels wide.
The Activity Monitor provides you with options to filter the information that appears:
l Filter activities by duration—By default, the Activity Monitor displays the most
recent 5,000 client activities. To select a different duration, in the Filter activities
by duration drop-down list, select Last 24 hours or Last 72 hours.
l Filter activities by domain—By default, the Activity Monitor displays all activities
regardless of domain. To display only the activities for a specific domain, in the
Filter activities by domain drop-down list, select a domain or subdomain.
l Filter activities by status—By default, the Activity Monitor displays all activities
regardless of status.
To display only activities with a specific status, at the top of the Activity Monitor,
select one of the following options:
n Canceled
n Completed
n Completed with Exceptions
n Failed
n Running
n Waiting
To filter activities by client, start time, plug-in, or type, click in their respective
column.
The Activity Monitor displays the date and time that an activity began, and the total
number of bytes examined during an activity.
Cancel backups
You can cancel a backup any time before it completes. The cancellation might take 5
minutes or longer. The backup might complete before the cancellation finishes.
Procedure
1. In the AUI navigation pane on the left, click , and then click Activity.
The Activity Monitor appears with a list of activities.
2. Select the backup from the list.
3. Click CANCEL.
A confirmation dialog box is displayed.
4. Click YES.
NOTICE
Procedure
1. In the AUI navigation pane on the left, click , and then click Asset
Management.
The Asset Management window appears.
9. Click OK.
A confirmation message is displayed.
2. Find the backup. Finding a completed backup to manage on page 144 provides
instructions.
3. In the Backup History list, select the backup to validate.
4. Select Actions > Validate Backup.
The Select Client to Perform Validation dialog box appears.
5. Select the client on which to validate the backup:
l To validate the backup on the same client from which the backup was
originally performed, select Validate using the backup client.
l To validate the backup on a different client, select Validate using a
different client, and then click Browse to browse to the client.
6. From the Validation Plug-in Type list, select the plug-in on which to validate
the backup. Only the plug-ins that are installed on the selected client appear in
the list.
7. From the Avamar encryption method list, select the encryption method to use
for client/server data transfer during the validation.
Note
The default encryption setting for backup validations is high, regardless of the
encryption setting that is used for the original backup.
8. Click OK.
A confirmation message appears.
9. Click OK.
After you finish
Backup validations appear as activities in the Activity window. You can monitor and
cancel the backup validation activity the same way that you monitor or cancel a
backup. Monitoring backups on page 143 and Cancel backups on page 63 provide
instructions.
Status Description
Running Indicates the running backup activities.
Scheduled Indicates the schedules backup activities that are queued to start.
Complete Indicates the number of hosts that backed up successfully during the last job,
which is updated after each backup job. The job must run again to reflect
changes to a job between backups. For example, if a job reports that 10 hosts
were successfully backed up, the system edits the job so only one host remains.
Status Description
This number continues to be 10 until the job runs again. If successful, the number
changes to one.
Failed Indicates the number of hosts that did not back up successfully the last time the
backup job ran, updated after each backup job. The job must run again to reflect
changes to a job between backups. For example, if a job reports that 10 hosts
failed to back up, the system edits the job so only one host remains. This number
continues to be 10 until the job runs again. If the job fails, the number changes to
one.
Tab Information
Details Detailed information from the
v_activities_2 database view. The
Avamar Reports Guide provides more
information about the v_activities_2
database view.
Deleting a backup
When deleting a backup, Avamar immediately and permanently deletes all data in that
backup from the server.
Procedure
1. In the AUI navigation pane on the left, click , and then click Asset
Management.
The Asset Management window is displayed.
2. In the domain tree, select the domain for the client.
3. From the list of clients, select the client with the backups to manage.
4. In the Client Summary pane on the right, click VIEW MORE.
5. Click the Backup tab.
A list of completed backups for this client is displayed. Any backup in this list
can be used to restore the client.
6. Select the backup that you would like to delete, and then click DELETE.
A confirmation message is displayed.
7. Click YES.
NOTICE
The options for the restore destination depend on the plug-in type. For example, the
SQL Server plug-in enables you to restore to a file instead of to SQL Server, and you
cannot restore to multiple locations with the Oracle plug-in. The user guide for each
plug-in provides details on the available options and how to perform each available
type of restore.
Finding a backup
The first step to restore data is to find the backup with the data that you want to
restore. You can find Avamar client backups by searching either for a specific date or
for specific content.
Locate backups by date when one or more of the following situations apply:
l You have saved all data for the client in a single backup set.
l The exact pathname or name of the data to restore is unknown.
l The backup that you want to restore is before a specific date or event. For
example, you know the approximate date when data was lost or corrupted. in
which you can search for a backup before that date.
l The specific types of backups are known. For example, scheduled disaster
recovery backups are running every Wednesday and Saturday night and full
volume backups daily. When rebuilding a server, select the disaster recovery
backup with the date closest to the event that caused the loss of data.
Locate backups by the content of the backup when one or more of the following
situations apply:
l You have backed up data on the client in separate backup sets.
l You want to view multiple versions of the same file so that you can decide the
version to restore.
l The date of the backup or the content of a backup is unknown, but you know the
name of the data to restore.
NOTICE
A list of Avamar clients is displayed in the pane below the domains list.
3. From the list of clients, select the client computer to recover.
4. (Optional) To locate backups by date:
a. In the right pane, click VIEW MORE.
b. Click SEARCH.
c. In the From and To fields, specify the date range.
d. Click RETRIEVE.
e. In the list of backups, select a backup.
The list of backups for the date range is displayed.
5. Click the Restore tab.
The Restore wizard is displayed and the Destination Client pane is displayed
on the right.
6. In the Destination Client pane, perform the following steps:
b. In the right pane, select the databases that you want to restore.
c. Click NEXT.
The Destination Location pane is displayed.
8. In the Destination Location pane, perform the following steps:
a. Select Restore everything to its original location.
b. Click Next.
The More Options pane is displayed.
9. (Optional) In the More Option pane, toggle the Show Advanced Options
switch to view advanced configuration options.
The user guide for each plug-in provides details on each of the options.
10. Click NEXT.
The Summary page is displayed.
11. Review the provided information, and then click FINISH.
A list of Avamar clients is displayed in the pane below the domains list.
3. From the list of clients, select the client computer to recover.
4. (Optional) To locate backups by date:
a. In the right pane, click VIEW MORE.
b. Click SEARCH.
c. In the From and To fields, specify the date range.
d. Click RETRIEVE.
e. In the list of backups, select a backup.
The list of backups for the date range is displayed.
5. Click the Restore tab.
The Restore wizard is displayed and the Destination Client pane is displayed
on the right.
6. In the Destination Client pane, perform the following steps:
a. Select Restore everything to a different client.
b. In the domain tree, select the domain for the client.
c. In the list of clients, select the destination client.
The client is displayed in the Destination Client field.
d. Click NEXT.
The Backup Content pane is displayed.
7. In the Backup Content pane, perform the following steps:
a. In the left pane, select the folder from the tree.
The Backup Content pane displays a list of databases within the backup.
b. In the right pane, select the databases that you want to restore.
c. Click NEXT.
The Destination Location pane is displayed.
8. In the Destination Location pane, perform the following steps:
a. Select Restore everything to a different location.
b. In the Restore Location field, type the file path of the target location where
you want to restore the data.
For example: E:/dbrestore_dir/
c. Click NEXT.
The More Options pane is displayed.
9. (Optional) In the More Option pane, toggle the Show Advanced Options
switch to view advanced configuration options.
The user guide for each plug-in provides details on each of the options.
10. Click NEXT.
The Summary page is displayed.
11. Review the provided information, and then click FINISH.
Monitor restores
You can monitor and view status information for backup and restore operations in the
Activity Monitor.
To access the Activity Monitor, open the navigation pane, and then click Activity.
The Activity Monitor appears with a list of all activities.
Note
The AUI Activity Monitor window has been optimized for at least 1366 pixels-wide
screens. Display issues might occur for smaller screens. To properly display the AUI,
ensure that your display is at least 1366 pixels wide.
The Activity Monitor provides you with options to filter the information that appears:
l Filter activities by duration—By default, the Activity Monitor displays the most
recent 5,000 client activities. To select a different duration, in the Filter activities
by duration drop-down list, select Last 24 hours or Last 72 hours.
l Filter activities by domain—By default, the Activity Monitor displays all activities
regardless of domain. To display only the activities for a specific domain, in the
Filter activities by domain drop-down list, select a domain or subdomain.
l Filter activities by status—By default, the Activity Monitor displays all activities
regardless of status.
To display only activities with a specific status, at the top of the Activity Monitor,
select one of the following options:
n Canceled
n Completed
n Completed with Exceptions
n Failed
n Running
n Waiting
To filter activities by client, start time, plug-in, or type, click in their respective
column.
The Activity Monitor displays the date and time that an activity began, and the total
number of bytes examined during an activity.
Cancel restores
You can cancel a restore any time before it completes. The cancellation might take 5
minutes or longer. The restore might complete before the cancellation finishes.
Procedure
1. In the AUI navigation pane on the left, click , and then click Activity.
The Activity Monitor appears with a list of activities.
2. Select the restore from the list.
3. Click CANCEL.
A confirmation dialog box is displayed.
4. Click YES.
a. In the AUI navigation pane on the left, click , and then click Asset
Management.
The Asset Management window appears.
For example:
mount_decision: reason="starting_point" fstype="ext3"
path="/"
mount_decision: reason="default_backup" fstype="ext3"
path="/boot"
mount_decision: reason="default_backup" fstype="ext3"
path="/home"
These entries are for the mount points on the original system. Earlier in the
output, there are entries for each of these mount points. For example:
mount: status="user_directed_backup" path="/" hdev="/dev/
root" kind="ext3" blksize=4096 freeblks=1189334
maxblks=2405872 freefiles=2259654 maxfiles=2432000
dev=2050
mount: status="default_backup" path="/boot" hdev="/dev/
sda1" kind="ext3" blksize=1024 freeblks=183371
maxblks=194442 freefiles=50167 maxfiles=50200 dev=2049
mount: status="default_backup" path="/home" hdev="/dev/
sdb1" kind="ext3" blksize=4096 freeblks=1027161
maxblks=5158925 freefiles=2530548 maxfiles=2621440
dev=2065
These entries contain mount point size and path information.
5. Calculate the original file system size or each mount point in bytes by
multiplying the blksize value by the maxblks value.
NOTICE
Multiplying the blksize value by the maxblks value calculates the free space
that is used on the original device. However, you should create the root
partition with an additional 2 GB to 3 GB of free space to ensure sufficient
space for the minimal install that is used for the restore process.
6. Note which paths are mounted from separate file systems. This information is
required later in the restore process.
l Use the information that you gathered during Reconstructing the partition
table on page 157 to create as many partitions as necessary to replicate the
original configuration.
3. (Optional) Save a copy of the /etc/fstab file so that you can compare it to
the restored /etc/fstab file.
4. Install the Avamar Client for Linux. The Avamar Backup Clients User Guide
provides instructions.
a. Log in as root.
b. chroot /mnt/sysimage
c. Modify the /etc/hosts, /etc/resolv.conf, and /etc/sysconfig/
network as appropriate for the network configuration.
d. Restart the network service so that the changes take effect:
service network restart
Note
You cannot restore the root file system directly to /mnt/sysimage because
there is no method to restrict the restore operation to only the local partition
without traversing network mount points. Therefore, a restore directly
to /mnt/sysimage might copy files from all the partitions, and /mnt/
sysimage could fill up before all required files were restored.
5. Ensure that the following directories are all present in the LD_LIBRARY_PATH
system variable:
l /lib
l /lib64
l /usr/lib
l /usr/lib64
l /mnt/sysimage/lib
l /mnt/sysimage/lib64
l /mnt/sysimage/usr/local/avamar/lib
If any directories are missing from LD_LIBRARY_PATH, add them.
6. Create a temporary /tmp/avtar.cmd flag file with a UNIX text editor. For
example:
cd /tmp
vi avtar.cmd
--bindir=/mnt/sysimage/usr/local/avamar/bin
--vardir=/mnt/sysimage/usr/local/avamar/var
--sysdir=/mnt/sysimage/usr/local/avamar/etc
--server=Avamar_server
--account=/domain/client
--id=username
--ap=password
--target=.
where:
l Avamar_server is the Avamar server IP address or fully qualified hostname
as defined in DNS.
l /domain/client is the full location of the original Linux client on the Avamar
server.
l username and password are the login credentials for a user account with
sufficient role and privileges to perform the restore.
7. Restore most of the directories that originally existed under root (/):
NOTICE
Do not restore files that are on file systems other than the root file system at
this time. These directories and files are restored later in this procedure.
mkdir /mnt/sysimage/restore
cd /mnt/sysimage/restore
b. Restore the contents of the root file system from the backup by typing the
following command on a single command line:
/mnt/sysimage/usr/local/avamar/bin/avtar.bin -x --
flagfile=/tmp/avtar.cmd --labelnumber=n [--exclude=./boot --
exclude=./home] /
where n is the label number of the backup to use for the system state
recovery.
Use --exclude=path options to exclude paths that were identified as
separate mount points. These directories and files are separately restored
later in this procedure.
The first two --exclude options in the previous command are included as
an example. Replace the values with options appropriate to the system that
you are restoring. Specify exclude options relative to the root of the original
backup. For example, --exclude=./boot instead of --exclude=/boot.
c. For each directory that was restored, delete the original directory
from /mnt/sysimage, and move the restored directory from the /mnt/
sysimage/restore directory to /mnt/sysimage by typing commands
similar to the following examples:
rm -rf /mnt/sysimage/etc
mv /mnt/sysimage/restore/etc /mnt/sysimage/etc
d. Repeat the previous step for each directory that successfully restored
to /mnt/sysimage/restore.
8. Restore individual files in the root (/) directory:
a. Change directory to /mnt/sysimage/restore by typing the following
command:
cd /mnt/sysimage/restore
b. Restore the individual files in the root (/) directory by typing the following
commands:
mv ./* /mnt/sysimage
mv ./.* /mnt/sysimage
mkdir ./restore
cd ./restore
e. Restore the contents of the mount point by typing the following command:
/mnt/sysimage/usr/local/avamar/bin/avtar.bin -x --
flagfile=/tmp/avtar.cmd --labelnumber=n /home
where n is the label number of the backup to use for the restore, and /home
is an example mount point.
f. Return to the mount point directory, and delete all files except for the
restore directory by typing commands similar to the following examples:
alias ls=/usr/bin/ls
cd /mnt/sysimage/home; rm -rf `ls --hide restore`
rm -rf ./.*
g. Change directory to the restore directory, then move the contents into
the correct place in the mount point by typing the following command:
cd ./restore;mv `ls -A ./` ..
cd ..
rmdir restore
Note
If you saved a reference copy of the fstab file when you were preparing the
target client for recovery, then you can find the disk information in that file.
For systems with few manual changes to the restored fstab file, it might be
possible to use the reference fstab file instead of the restored copy of the
file.
e. If the command fails because the directory is not empty, then there might be
directories that you failed to move in when you restored most of the
directories in root (/). Move the directories to the proper restore locations.
11. Exit the command shell and restart the system by typing exit.
If you are rebooting a Red Hat or CentOS 6 system, a menu appears.
12. Select reboot, then OK and press Enter.
The system restarts.
13. Eject the install media and start normally.
14. Confirm correct client operation.
chroot /mnt/sysimage
grub-install device
a. In the AUI navigation pane on the left, click , and then click Asset
Management.
The Asset Management window appears.
These entries are for the mount points on the original system. Earlier in the
output, there are entries for each of these mount points. For example:
mount: status="user_directed_backup" path="/" hdev="/dev/
root" kind="ext3" blksize=4096 freeblks=1189334
maxblks=2405872 freefiles=2259654 maxfiles=2432000
dev=2050
mount: status="default_backup" path="/boot" hdev="/dev/
sda1" kind="ext3" blksize=1024 freeblks=183371
maxblks=194442 freefiles=50167 maxfiles=50200 dev=2049
mount: status="default_backup" path="/home" hdev="/dev/
sdb1" kind="ext3" blksize=4096 freeblks=1027161
maxblks=5158925 freefiles=2530548 maxfiles=2621440
dev=2065
These entries contain mount point size and path information.
5. Calculate the original file system size or each mount point in bytes by
multiplying the blksize value by the maxblks value.
NOTICE
Multiplying the blksize value by the maxblks value calculates the free space
that is used on the original device. However, you should create the root
partition with an additional 2 GB to 3 GB of free space to ensure sufficient
space for the minimal install that is used for the restore process.
6. Note which paths are mounted from separate file systems. This information is
required later in the restore process.
3. (Optional) Save a copy of the /etc/fstab file so that you can compare it to
the restored /etc/fstab file.
4. Install the Avamar Client for Linux. The Avamar Backup Clients User Guide
provides instructions.
4. Rebind the pseudo-file systems into the /mnt tree by typing the following
commands:
5. Change the current file system root by typing the following command:
chroot /mnt
7. Mount the auto-mount file systems and verify that the correct file systems
were mounted by typing the following command:
mount -a;df -h
8. If any file systems are missing (for example, if /boot is not set to auto-mount),
then manually mount them to the correct locations by using additional mount
commands.
9. Exit the chroot environment by typing exit.
10. Copy the network name resolution file from the chroot environment into the
working restore environment by typing the following command:
cp /mnt/etc/resolv.conf /etc/resolv.conf
11. Ensure that the following directories are all present in the LD_LIBRARY_PATH
system variable:
l /lib
l /lib64
l /usr/lib
l /usr/lib64
l /mnt/lib
l /mnt/lib64
l /mnt/usr/local/avamar/lib
If any directories are missing from LD_LIBRARY_PATH, add them.
12. Create a temporary /tmp/avtar.cmd flag file with a UNIX text editor. For
example:
cd /tmp
vi avtar.cmd
--bindir=/mnt/usr/local/avamar/bin
--vardir=/mnt/usr/local/avamar/var
--sysdir=/mnt/usr/local/avamar/etc
--server=Avamar_server
--account=/domain/client
--id=username
--ap=password
--target=.
where:
l Avamar_server is the Avamar server IP address or fully qualified hostname
as defined in DNS.
l /domain/client is the full location of the original Linux client on the Avamar
server.
l username and password are the login credentials for a user account with
sufficient role and privileges to perform the restore.
13. Restore most of the directories that originally existed under root (/):
NOTICE
Do not restore files that are on file systems other than the root file system at
this time. These directories and files are restored later in this procedure.
a. Create a temporary restore directory under the client /mnt directory and
change directory to it by typing commands similar to the following examples:
mkdir /mnt/restore
cd /mnt/restore
b. Restore the contents of the root file system from the backup by typing the
following command on a single command line:
/mnt/usr/local/avamar/bin/avtar.bin -x --flagfile=/tmp/
avtar.cmd --labelnumber=n [--exclude=./boot --exclude=./
home] /
where n is the label number of the backup to use for the system state
recovery.
Use --exclude=path options to exclude paths that were identified as
separate mount points. These directories and files are separately restored
later in this procedure.
The first two --exclude options in the previous command are included as
an example. Replace the values with options appropriate to the system that
you are restoring. Specify exclude options relative to the root of the original
backup. For example, --exclude=./boot instead of --exclude=/boot.
c. For each directory that was restored, delete the original directory from /
mnt, and move the restored directory from the /mnt/restore directory
to /mnt by typing commands similar to the following examples:
rm -rf /mnt/etc
mv /mnt/restore/etc /mnt/etc
d. Repeat the previous step for each directory that successfully restored
to /mnt/restore.
14. Restore individual files in the root (/) directory:
a. Change directory to /mnt/restore by typing cd /mnt/restore.
b. Restore the individual files in the root (/) directory by typing the following
commands:
mv ./* /mnt
mv ./.* /mnt
cd /mnt/home
mkdir ./restore
cd ./restore
e. Restore the contents of the mount point by typing the following command:
/mnt/usr/local/avamar/bin/avtar.bin -x --flagfile=/tmp/
avtar.cmd --labelnumber=n /home
where n is the label number of the backup to use for the restore, and /home
is an example mount point.
f. Return to the mount point directory, and delete all files except for the
restore directory by typing commands similar to the following examples:
alias ls=/usr/bin/ls
cd /mnt/home; rm -rf `ls --hide restore`
rm -rf ./.*
g. Change directory to the restore directory, then move the contents into
the correct place in the mount point by typing the following command:
cd ./restore;mv `ls -A ./` ..
cd ..
rmdir restore
Note
If you saved a reference copy of the fstab file when you were preparing the
target client for recovery, then you can find the disk information in that file.
For systems with few manual changes to the restored fstab file, it might be
possible to use the reference fstab file instead of the restored copy of the
file.
e. If the command fails because the directory is not empty, then there might be
directories that you failed to move in when you restored most of the
directories in root (/). Move the directories to the proper restore locations.
17. Restart the system by typing reboot.
18. Eject the install media and start normally.
19. Confirm correct client operation.
d. Rebind the pseudo-file systems into the /mnt tree by typing the following
commands:
e. Change the current file system root by typing the following command:
chroot /mnt
g. Mount the auto-mount file systems and verify that the correct file systems
were mounted by typing the following command:
mount -a;df -h
h. If any file systems are missing (for example, if /boot is not set to auto-
mount), then manually mount them to the correct locations by using
additional mount commands.
2. Reinstall GRUB by typing the following commands:
chroot /mnt
grub-install device
Table 44 Target locations for system recovery backups of an Oracle Solaris client
Target Description
mntfs /etc/svc/volatile
tmpfs /etc/mnttab
To ensure that these targets are included in a backup, use one of the following backup
methods:
l In Avamar Administrator, explicitly add these targets in an on-demand backup or
dataset by specifying
mntfs,tmpfs,cachefs,fdfs,fifofs,namefs,specfs,swapfs,tfs in the Force
traversal of the specified file system type(s) box in the plug-in options.
l Specify --
forcefs=”mntfs,tmpfs,cachefs,fdfs,fifofs,namefs,specfs,swapfs,tfs”
on the avtar command line.
Available /var and /opt file systems
The original file system tables must have partitions for /opt and /var. The partitions
for /opt and /var are mounted when you start Solaris in read-only mode.
If the partitions do not mount, then you must create new, temporary file systems
for /opt and /var when you install a minimal version of Solaris on the client.
Other file systems
If you are using zfs or any other add-on file system, ensure that these file systems
are correctly re-created and mounted before beginning system recovery.
Installation of a minimal version of Solaris
Create a file system layout that matches the original system as closely as possible.
Ensure that there are separate file systems for /opt and /var.
6. Mount the /opt partition under /opt by typing the following command:
mount /dev/dsk/c1t0d0s5 /opt
Use the correct site-specific disk partition and mount parameters for the /opt
volume.
7. Mount the /var partition under /var by typing the following command:
mount /dev/dsk/c1t0d0s4 /var
Use the correct site-specific disk partition and mount parameters for the /var
volume.
8. Mount any additional file systems in their respective mount points under /a.
Create the mount point if does not exist. For example, to mount file system /
data01 on c1t0d0s7, type the following command:
mount /dev/dsk/c1t0d0s7 on /a/data01
9. Install the proper version of the Avamar Client for Solaris software by using the
instructions in the Avamar Backup Clients User Guide.
NOTICE
The installation program displays a warning about root (/) having 0 free bytes,
as well as errors related to read-only file systems when trying to create /etc/
init.d/avagent and various links in /usr/bin and /etc/rc.d/rcX.d.
However, despite these warnings, all the binaries are correctly installed
in /opt/AVMRclnt/bin.
cd /a/etc
/opt/AVMRclnt/bin/avtar -x --server=Avamar_server --id=username
--password=password --account=/domain/client --target=. /etc --
labelnumber=n --overwrite=always
where:
l Avamar_server is the hostname or IP address of the Avamar server.
l username and password are the Avamar login credentials for a user with a
role that allows access to the backups for this client.
l /domain/client is the Avamar domain and Solaris client to restore.
l n is the label number of the backup to restore. If you do not specify a label
number, then the most recent backup is used for the restore.
NOTICE
You cannot restore the root file system directly to /a, because there is no way
to restrict the restore operation to only the local partition without traversing
network mount points. A restore directly to /a might copy files from all
partitions, causing /a to fill up before all required files are restored.
11. Inspect /a/etc/vfstab to verify the original mount points for the local file
system.
12. In Avamar Administrator, click the Backup & Restore launcher link.
The Backup, Restore and Manage window is displayed.
13. Click the Restore tab.
14. In the clients tree, select the original Solaris client.
15. Find and select the backup for the restore.
16. Examine the directories and files that originally existed under root (/).
17. For each directory that originally existed under root (/), perform the following
steps:
a. If the directory does not exist, then manually create an empty directory with
the same name under /a.
b. Change directory to that directory.
c. From the command line, restore the contents of the directory from the
backup.
For example, consider the following commands to restore /usr:
If /opt and /var were originally on the root partition, then you can restore
to /a/opt and /a/var. If /opt and /var were separate file systems, then
restore to new, temporary locations, such as /a/newopt and /a/newvar.
After completing all restores, move the contents of /a/newopt to /opt
and /a/newvar to /var.
18. To restore the individual files that originally existed under root, run the restore
command with the --norecursionoption to restore files without descending
into subdirectories:
/opt/AVMRclnt/bin/avtar -x --server=Avamar_server --id=username
--password=password --account=/domain/client --labelnumber=n --
norecursion --overwrite=always --target=. /
ssh-agent bash
ssh-add ~admin/.ssh/admin_key
2. Type dpnctl stop.
A confirmation message prompts whether to shut down the local instance of
EM Tomcat.
3. Type y to shut down the local EM Tomcat instance, and then press Enter.
The output displays the status of the shutdown process until the shut down is
complete.
ssh-agent bash
ssh-add ~admin/.ssh/admin_key
2. Type dpnctl start.
The output displays a confirmation message.
3. Type y to begin with restarting the software, and then press Enter.
The output displays the status of the restart process until the restart is
complete.
ssh-agent bash
ssh-add ~admin/.ssh/admin_key
2. Type dpnctl stop mcs.
ssh-agent bash
ssh-add ~admin/.ssh/admin_key
2. Type dpnctl start mcs.
3. Resume scheduled operations by typing dpnctl start sched.
ssh-agent bash
ssh-add ~admin/.ssh/admin_key
2. Type dpnctl status mcs.
ssh-agent bash
ssh-add ~admin/.ssh/admin_key
2. Type dpnctl status emt.
Note
For the Avamar Data Store, this process powers off or restarts all nodes.
Prerequisites
Before powering off or restarting the Avamar server, complete the following
prerequisites:
l Stop all backup, restore, and data movement operations.
The shutdown process terminates any active operations before proceeding.
l Complete all active Avamar Installation Manager package operations.
l Ensure that a validated checkpoint was taken during the last 36 hours.
l Ensure that the MCS was flushed during the last 12 hours.
l Complete or stop any garbage collection and HFS check operations.
The shutdown process terminates any active operations before proceeding.
l Verify that sufficient free space exists.
Server utilization must be less than 85% of total capacity and 62% of available
Avamar subsystem storage capacity.
Note
Powering up the utility node before the storage nodes may cause delays in the start-
up process.
Results
The following logs provide more information and progress updates:
l /usr/local/avamar/var/log/avosshutdown.log
l /usr/local/avamar/var/log/dpnctl.log
Property Description
User
User Avamar user ID (account name).
Session
Type This activity is either avtarbackup or
avtarrestore.
Root Top level of the file system being backed up,
restored, or validated.
Start time Date and time that this client session started.
Property Description
New bytes Percentage of new bytes backed up to either
the Avamar server or a Data Domain system.
Low numbers indicate high levels of data
deduplication.
System
Name Client hostname.
7. Click Close.
Resetting a client
Resetting a client immediately and forcibly terminates active client avtar session on
that client. In most cases, you should try to cancel the client session before resetting
it.
Procedure
1. In Avamar Administrator, click the Policy launcher link.
The Policy window is displayed.
2. Click the Policy Management tab.
3. Click the Clients tab.
4. Select the client to reset.
5. From the Actions menu, select Client > Reset Client.
Backup window
The backup window is that portion of each day that is reserved to perform normal
scheduled backups. No maintenance activities are performed during the backup
window.
The default backup window begins at 8 p.m. local server time and continues
uninterrupted for 12 hours until 8 a.m. the following morning. You can customize the
backup window start time and duration.
Maintenance window
The maintenance window is that portion of each day that is reserved to perform the
routine server maintenance activities in the following table.
Activity Description
Checkpoint A snapshot of the Avamar server that is taken
for the express purpose of server rollbacks.
Although you can perform backups and restores during the maintenance window,
doing so impacts the backup, restore, and maintenance activities. For this reason,
minimize any backup, restore, or administrative activities during the maintenance
window. There might be brief periods of time when backup or administrative activities
are not allowed.
The default maintenance window begins at 8 a.m. local server time and continues
uninterrupted for 12 hours until 8 p.m. Although you cannot directly customize the
maintenance window, its start time and duration are derived from backup window
settings.
Checkpoints
Checkpoints are system-wide backups that are taken for assisting with disaster
recovery.
A checkpoint occurs automatically during the maintenance window. You can also
manually start checkpoints at any time.
You can delete checkpoints to reclaim server storage capacity.
The Checkpoint Management tab on the Server window in Avamar Administrator
displays the status of individual checkpoints. The following table provides the possible
states for a checkpoint.
State Description
The checkpoint failed validation or was
canceled before it could complete.
Creating a checkpoint
A checkpoint occurs automatically during the maintenance window. You can also
manually begin checkpoints at any time.
Procedure
1. In Avamar Administrator, click the Server launcher link.
The Server window is displayed.
2. Click the Checkpoint Management tab.
3. Select Actions > Create Checkpoint.
A progress dialog box displays the status of the operation.
4. When the checkpoint completes, click Close.
Deleting a checkpoint
You can delete checkpoints to reclaim additional server storage capacity. Generally, it
is best to delete unvalidated checkpoints before you delete validated checkpoints.
Procedure
1. In Avamar Administrator, click the Server launcher link.
The Server window is displayed.
Note
If you need a validated checkpoint before the next maintenance window completes,
contact Avamar Support for assistance.
Procedure
1. Open a command shell and log in by using one of the following methods:
l For a single-node server, log in to the server as admin.
l For a multi-node server:
a. Log in to the utility node as admin.
b. Load the admin OpenSSH key by typing the following command:
ssh-agent bash
ssh-add ~admin/.ssh/admin_key
2. Shut down the server by typing dpnctl stop.
3. Display a list of checkpoints by typing cplist.
The checkpoint list appears similar to the following example:
cp.20140106170113 Fri Jan 6 17:01:13 2014 valid hfs del
nodes 4 stripes 396
cp.20140107170042 Sat Jan 7 17:00:42 2014 valid hfs del
nodes 4 stripes 396
cp.20140108170040 Sun Jan 8 17:00:40 2014 valid hfs ...
nodes 4 stripes 396
cp.20140109170043 Mon Jan 9 17:00:43 2014 valid hfs ...
nodes 4 stripes 396
where:
l cp.yyyymmddhhmmss is the checkpoint ID.
l valid hfs indicates a validated checkpoint.
l valid par indicates a partially validated checkpoint.
4. Note the checkpoint ID of the checkpoint that you plan to use for the
checkpoint.
Generally, roll the system back to the most recent fully validated checkpoint
unless you have a good reason to roll back to an earlier checkpoint.
5. Start the roll back by typing the following command:
rollback.dpn --cptag=checkpoint_id >& file
where checkpoint_id is the checkpoint ID and file is a temporary file.
6. Wait for the roll back to complete. The roll back might take an hour, depending
on the amount of data present in the Avamar server.
When the roll back is complete, the command prompt returns.
7. Open the user-defined temporary file that was created during the roll back, and
verify that the roll back successfully completed without errors.
The server automatically restarts after a successful roll back.
ssh-agent bash
ssh-add ~admin/.ssh/admin_key
3. Ensure that the Avamar server subsystem (also known as GSAN) is running by
typing dpnctl status gsan.
If GSAN is running, the output displays a status of up.
4. Use the correct command sequence to change file permissions on the Avamar
license key file and activate the license.
Managing services
The Services Administration tab on the Administration window in Avamar
Administrator enables you to start, stop, suspend, or resume individual services on the
Avamar server.
Procedure
1. In Avamar Administrator, click the Administration launcher link.
The Administration window is displayed.
2. Click the Services Administration tab.
3. Manage the services:
l To start a service, right-click the service and select Start.
l To stop a service, right-click the service and select Stop.
l To suspend a service temporarily until you explicitly resume it, right-click the
service and select Suspend.
l To resume a service that you previously suspended, right-click the service
and select Resume.
Name Description
Hostname DNS name of the Avamar server.
Name Description
Load Average Average number of CPU threads over the past
minute.
Last Administrator Datastore Flush Date and time of the last MCS flush.
Web Restore Disk Space Available Number of hard drive bytes that MCS web
services can use to create the restore Zip file.
Data Domain SNMP Manager Status of the SNMP service for monitoring
configured Data Domain systems.
Note
The list of services on the Services Administration tab varies according to the
configuration of the Avamar system.
l Changing passwords for the internal Avamar server accounts: root, MCUser,
repluser, and viewuser
l Creating and changing SSH keys
Procedure
1. Suspend all scheduled operations:
a. In Avamar Administrator, select Tools > Manage Schedules.
b. On the Manage All Schedules window, click Suspend All.
2. Open a command shell:
a. Log in to the server as admin.
b. Switch user to root by typing the following command:
su -
c. For a multi-node server, load the rootid OpenSSH key by typing the
following command:
ssh-agent bash
ssh-add /root/.ssh/rootid
12. Type y to accept the changes or type n to exit this utility session without
changes, and then press Enter.
The output provides the status of the operation.
13. When the operation completes, resume scheduled operations:
a. In Avamar Administrator, select Tools > Manage Schedules.
b. On the Manage All Schedules window, click Resume All.
Client install_directory/var/mc/
gui_data/prefs, where install_directory is
typically C:\Program Files\avs
\administrator on Microsoft Windows
computers and /usr/local/avamar on
Linux computers.
Initialization behavior
When either the server or client application is initialized, the respective default
preferences file in the \lib directory is loaded into memory and replicated to the live
file directory.
Note
Upgrade behavior
During server upgrades, any mcserver.xml entry that is marked with the
merge="delete" attribute in the new default mcserver.xml file is not merged into
the new live copy. These entries are obsolete. They are retained in the default
mcserver.xml file so that the MCS knows to delete the preferences on an upgraded
customer system.
You can manually add a merge="keep" attribute to any entry in the live /usr/
local/avamar/var/mc/server_data/prefs/mcserver.xml file. Settings
with merge="keep" attributes are retained in the new live copy after the upgrade.
File Description
flush.timestamp Before every flush, flush.timestamp is
created in the server_data directory. This
file includes the time and date of the flush. On
a server rollback, this file is restored and can
be used to verify that the rollback was
successful to the selected time and date. The
contents of flush.timestamp are also
accessible by using of the mcserver.sh --
status command.
Procedure
1. Open a command shell and log in by using one of the following methods:
l For a single-node server, log in to the server as admin.
l For a multi-node server:
a. Log in to the utility node as admin.
b. Load the admin OpenSSH key by typing the following command:
ssh-agent bash
ssh-add ~admin/.ssh/admin_key
2. To begin an on-demand MCS flush, type the following command:
mcserver.sh --flush
ssh-agent bash
ssh-add ~admin/.ssh/admin_key
2. Stop the MCS by typing dpnctl stop mcs.
3. Restore the MCS by typing one of the following commands:
l To restore to the most recent backup, type mcserver.sh --restore.
l To restore to a specific backup, type mcserver.sh --restore --
labelnum=n, where n is the label number of the backup.
4. Open /usr/local/avamar/var/mc/server_log/restore.log to verify
the success of the restore.
5. Start the MCS and the scheduler by typing the following command:
ssh-agent bash
ssh-add ~admin/.ssh/admin_key
2. Stop the MCS by typing dpnctl stop mcs.
3. Change the working directory by typing the following command:
cd /usr/local/avamar/var/mc/server_data/prefs
5. Copy the default server preferences file to the current directory by typing the
following command on a single command line:
cp /usr/local/avamar/lib/mcserver.xml /usr/local/avamar/var/mc/
server_data/prefs/mcserver.xml
6. Start the MCS and the scheduler by typing the following command:
The following instructions assume that each Avamar node has a unique address (from
the Avamar client perspective), and that you configure a router on the network to
apply transparent one-to-one network address translation. You can also use these
instructions to enable NAT for use in a single-node server configuration.
Procedure
1. Use either the dpnnetutil or nodedb program to add NAT addresses to
probe.xml.
Problem Solution
The Avamar server terminates with a FATAL Ensure that the probe.xml file:
ERROR message. l Exists in the /usr/local/avamar/
var/ directory.
l Is a valid XML file and adheres to the
node resource database format.
l Lists NAT IP addresses correctly.
Use the nodedb print --say command to
view the contents of probe.xml. The --say
option displays the path and name of the
current node resource database.
The server/client connection fails. Use network diagnostic tools such as ping,
traceroute, tracert, or iperf to verify
network connectivity.
Field Description
Field Description
3. Click OK.
Migrating backups
Avamar can now perform an automatic migration of GSAN, Data Domain, and hybrid
backup data from the source server to the destination server.
The Avamar server only supports automatic migration for the following backup types:
l Linux file system
l Windows file system
l NDMP
To automatically move backup data, trigger the migration job from the destination
server. After the migration job has started, the migration tool moves the backup data
from the source server to the destination server.
Note
Backups with a large number of small files might cause low migration performance.
For manual steps on how to perform system migrations of existing mixed Avamar and
Data Domain systems to Avamar and Data Domain systems, see the Avamar Mixed-
source (GSAN and Data Domain) Backups Migration Technical Note.
NOTICE
Enable the Email Home feature and the ConnectEMC feature, which automatically
email Avamar Support with the status of the daily data integrity check and other
important server messages.
Monitoring activities
Procedure
1. In Avamar Administrator, click the Activity launcher link.
The Activity window is displayed.
2. Click the Activity Monitor tab.
Activity Monitor details on page 204 provides details on the information
available in the Activity Monitor.
3. (Optional) Filter the information in the Activity Monitor to display only activities
with a specific state, type, group, client, or plug-in:
a. Select Actions > Filter.
The Filter Activity dialog box appears.
b. Define the filtering criteria and click OK.
The following tables provide details on the information that is available in the Activity
Monitor.
Column Description
Status Status of the backup, restore, or validation
activity. The Avamar Administrator online help
provides details on each status.
Column Description
Client Avamar client name.
Column Description
Proxy If this activity is a VMware image backup or
restore, then this value is the name of the
proxy client performing the backup or restore
on behalf of the virtual machine. Blank for all
other activities.
Column Description
Sched. Start Time Date and time that this activity was scheduled
to begin.
Sched. End Time Date and time that this activity was scheduled
to end.
Column Description
column lists the source system name on the
destination system, and the destination name
on the source system.
Avamar tab
The Avamar tab in the Server Monitor presents a summarized view of CPU, network,
and hard drive performance statistics for the Avamar server.
The following tables describe the information available on the Avamar tab.
Property Description
Status indicators Status of the node. One of the following
values:
l Online (green)—The node is functioning
correctly.
l Read-Only (blue)—This status occurs
normally as background operations are
Table 58 Node details on the Avamar tab of the Server Monitor (continued)
Property Description
Note
Property Description
Load Average number of CPU threads over the past
minute.
Property Description
Ping Time in seconds that this node took to
respond to a ping request.
Property Description
Reads Average number of hard drive reads per
second as reported by the operating system.
Table 62 Node details on the Data Domain tab of the Server Monitor
Property Description
Status indicators Status of the node. One of the following
values:
l OK (green)—The Data Domain system is
functioning correctly.
l Warning (yellow)—There is a problem
with the Data Domain system, but
backups and restores can continue.
l Error (red)—There is a problem with the
Data Domain system, and backups and
restores are stopped until the problem is
resolved.
If the status is yellow or red, you can view
additional status information to determine and
resolve the problem. The Avamar and Data
Domain System Integration Guide provides
details.
Table 63 CPU details on the Data Domain tab of the Server Monitor
Property Description
Busy Avg. Average CPU usage as a percentage of total
possible CPU usage.
Table 64 Disk (KB/S) details on the Data Domain tab of the Server Monitor
Property Description
Read Disk read throughput in kilobytes per second.
Table 65 Network (KB/S) details on the Data Domain tab of the Server Monitor
Property a Description
Eth#1 Desc—Description of the network
interface.
In/Out—Network bandwidth usage in
kilobytes per second on network interface
1.
a. The number of Eth# columns depends on the maximum number of network interfaces that
the configured Data Domain systems support.
NOTICE
Avamar is licensed in decimal units. Therefore, Total capacity and Capacity used are
displayed in decimal units on the Server Management tab. All other parts of the
product that output capacity is displayed in binary units.
Property Description
Properties Name of the Avamar server and configured
Data Domain systems.
Server information
The following tables describe the Server Information that is provided when an
Avamar server is selected on the Server Management tab.
Property Description
Active sessions Current number of active client sessions.
Click the Session Monitor tab for more
information.
Total bytes free in partitions Disk free size from the OS level.
Property Description
Server bytes reserved The maximum size that the current stripe files
occupy.
Bytes protected (client pre-comp size) Total amount of client data in bytes that has
been backed up (protected) on this server.
The amount is the pre-compress size on the
client side.
Bytes protected quota (client pre-comp size) Maximum amount of client data in bytes that
is licensed for protection on this server. The
amount is the pre-compress size on the client
side.
Time since Server initialization Number of hours, days, and minutes that have
elapsed since this Avamar server was
initialized.
Last checkpoint Date and time that the last server checkpoint
was performed. Checkpoints are typically
performed twice daily.
Last validated checkpoint Date and time that the server checkpoint was
last validated. Checkpoint validation normally
occurs once per day. Therefore, the Last
validated checkpoint time and Last
checkpoint time might be different
depending on the time of day that you view
this information.
Note
Property Description
HFSAddr Hash File System (HFS) address (Addr). The
hostname or IP address that backup clients
use to connect to this Avamar server.
Property Description
Suspended One of the following values:
l No — Server maintenance activities are
not currently suspended (that is, server
maintenance activities will run normally
during the next maintenance window).
l Yes — Server maintenance activities are
currently suspended.
Property Description
Status One of the following values:
l Idle — Garbage collection is not currently
taking place.
l Processing — Garbage collection is
taking place.
Start time Date and time that the last garbage collection
activity began.
End time Date and time that the last garbage collection
activity ended.
Property Description
Bytes recovered Total amount of storage space in bytes that
was recovered during the last garbage
collection activity.
Module information
The following table provides details on the Module properties on the Server
Management tab.
Property Description
Total bytes free in partitions Disk free size from the OS level.
Server bytes reserved The maximum size that the current stripe files
occupy.
Node information
The following tables provide details on the Node properties on the Server
Management tab.
Property Description
Status indicators One of the following values:
Property Description
Property Description
State Current operational state of the server. One
of the following values:
l ONLINE — Node is functioning correctly.
l DEGRADED — One or more disk errors
have been detected.
l OFFLINE — Node has experienced a
problem. If ConnectEMC has been
enabled, a Service Request (SR) should
have been logged. Go to Avamar Support
to view existing SRs. Search the
knowledgebase for KB000457963,
Troubleshooting Node Offline\GSAN
Degraded Issues on an Avamar System.
l READONLY — Occurs normally as
background operations are performed and
when backups have been suspended.
Table 73 Server details on the Node Information part of Server Management (continued)
Property Description
Server bytes reserved The maximum size that the current stripe files
occupy.
Amount of reserved used The size for backup data in the stripe files and
cache.
Table 73 Server details on the Node Information part of Server Management (continued)
Property Description
Server utilization Percentage of total available node storage
capacity currently used.
Property Description
Version Current operating system version running on
this node.
Total bytes free in partitions Disk free size from the OS level.
Total bytes used in partitions Disk used size from the OS level.
Property Description
IP address IP address of this node.
Table 75 Hardware details on the Node Information part of Server Management (continued)
Property Description
Generation Description The hardware platform type description.
Partition information
The following tables provide details on the Partition Information that is available
when a partition is selected on the Server Management tab.
Property Description
Status indicators One of the following values:
l Online (green) — The partition is
functioning correctly.
l Offline (yellow) — The partition has one
or more offline stripes. If ConnectEMC
has been enabled, a Service Request (SR)
should have been logged. Go to the
Avamar Support website to view existing
SRs.
l Read-Only (blue) — The partition is read-
only.
l Nonfunctional (red) — The partition is
not functioning. Search the
knowledgebase on the Avamar Support
website for KB000465715, Suspended
Partitions\Stripes and Hfscheck Failures
on Avamar (Symptom Code 22632).
Server bytes reserved The maximum size that the current stripe files
occupy.
Amount of reserved used The size for backup data in the stripe files and
cache.
Property Description
Total capacity Total amount of server storage capacity.
Table 77 Server Details on the Node Information part of Server Management (continued)
Property Description
Total bytes free in partitions Disk free size from the OS level.
Total bytes used in partitions Disk used size from the OS level.
Property Description
Status indicators One of the following values:
l Online (green)—The Data Domain system
is functioning correctly.
l Offline (yellow)—The Data Domain
system is offline. The Data Domain Offline
Diagnostics Suite User Guide, which is
available on Avamar Support, provides
more information.
l Read-Only (blue)—The Data Domain
system is read-only.
l Nonfunctional (red)—The Data Domain
system is not functioning. The Data
Table 78 Data Domain system properties on the Server Management tab (continued)
Property Description
Total Capacity (post-comp size) The total capacity for compressed data on the
Data Domain system.
Bytes Protected (client pre-comp size) The total number of bytes of data that are
protected, or backed up, on the Data Domain
system. This value is the number of bytes
before the data is compressed.
File System Available (post-comp avail) The total amount of disk space available for
compressed data in the DDFS.
File System Used (post-comp used) The total amount of disk space that is used in
the DDFS for compressed data.
Target For Avamar Checkpoint Backups Indicate whether to store Avamar Checkpoint
Backups on the Data Domain system or not.
Maximum Streams For Avamar Checkpoint The maximum number of reserved streams for
Backups Avamar CheckPoint Backup on Data Domain
system.
Table 78 Data Domain system properties on the Server Management tab (continued)
Property Description
Instant Access Limit The amount limit of VMs that generated from
Instant Access Restore.
Note
Table 78 Data Domain system properties on the Server Management tab (continued)
Property Description
Note
Event monitoring
All Avamar system activity and operational status is reported as events to the MCS.
Examples of Avamar events include client registration and activation, successful and
failed backups, and hard disk status.
Each event contains the information in the following table.
Information Description
Event code Unique identifier
Date and time Date and time the event was reported
Event notifications
The following features generate notifications when specific events occur.
Pop-up alerts
You can configure individual events to generate a graphical pop-up alert each time the
event occurs. Avamar Administrator must be running for the pop-up alerts to appear.
Acknowledgment required list
You can specify that when a certain event type occurs, the Avamar system
administrator must acknowledge the event.
Email messages
You can specify that when a certain event type occurs, an email message is sent to a
designated list of recipients. Email notifications can be sent immediately or in batches
at scheduled times.
A typical batch email notification message looks like the following example.
MCS: avamar-1.example.com
Summary of events:
Type
-----------
INFORMATION
INFORMATION
INFORMATION
Syslog support
You can specify that when an event type occurs, Avamar logs information to local or
remote syslog files that are based on filtering rules that are configured for the syslog
daemon that receives the events. Third-party monitoring tools and utilities capable of
examining log entries can access the syslog files and process them to integrate
Avamar event information into larger site activity and status reports.
SNMP support
The Avamar SNMP implementation provides two ways to access Avamar server
events and activity completion status:
l SNMP requests provide a mechanism for SNMP management applications to
“pull” information from a remote SNMP-enabled client (in this case, the Avamar
server).
l SNMP traps provide a mechanism for the Avamar server to “push” information to
SNMP management applications whenever designated Avamar events occur. You
can configure an event type to output SNMP traps.
Usage intelligence
Enables the Avamar server to automatically collect and transfer reporting information
to Avamar Support via the ESRS gateway.
Event profiles
Profiles are a notification management feature that is used to logically group certain
event codes together and specify which notifications to generate when the events
occur.
There are two basic types of event profiles:
l System profile — There is only one system event profile. It contains all possible
system event codes.
l Custom profiles — Custom profiles are used to send various notifications when
certain system events occur. You can create as many custom profiles as you
should. This step is done to organize system events and generate notifications
when any of those events occur.
Profile catalog
The Avamar system includes a set of preconfigured event profiles by default.
System profile
There is only one system event profile. It contains all possible system event codes.
Evaluation profile
The evaluation profile is primarily intended to be used to support system evaluations. If
enabled, this profile generates an email notification and attaches 2 weeks’ worth of
Activities - DPN Summary report information to the email message. The Avamar
Reports Guide provides more information about the Activities - DPN Summary report.
High Priority Events profile
The High Priority Events profile is enabled by default. This special event profile
automatically email messages the following information to Avamar Support
(emailhome@avamar.com) twice daily:
l Status of the daily data integrity check
l Selected Avamar server warnings and information messages
l Any Avamar server errors
The only change that you can make to the High Priority Events profile is to add email
addresses to the Recipient Email List. If you require custom High Priority Events
profile settings, copy the profile and then edit the copy.
Note
NOTICE
12. Click the Audit Codes tab, and then select the Notify checkbox next to the
audit events that should trigger notifications.
NOTICE
An asterisk (*) next to an event code indicates an event of such severity that a
notification is sent when that event occurs, even if other event notifications are
sent on a schedule.
13. If you are adding this custom event profile at the top-level (that is, not to a
domain or subdomain), specify the parameters to control capacity forecast
alerts:
a. Click the Parameters tab.
b. Select the checkbox next to the parameter, and then type a new value for
the parameter.
c. Repeat the previous step as necessary for each parameter.
NOTICE
When you insert the attachments, the email message may be very long.
d. From the Facility list, select one of the following: user, local0, local1,
local2, local3, local4, local5, local6, or local7.
e. To test the syslog notification parameters, click Send Test Syslog Entry.
22. Click Next.
The SNMP Trap Notification page appears.
23. If the profile includes SNMP notification messages, then specify SNMP
notification parameters:
a. In the SNMP Trap address (IP or hostname) box, type the IP address or
hostname of the computer running an application that can receive and
process an SNMP trap.
b. In the Port Number box, type the port number on the host server that is
listening for SNMP traps. The default data port is 162.
c. In the SNMP Community box, type the name of the SNMP community that
the SNMP trap listener is configured to use.
The SNMP community is a text string that the local Net-SNMP agent uses
to authenticate itself with the SNMP management application.
d. To test the SNMP notification parameters, click Send Test SNMP Trap.
24. Click Finish.
Procedure
1. In Avamar Administrator, select Tools > Manage Profiles.
The Manage All Profiles window is displayed.
2. In the left pane, select the custom event profile and click Edit.
The Edit Profile dialog box appears.
3. Edit the custom event profile. The properties are the same as when you create
the profile.
4. Click OK.
e. From the Severity list, select the severity of the events to display.
f. To view events for all domains, select All Domains. Or, to view events for a
specific domain, select Domain and then browse to or type the domain
name.
g. To display only events that contain certain case-sensitive keywords in the
event code data XML element, type the keyword in the Data box.
This criterion promotes easy filtering on important keywords across event
attributes. For example, filtering the Event Monitor on error returns all
events that contain the word error in any XML attribute (for example,
category, type, or severity).
h. Choose whether to display events from all sources, from only the Avamar
server, from all Data Domain systems, or from a single Data Domain system:
l To view events from all sources, leave the default selection of All
Sources in the Source list.
l To view events from only the Avamar server, select Avamar from the
Source list.
l To view events from all Data Domain systems, select Data Domain
Systems from the Source list and leave the default selection of All
Systems.
l To view events from a single Data Domain system, select Data Domain
Systems from the Source list, select the System option, and then either
type or browse to the Data Domain system.
Note
At the operating system level, system monitoring and logging rely on the syslogd
process to collect system log messages and write them to a designated log file. The
syslogd process runs locally on every Avamar server node.
However, without additional configuration, each node’s syslogd only collects system
information for that node, and writes it to a local log file on that node. From a syslog
perspective, each Avamar server node is unaware that any other server nodes exist.
Also, the utility node syslog process is not aware that the Avamar Management
Console Server (MCS) is collecting and logging Avamar event information.
You can configure an Avamar event profile to format Avamar server event messages in
syslog format and send this data to the syslogd process running on the Avamar
server utility node.
The following table describes how an event profile maps Avamar server event data to
syslog fields.
2. On single-node servers and utility nodes with SLES 11 or later, configure the
local utility node syslogd process to listen for MCS event messages on UDP
data port 514:
a. Open a command shell and log in as admin on the single-node server or the
utility node of a multi-node server.
b. Switch user to root by typing su -.
c. Open /etc/syslog-ng/syslog-ng.conf in a text editor.
d. Locate the following entry:
#
# uncomment to process log messages from network:
#
# udp(ip("0.0.0.0") port(514));
h. Verify that syslog is listening on port 514 by typing the following command:
netstat -nap | grep 514
NOTICE
Procedure
1. Create a custom syslog event profile that sends Avamar server event messages
in syslog format to the remote logging host.
2. Configure all server nodes to send syslog messages to the remote logging host.
3. Configure the remote logging host to listen for syslog messages over a LAN
connection on UDP data port 514.
4. If a firewall is enabled on the remote logging host, configure the firewall to allow
UDP traffic on port 514 for a defined IP range.
d. From the Facility list, select one of the following values: user, local0, local1,
local2, local3, local4, local5, local6, or local7.
8. (Optional) To test the syslog notification parameters, click Send Test Syslog
Entry.
9. Click OK.
Configuring server nodes to send syslog messages to the remote logging server
As part of the process to configure remote syslog, you must configure all Avamar
server nodes to send syslog messages to a remote logging server over a LAN
connection on UDP data port 514.
Procedure
1. Open a command shell:
a. Log in to the server as admin.
b. Switch user to root by typing the following command:
su -
c. For a multi-node server, load the rootid OpenSSH key by typing the
following command:
ssh-agent bash
ssh-add /root/.ssh/rootid
7. Verify that syslog is listening on port 514 by typing the following command:
netstat -nap | grep 514
...
No rules are necessary for the outgoing syslog traffic on the client side.
2. Restart the firewall service on the remote logging host for the changes to take
effect.
3. Restart the syslog-ng service on all server nodes and the remote logging host
for the changes to take effect:
service syslog restart
Note
Persons configuring an Avamar server to send event information over SNMP should
be familiar with basic SNMP concepts. A complete discussion of basic SNMP
concepts and implementation is beyond the scope of this guide. The www.net-
snmp.org website provides additional information.
The Avamar SNMP implementation provides SNMP requests and SNMP traps to
access Avamar server events and activity status. The Avamar server supports SNMP
versions v1 and v2c.
SNMP requests
SNMP requests provide a mechanism for SNMP management applications to “pull”
information from a remote SNMP-enabled application or device (in this case, the
Avamar server). The SNMP management application sends a request to an SNMP
master agent running on the Avamar server. The SNMP master agent then
communicates with the Avamar SNMP sub-agent, which passes the request to the
MCS. The MCS retrieves the data and sends it back to the Avamar SNMP sub-agent,
which passes it back to the management application by way of the SNMP master
agent. Data port 161 is the default data port for SNMP requests.
Avamar servers that are purchased directly from Avamar use the Net-SNMP master
agent. Avamar servers that are built with other industry standard hardware likely use
an SNMP master agent that is provided by the hardware manufacturer.
SNMP traps
SNMP traps provide a mechanism for the Avamar server to “push” information to
SNMP management applications when designated Avamar events occur. Data port 162
is the default data port for SNMP traps. Typically, the SNMP management application
listens for the SNMP traps that designated remote hosts generate.
The following table provides the locations for the Avamar MIB definition file.
A copy of the Avamar MIB definition file also resides in the /usr/share/
snmp/mibs directory on single-node servers and utility nodes. This copy is
used by the Avamar SNMP sub-agent and should not be moved or distributed.
c. For a multi-node server, load the rootid OpenSSH key by typing the
following command:
ssh-agent bash
ssh-add /root/.ssh/rootid
cd /root
avsetup_snmp
The output prompts you to specify the port on which to listen for SNMP
requests.
ssh-agent bash
ssh-add ~admin/.ssh/admin_key
2. Create a new user-defined temporary directory and change directory to it by
typing the following commands:
mkdir directory
cd directory
3. Retrieve copies of the storage node log files by typing the following command:
getlogs
The getlogs command gathers the important log files from a particular node,
compresses them into a single tar file, nodelogs.tgz, then copies these files
to numbered subdirectories in the current working directory.
4. Examine the nodelogs.tgz files for any entry that contains the string ERROR.
To accomplish this, run the following shell commands, which write any
nodelogs.tgz entries that contain the string ERROR to a user-defined
temporary file:
for p in [01].[!sm]*/nodelogs.tgz; do
tar xzf $p
grep ERROR: cur/gsan.log*
rm -rf cur/*
done
cd ../
rm -rf directory
Audit logging
The audit log keeps a permanent log of system actions that users begin with. The data
in this log enables enterprises that deploy Avamar to enforce security policies, detect
security breaches or deviation from policies, and hold users accountable for those
actions.
Only actions that users begin with are logged. Actions that the system begins with
without a user account, such as scheduled backups, maintenance activities, are not
logged.
System events with a category of SECURITY and type of AUDIT are used to
implement the Avamar audit logging feature. Because the underlying data for audit log
entries are system events, this information is available in two places:
l Event Monitor, which also contains all other system events
l Audit Log, which only contains events that are also audit log entries
By default, audit log information is retained for 1 year.
You can increase or reduce the audit log retention period by editing the value of
clean_db_audits_days in /usr/local/avamar/var/mc/server_data/
prefs/mcserver.xml, and restarting the MCS.
Usage Intelligence
Usage Intelligence is a feature that enables the Avamar server to automatically collect
and transfer reporting information to Avamar Support. The types of reports that are
sent to Avamar Support vary depending on how the Avamar server is licensed.
The use of this feature requires that:
6. Import the ESRS server certificate into the keystore by typing the following
command on one line:
keytool -importcert -keystore /usr/local/avamar/lib/
rmi_ssl_keystore -storepass changeme -file <certfile>.crt
where <certfile> is the name of the ESRS server certificate, including path.
Email Home
The Avamar Email Home feature automatically sends configuration, capacity, and
general system information to Avamar Support once daily, and provides critical alerts
in near-real time as needed.
By default, notification schedule email messages are sent at 6 a.m. and 3 p.m. each
day. The Notification Schedule controls the timing of these messages.
ssh-agent bash
ssh-add ~admin/.ssh/admin_key
2. Change directories by typing the following command:
cd /usr/local/avamar/var/mc/server_data/prefs
5. Verify that the value for the smtpHost entry is the DNS name of the outgoing
SMTP mail server that is used to send Email Home messages, such as
smtp.example.com.
If the value for the entry is incorrect, edit the value.
NOTICE
The Avamar server installation or upgrade automatically completes the value for
the smtpHost entry. In most cases, some arrangement must be made to enable
email messages originating from the Avamar server to be forwarded through the
outgoing SMTP mail server to Avamar Support over the Internet.
6. Specify a valid email address with access to a corporate outgoing SMTP mail
server as the value for the admin_mail_sender_address entry.
NOTICE
If you do not configure the Email Home feature to send messages from a valid
email address, the incoming email server rejects messages that are generated
by the Email Home feature. Avamar Support is completely unaware that these
programmatically generated messages were rejected. In addition, because a
valid sending email account is not known, programmatically generated warnings
to the sender that these messages could not be sent are never viewed by
anyone who can correct the problem.
ConnectEMC
ConnectEMC is a program that runs on the Avamar server and sends information to
Avamar Support. ConnectEMC is typically configured to send alerts for high priority
events as they occur, as well as reports once daily.
ConnectEMC is integrated with EMC Secure Remote Support (ESRS), provided that
it is installed, operational, and network accessible by the Avamar server. Contact the
Avamar Sales Representative for more information about implementing ESRS.
Although ConnectEMC is initially configured during Avamar server software
installation, Avamar Administrator enables you to manage ConnectEMC settings, in
the form of three user-configurable transports, after the server is operational:
l Primary transport
l Failover transport
l Notification transport
The primary and failover transports send alerts for high priority events as they occur.
The primary transport is used unless it fails, at which time the failover transport is
used.
The notification transport sends email notifications messages to one or more customer
email addresses under certain conditions.
ConnectEMC 247
Server Monitoring
You also can control whether the MCS generates and sends ConnectEMC messages
by enabling, disabling, stopping, and starting ConnectEMC.
Note
e. Click OK.
5. (FTP only) After selecting FTP, complete the following steps.
a. In the IP Address field, specify an IPv4 address.
b. In the Username field, specify an FTP username. The setting depends on
the FTP server software.
c. In the Password field, specify the password for the username.
d. (Optional) To configure advanced settings, click Advanced, and then
specify the following settings in the Edit Advanced FTP Settings dialog
box:
l Retries – The number of retries to perform before reporting a failure.
The default setting is five retries.
l Timeout – The number of seconds to wait before reporting that the
operation timed out. The default setting is 5 minutes (300 s).
l Description – A description of this transport that appears in the Manage
ConnectEMC window. The default description is FTP Transport.
l FEP Folder – A unique customer UNIX path in the ConnectEMC Front
End Processor (FEP). Use the folder location that is supplied by Avamar
Support.
l FTP Port – An IP port. The default setting is port 21.
l Mode – Either Active or Passive. The default setting is Active.
Do not change the email subject unless instructed to do so by Avamar
Support. Avamar spam filters can reject email messages with other
subject lines.
e. Click OK.
6. (HTTPS only) After selecting HTTPS, complete the following steps.
a. Type a valid URL for the Secure Remote Support home page in the URL
field.
Valid URLs use the following format:
https://home_name[:port]/target_directory
where home_name, port, and target_directory are the home name, data
port, and target directory, respectively.
Use the URL provided by Avamar Support.
ConnectEMC 249
Server Monitoring
c. Click OK.
Sample key files are provided in /opt/connectemc/certs/ and https-
privatekey.pem. Sample client certificates are provided in /opt/
connectemc/certs/ and https-cert.pem. Sample root certificate bundles
are provided in /opt/connectemc/certs/ and https-ca-cert.pem.
7. Click OK on the Edit Primary/Secondary Transport dialog box.
7. (Optional) To specify advanced settings, click Advanced and then specify the
settings in the Edit Advanced Email Settings dialog box:
a. In the Retries box, specify the number of retries to attempt before reporting
a failure. The default setting is five retries.
b. In the Timeout box, specify the number of seconds to wait before reporting
that the operation timed out. The default setting is 300 s (5 minutes).
c. In the Description box, specify the description of this transport that appears
in the Manage ConnectEMC window. The default description is Email
Transport.
d. In the Email Subject box, specify the subject line for the email. The default
subject line is Avamar ConnectEMC Notification Email.
NOTICE
e. From the Email Format list, select the format of the email, either ASCII or
HTML. The default setting is ASCII.
f. Choose whether to include attachments that are sent to ConnectEMC in the
notification email message by selecting or clearing the Include CallHome
Data checkbox.
g. Click OK.
8. On the Edit Notification Transport dialog box, click OK.
2. Type the following commands to launch the utility and change the site name:
cd /root
avsetup_ connectemc.pl --site_name=site_name
Where site_name is the name of the customer site.
ConnectEMC 251
Server Monitoring
Testing transports
Procedure
1. In Avamar Administrator, select Tools > Manage ConnectEMC.
The Manage ConnectEMC window is displayed.
2. Click Test.
2. Type the following commands to launch the utility and change the site name:
cd /root
avsetup_ connectemc.pl --site_name=site_name
Where site_name is the name of the customer site.
Capacity forecasting
Every Avamar server continuously tracks and analyzes the rate at which storage
capacity is consumed, and projects how long storage capacity can be consumed at
that rate. This forecasting occurs in the background.
Capacity forecasting results for an Avamar server and configured Data Domain
systems are available in the Capacity panel of Avamar Administrator. For more
information, see Capacity panel on page 45.
ssh-agent bash
ssh-add ~admin/.ssh/admin_key
2. Shut down the Management Console Server (MCS) by typing the following
command:
dpnctl stop mcs
Replication 259
Replication
Types of replication
Avamar provides the option to perform policy-based replication and command line
replication.
Policy-based replication in the AUI
Policy-based replication provides greater control of the replication process. With
policy-based replication, you can create replication groups in the AUI that define the
following replication settings:
l Replication group members, either domains or clients
l Priority order for replication tasks
l Backups to replicate, based on the retention setting or the backup date
l Maximum number of backups to replicate for each client
l Destination system for the replicas
l Replication schedule
l Retention of replicas
Command line replication in the CLI
Perform on-demand replication from the command line by logging in to the utility node
and using the avrepl command line interface (CLI). Command line replication
provides greater control of the replication process. Options for the avrepl command
define the following replication settings:
l Domains or clients to replicate
l Backups to replicate, based on:
n Plug-in that is used for the backup
n Retention setting for the backup
n Backup date
l Maximum number of backups to replicate for each client
l Destination system for the replicas
l Retention of replicas
Replication scheduling
The method for scheduling replication tasks depends on the type of replication that is
used. For policy-based replication, define schedules similar to how backup schedules
are defined. For command line replication, no schedule is defined because a replication
task is manually started by running the avrepl command on the utility node.
Defining a schedule for policy-based replication in the AUI
To configure schedules for policy-based replication in the AUI:
Replication authentication
Policy-based replication requires that you specify valid credentials for an account only
on the destination system when you configure the replication policy. CLI-based
replication, however, requires that you specify valid credentials for the source Avamar
system and the destination system in the command prompt.
For policy-based replication in the AUI, specify the credentials when you add the
destination system using the Add New Replication Destination wizard:
1. In the left navigation pane, click .
2. Navigate to Administration > System .
3. Click the Replication Destination tab, and then click + Add.
For CLI-based replication, specify the user account and password for the destination
system by using the --[replscript]dstid and --dstpassword options in the
command prompt. To specify the user account and password for the source system,
use the --[avtar]id and --password options.
On the source Avamar system, the repluser account is the default account for
replication. When you use the repluser account for command line replication, omit
the --[avtar]id option from the command and specify the password for the
repluser account with the --password option. The Avamar Product Security Guide
provides a complete list of default accounts and passwords on the Avamar system.
All data in the REPLICATE domain is read-only. You can perform only the following
operations on replicas in the REPLICATE domain:
l Change the expiration date of the replica
l View backup statistics
l Delete a replica
Replicas at Source on page 262 describes the Replicas at Source feature that
provides management of replicas through the replication source Avamar server
instead of the REPLICATE domain on the destination system.
Replicas at Source
With Replicas at Source, view and manage replicas by using an Avamar Administrator
session on the Avamar server that is the replication source.
Features
The Replicas at Source feature is in Avamar server version 7.2 and newer. Enable
Replicas at Source on page 266 describes how to enable the feature.
The following table describes the features that Replicas at Source provides on the
source Avamar server.
Table 85 Replicas at Source features available through the source Avamar server
Feature Description
View replicas on Restore tab Replicas appear along with backups on the
Restore tab of the Backup, Restore and
Manage window in Avamar Administrator.
Manage replica settings Use Avamar Administrator or the CLI to
perform the following actions with a replica:
Table 85 Replicas at Source features available through the source Avamar server (continued)
Feature Description
Restore from replica Using the same methods that are available for
backups, select a replica and restore it.
Note
Integration
Several Avamar tasks integrate Replicas at Source. The sections that document these
tasks include information about the integration of Replicas at Source features. The
following table provides an overview of the Replicas at Source integration.
Task Description
Remote destination management Prevents deletion of a remote destination
listing from the source Avamar server when
replicas from the source Avamar server exist
on the destination system. Includes an
override option to force the deletion of the
remote destination listing and delete all the
source server's replicas from the destination
system.
Table 86 Descriptions of the integration of Replicas at Source into Avamar tasks (continued)
Task Description
and replicas exist on remote destination
systems, the Avamar system uses the backup
to restore.
Retention of replicas
When you replicate backups, the retention settings for the backup on the source
Avamar system automatically apply to the replica on the destination system. However,
you can change the retention settings for the replica.
Set retention before replication occurs
For policy-based replication in the AUI, specify a different retention setting for
replicas on the Retention page of the Replication Policy wizard when you configure
the policy for the replication group.
For command line replication, use the --[avtar]expires option to specify a
different retention setting for replicas.
ssh-agent bash
ssh-add ~admin/.ssh/admin_key
2. Stop the MCS by typing the following command:
dpnctl stop mcs
10. Log in to Avamar Administrator on the Avamar server that is associated with the
client backups (source server).
11. In Avamar Administrator, click the Administration launcher link.
The Administration window is displayed.
12. Click the Services Administration tab.
13. Right-click the Remote Backup Manager Service, and select Start.
Results
The Avamar server enables the Replicas at Source feature.
Replication destinations
To begin configuring policy-based replication on an Avamar server, add replication
destinations.
Provide connection details for a supported data storage system to add it as a
replication destination.
Avamar supports replication to other Avamar systems and to Data Domain systems
through DD Boost. An Avamar system can replicate to another Avamar system that is
running a different version of the Avamar server software, but best results occur with
the same server software version.
7. In the Target MCS connection port field, type the number of the inbound port
on the destination Avamar server to use for data connections with MCS on the
destination system.
The default port value is 28001.
8. In the User ID on target server field, type a username for an account on the
destination Avamar system that has the backup privilege and the admin
privilege.
Normally, type repluser or root.
Note
For a user with access that is limited to a domain beneath the root domain
(tenant access), both the source Avamar server and the destination system
must be running Avamar server version 7.2 or later.
9. In the Password on target server field, type the password that is associated
with the username.
10. Click VALIDATE.
The source Avamar system authenticates with the destination Avamar system
by using the specified settings.
4. Edit the settings for the replication destination, and then click VALIDATE.
5. Upon successful validation, click OK.
Results
AUI modifies the settings of the selected replication destination.
Note
You cannot map the domains on the source Avamar server to a destination Data
Domain system until after the first replication. During the first replication, the data
replicates to the default destination.
Procedure
1. In the AUI, go to Administration > System .
The System window appears
2. Click the Storage Mapping tab, and then click + ADD.
The Add Storage Mapping dialog appears.
3. From the list, select the Data Domain system to use as the replication target.
4. Click SUBMIT.
Replicas at Result
Source
Enabled The Avamar system checks for replicas on the replication destination system
and if no replicas exist, deletes the replication destination record. To prevent
the Avamar system from checking for replicas, and delete the replication
destination record even if replicas exist on the replication destination system,
unselect Check for remote backups before deletion, and then click
Yes.
Disabled The Avamar system deletes the replication destination record.
Procedure
1. In the AUI, navigate to Administration > System .
2. Click the Replication Destination tab, and then select the replication
destination record that you want to delete.
3. Click the Delete icon.
A confirmation dialog appears.
4. To confirm the deletion, click YES.
Replication groups
Replication groups enable you to define the settings for policy-based replication.
The replication groups option includes the following:
l The domain and client members of the replication group
l The backup types to replicate
l The number of backups to replicate
l The destination server
l The replication schedule
l How long replicated backups are retained on the destination server
You can specify the priority for which backup data replicates first. When you define
the members of the replication group, the order in which members are listed in the
Member(s) list controls the order in which backup data is replicated.
Backup data for a client replicates only once even if a client is listed individually and is
also a member of a domain in the Member(s) list.
If an individual client is a higher priority in the Member(s) list than the domain, then
the backup data for the individual client replicates before the backup data for any
other clients in the domain.
Note
b. For the Replication order of client backups, select one of the following:
l Oldest to Newest begins replication with the oldest backup first.
l Newest to Oldest begins replication with the newest backup first.
6. Click NEXT.
The Members page appears.
7. On the Members page, complete the steps that are required for the members
in the replication group.
8. On the Backup Filters page, complete the steps that are required for the type
of backups to replicate.
Type of Steps
backups to
replicate
All backups Select Replicate all backups.
from all
members of the
replication
group
Specific a. Select Include/Exclude backups by date, type, and
backups more.
b. Click Select Backup Filter.
The Backup Filter dialog box appears.
c. Select the type of backups to replicate: Daily, Weekly,
Monthly, Yearly, or No tag. Ensure that you select at
least one backup type.
d. To replicate for each client that is a member of the
replication group, specify the maximum number of
backups.
To replicate all backups (no maximum), select No limit
for number of backups per client.
To replicate a certain number of the most recent
backups for each member client, select Limit to and
then specify the maximum number to limit the backups
to.
e. Specify date restrictions for the backups to replicate for
each client that is a member of the replication group.
To replicate all backups regardless of when the backups
occurred, select No Date Restrictions.
To replicate only backups that occurred within a recent
period, select Last and then specify an amount of past
Day(s), Weeks(s), Month(s), or Year(s) to include.
To replicate only backups that occurred during a range of
dates, select Range and specify the start date/time in
Type of Steps
backups to
replicate
9. Click NEXT.
The Schedule page appears.
10. On the Schedule page, use the Select Existing Schedule drop-down to choose
the default replication schedule or another schedule that you have created.
11. Click NEXT.
The Retention page appears.
12. On the Retenion page, specify when the replicated backups should expire on
the destination server:
l To expire the replicated backups at the current expiration setting, select
Keep current backup expiration.
l To expire the replicated backups at a different time than the current
expiration setting, select Set expiration by backup type and then specify
the number of days, weeks, months, or years to retain each backup type.
If a backup is of multiple types, then the expiration for the replicated backup
is set to the specified value for the longest duration backup type. For
example, if a backup is both a daily and a monthly backup, then the
expiration for the replicated backup is set to the value that you specify for
monthly backups.
13. Click NEXT.
The Destination page appears.
14. On the Destination page, select an existing destination server from the table
that you would like to replicate backups to, or add a destination server by
clicking + ADD DESTINATION to open the Add replication destination dialog.
15. Click NEXT.
The Summary page appears.
16. On the Summary page, review the replication policy configuration details. This
page also provides you with the option to specify advanced configuration
details.
l If you do not want to perform advanced configuration, click FINISH.
l If you want to specify more configuration details, scroll to the bottom of the
page and click Advanced Parameters.
When you click Advanced Parameters, a dialog displays.
17. (Optional) Specify the following advanced parameters for the replication group.
Additionally, you can move the Show Advanced Options slider to the right to
reveal additional fields. Advanced options will appear in bold.
a. To replicate only backups from specific plug-ins, specify the numeric plug-in
descriptor in the Include plug-in specific backups field.
Separate multiple entries with a comma, or leave the box empty to replicate
all backups. Numeric plug-in descriptors on page 285 provides a list of
numeric plug-in descriptors.
Use caution when including file information in the replication log files.
Replication performance decreases, and the size of the log files can be very
large.
remains on the destination server until the replicated backups expire or you delete the
backups.
Procedure
1. In the AUI left navigation pane, click .
2. Navigate to Policy > Replication Policy.
The Replication Policy window appears.
3. Select the replication group you want to remove and click the Delete icon.
A confirmation message appears.
4. Click YES.
Note
The source Avamar system currently lists only local backups. For remote backups, log
in to the destination system.
Command reference
The following topics provide a reference for the operations and options that the
avrepl command supports.
Synopsis
avrepl --operation=replicate [options] [target]
Operations
The only supported operation for avrepl is --operation=replicate, which
replicates data from the source Avamar server to a destination Avamar server.
Options
Use the avrepl command options to control replication behavior.
Account options
Account options for the avrepl command enable you to specify credentials to
connect to the destination Avamar server for replication.
The following account options are available for the avrepl command.
Option Description
Note
Option Description
--password=password Specifies the password for the Avamar user ID to use for
--ap=password authentication on the source Avamar server.
--pswd=password
Logging options
Logging options for the avrepl command enable you to specify the path and file
name for the avrepl log file, and to control how much information the plug-in writes
to the log file.
The following logging options are available for the avrepl command.
Option Description
--[avtar]informationals=n Sets the information level for status messages, where n is a
single-digit integer value.
--log=file Specifies the full path and file name of the avrepl plug-in log
--logfile=file file.
Option Description
--nostdout={true | false} Specify true to disable output to STDOUT. However, if you
use the --log or --logfile option, output still goes to the
log file.
Replication options
Replication options for the avrepl command enable you to control replication
functionality, such as which backups should replicate and how long to retain replicated
backups on the destination server.
The following replication options are available for the avrepl command.
Option Description
--[avtar]after=timestamp Specifies that only backups matching timestamp and later
should be replicated. For timestamp, use 24 hour local time
zone values that conform to the syntax yyyy-mm-dd
hh:mm:ss. You can use partial timestamp values. The
resolution is truncated to the last supplied value. For example,
2014-02 is equivalent to 2014-02-01 00:00:00. You can
also use this option with --[avtar]before=timestamp to
define a range of effective dates. Only backups that occurred
within the date range are replicated.
--[avtar]allsnapups={true | false} The default value is true, which replicates all backups. If
false, then only the most recent backup for each client is
replicated. If you specify the --[avtar]count option, then
the --[avtar]count option overrides the --
[avtar]allsnapups option. Only the specified number of
most recent backups replicates for each client.
Option Description
define a range of effective dates. Only backups that occurred
within the date range are replicated.
--[avtar]exclude-pluginid-list=list Excludes backups that are performed with the specified plug-
in, where list is a comma-separated list of plug-in IDs.
--[avtar]expires={n | period | timestamp} Specifies how long to retain replicated backups on the
destination server:
l A number of days (n).
l An expiration period as a specific number of days, weeks,
months, or years. To specify a period, use one of the
following values:
days=n
weeks=n
months=n
years=n
--[avtar]pluginid-list=list Replicates only backups that are performed with the specified
plug-ins, where list is a comma-separated list of plug-in IDs.
--[avtar]retention-type={daily | weekly | Replicates only backups with one of the following retention
monthly | yearly | none} types:
l daily
l weekly
l monthly
l yearly
l none
If you supply none, then only backups without a specific
retention type are replicated.
Option Description
You cannot use this option with the --
[replscript]dstpath or --[replscript]srcpath
options.
Option Description
--vsr-plug-in-ids= plug-in-ids If --optimize-vsr is set to true, this option lists plug-in IDs
for plug-ins that should use Virtual Synthetic Replication
(VSR) optimization. By default, the NDMP and VMware plug-
ins use VSR optimization. No other plug-ins are supported.
--within={days | weeks | months | years}=n Replicates backups that occurred within these most recent
days, weeks, months, or years, where n is a positive
integer. For example, supply --within=months=3 to
replicate three months' worth of backups for each client.
Avamar-only options
Avamar-only options access advanced functionality that is normally reserved for use
by Avamar personnel only. Misuse of these advanced options can cause loss of data. If
you are unsure about any aspect of these options, contact Avamar Support for more
information before using them.
The following Avamar-only options are available for the avrepl command.
Option Description
--bindir=path Specifies the directory that contains Avamar binary files. The
default value is /usr/local/avamar/bin.
--[avtar]exp-delta={days | weeks | months | Changes replicated backup expiration dates on the destination
years}=n server by the specified number (n) of days, weeks, months, or
years. The value can be either a positive or negative integer.
For example, supply --[avtar]exp-delta=days=-2 to
decrease the backup expiration dates on the destination
server by two days. Do not use --[avtar]exp-delta with
--[avtar]expires.
Option Description
l months=n
l years=n
and n is a positive integer. For example, supply --
[avtar]expiration-policy=dailies=years=2 to
replicate two years' worth of daily backups for each client.
The --[avtar]expiration-policy option takes
precedence over --[avtar]expires.
--[replscript]forcecreate={true | false} Specify true to force the creation of all source server
accounts on the destination server, even if no data for an
account is in the replication. The default value is false,
which creates accounts on the destination server only for
clients that replicate data.
Option Description
--[replscript]force-move={1 | 0} Specify 1 (true) to force a move to the target server backup
account. Specify 0 (false) if you do not want to force a move.
--[replscript]globalcid={true | false} Specify true to use global client IDs (CIDs) during
replication. Global CIDs are primarily used to enable fast
failovers from one server to another after a root-to-root
replication. true is the default setting.
Help option
The --help option displays a list of available options for the avrepl command:
avrepl --help
Version option
The --version option displays the software version of the avrepl command:
avrepl --version
Target list
To replicate specific clients or Avamar domains, include a list of the clients and
domains at the end of the avrepl command. Separate multiple entries with a space.
If you do not supply a list, then the replication includes all client backups on the source
Avamar server.
CLI examples
Review the avrepl command examples for details on how to use options to control
replication behavior.
Specify the following options with the avrepl command:
Option Description
--operation=replicate Command operation for avrepl.
Option Description
-- Destination Avamar server.
[replscript]dstaddr=destination_server
Note
If the firewall is installed and enabled on the destination server, then specify the --
[replscript]dstencrypt option with the correct encryption method, which is
either ssl or tls.
Replicating all client backups
The following command replicates all client backups from the
avamar-1.example.com source server to the replication-
server-1.example.com destination server. The user account on the source server
is jdoe@avamar (the jdoe user account with the Avamar internal authentication
system), and the password is password. The user account on the destination server
is repluser, and the password is password.
avrepl --operation=replicate --
[replscript]dpnname=avamar-1.example.com --[avtar]id=jdoe@avamar --
password=password --[replscript]dstaddr=replication-
server-1.example.com --[replscript]dstid=repluser --
dstpassword=password --[replscript]dstencrypt=ssl
Monitoring replication
To ensure that it is completing successfully and to troubleshoot issues, monitor
replication.
The Monitor > Activity window in the AUI enables you to view status information for
both on-demand and scheduled replication activity.
Note
Procedure
1. Register and activate the client that is the restore target with the destination
Avamar server that manages the replicated data:
a. On a Windows client, right-click the Avamar system tray icon and select
Manage > Activate Client.
The Activate Client Setup dialog box appears.
b. Type the hostname of the destination Avamar server in the Administrator
Server Address box.
c. Type 28001 in the Administrator Server Port box.
d. Type the Avamar domain for the client in the Client Domain box.
e. Click Activate.
2. In Avamar Administrator, click the Backup & Restore launcher link.
The Backup, Restore and Manage window is displayed.
3. Click the Restore tab.
The upper left pane contains a list of domains.
4. Select the REPLICATE domain, and then select the hostname of the source
Avamar server.
5. Select the domain that contains the client that is the source of the original
backup.
6. Select the client from the list.
7. Click the By Date tab or the By File/Folder tab and select the data to restore.
Note
Restoring data from a backup on page 152 provides alternate methods to find a
backup and perform a restore.
Note
ssh-agent bash
ssh-add ~admin/.ssh/admin_key
2. Stop the MCS by typing the following command:
dpnctl stop mcs
Note
When Avamar Administrator lists data from a backup as both Local and Remote, the
Avamar system always uses the local backup to restore the data. However, when
backup data that is listed as Remote is selected for validation, the Avamar system
stages and validates the referenced replica.
Replicas at Source on page 262 provides additional information about the Replicas at
Source feature.
Local repository
The C:\Program Files\EMC\Avamar Downloader Service\repository
directory on the Avamar Downloader Service computer serves as the local repository
for downloaded installation packages.
Note
Do not rename client installation packages. The Avamar push upgrade mechanisms are
incompatible with renamed packages.
The manifest.xml file in the local repository contains a list of all server, client, and
workflow packages that are currently available for download from the EMC repository.
ssh-agent bash
ssh-add ~admin/.ssh/admin_key
2. Type dpnctl status avi.
Output from the dpnctl status avi command should look similar to the
following:
Avistart process:
INFO: AVI is not running.
After the download completes, the Download button is replaced with an Install
button and a Delete button.
3. To start the installation, click Install.
The background color for the package changes to yellow and the initialization
begins. When the initialization process completes, the Installation Setup page
appears.
4. Provide installation setup information.
Some packages do not require setup information.
5. To provide advanced settings, select Show advanced settings.
6. Click Continue.
The Installation Progress page displays the status of the installation.
NOTICE
If you close the browser during the installation of a package, the installation
does not stop. To resume monitoring the installation, open a browser window
and log in to Avamar Installation Manager.
Note
Heading Description
FileName The name of the package.
Heading Description
Last Updated The date and time of the last status update.
Heading Description
Title The name of the package.
Heading Description
Last Updated The date and time of the last status update
for the package.
Details columns
The following table describes the information that appears in the Details table in the
lower right pane of the History tab.
Software/hardware Requirement
Operating system l Microsoft Windows Server 2016
l Microsoft Windows 10
l Microsoft Windows Server 2012 (64-bit
only)
l Microsoft Windows Server 2008 R2
l Microsoft Windows 8
l Microsoft Windows 7 SP1
RAM Minimum of 20 MB
Recent releases of Avamar support only TLS 1.2. Older operating systems may require
steps or updates to enable TLS 1.2. The Avamar Product Security Guide provides more
information.
To enable TLS 1.2 for Windows 7, Windows 2008 and Windows 2012, refer to the
documentation on the Microsoft Support site.
A dialog box prompts you to either run the file or save it.
7. Save the installation file to a temporary directory.
Enabling HTTPS
HTTPS functionality must be enabled on the Microsoft Windows computer hosting the
legacy Avamar Downloader Service. In some circumstances, HTTPS might already be
enabled on the computer. If not, perform the following steps on the computer.
Procedure
1. Select Control Panel > Windows Firewall > Advanced settings.
Note
To edit Avamar credentials later, open the Show Advanced Settings window
by right-clicking the task tray icon and selecting Show Advanced Settings.
5. (Optional) Specify the hostname or IP address and the port number for the
proxy server as well as Avamar credentials: Username, Password, and Confirm
Password.
Supply proxy server information to use a proxy server as an intermediary for
requests from the Avamar Downloader Service computer to the EMC repository
server. The page also allows you to select Use Authentication.
For example, use a proxy server when the Avamar Downloader Service
computer is on a private network and access to the EMC repository server is
restricted.
6. Click Next.
The Avamar Systems page appears.
7. Click Add.
The Avamar Downloader Service - Add Known System dialog box appears.
8. Specify the hostname, username, and password for an Avamar server:
a. In the Hostname box, type the IP address or hostname for the Avamar
server.
b. In the Username box, type root to specify the Linux operating system root
user.
c. In the Password and Confirm Password boxes, type the password for the
root user.
9. Click OK.
When the configuration process cannot resolve the hostname, an informational
message appears. Click Yes to add the system or No to cancel the add
operation. You can add systems with unresolvable hostnames, such as offline
systems, to the known systems list.
10. Add other Avamar servers.
11. After all Avamar servers have been added, click Next.
The Review Configuration page appears.
12. Review the configuration details, and then click Finish.
After you finish
When required, rerun the configuration wizard to edit the hostname, IP address, or
port number for a proxy server, or to edit the known systems list to add and remove
Avamar servers.
The Run Diagnosis dialog box appears, and the process to check that network
connectivity starts automatically.
2. (Optional) To stop the verification process before it completes, click Stop
System Check.
3. When the verification completes, click Close.
Authentication Failure with one or more HTTP basic authentication failure including:
“Known Systems.”
n Failed communication with the EMC
repository.
n SSL (Secure Socket Layers) handshake
failed.
n HTTP dropped connection.
n HTTP NAK (negatively acknowledged
message).
Failed file download from the EMC File transfer was aborted.
repository.
Failed file transfer to one or more known File transfer was aborted.
systems.
Connection security
To secure data transmissions between a computer and the Avamar server, a secure
connection is created using HTTPS.
This form of the HTTP protocol encrypts messages before they are sent and decrypts
them when they are received. HTTPS is used for all login transmissions and for all
transmission of data during registration and activation operations.
All trials to access the Avamar server through the UI over standard HTTP protocol are
redirected to HTTPS to prevent plain text transmissions.
ssh-agent bash
ssh-add /root/.ssh/rootid
move.queue.error.codes Sets a comma-separated list of error codes that 22271, 22280, 22282,
determine whether a move task failure is added 22295, 30006, 30012,
to the queue. A move is only added to the queue 30016, 30017, 30019
if its failure generates one of these error codes.
Use the value none to prevent all failed move
tasks from being added to the queue. Use the
value empty to add all failed move tasks to the
queue.
c. For a multi-node server, load the rootid OpenSSH key by typing the
following command:
ssh-agent bash
ssh-add /root/.ssh/rootid
Login page
The login page limits access to the Avamar Client Manager UI by requiring a username
and a password.
The login page authenticates the username and the password through comparison
with administrator accounts that are registered on the Avamar server. Avamar Client
Manager only allows access for accounts with administrator privileges on the Avamar
server that is running the Avamar Client Manager process.
After a successful login, the Avamar Client Manager UI opens to the Server Summary
section of the Overview page.
Global tools
Avamar Client Manager provides several tools that you can use with more than one
page.
Use these tools to help with the following tasks:
l Adding an Avamar server
l Removing an Avamar server
l Changing the settings for an Avamar server
l Selecting an Avamar server to work with
l Filtering a page's summary view
l Viewing context relevant details
l Exporting information from a page
l Enabling tool tips
3. In System name (or) IP, type the resolvable hostname, or IP address, of the
Avamar server.
4. In Port, type the inbound RMI port for the Avamar server.
The field appears with the default value of 9443. Leave the default value
unchanged unless a non-default port is used on the Avamar server.
5. In MCUser Password, type the password for the MCUser account on the
Avamar server.
6. Click Save.
Results
Avamar Client Manager checks the values and adds the Avamar server.
Selecting a server
Use the server selection field to display, and work with, information for a specific
server.
Before you begin
Expand the Navigation panel on the left side of the UI so that the server selection
field is visible at the top of the panel. Browse to a page that displays the server
selection field in an active, selectable, state.
Procedure
1. On the server selection field, click the arrow icon.
When the server selection field is not visible, expand the Navigation panel on
the left side of the UI. When the server selection field is not relevant to the
current page view it appears in a dimmed state, that is, it is not active and
selectable.
2. From the list of servers, select a server.
The page view refreshes. Information about the server and its tasks appears.
Filters
Avamar Client Manager offers you a wide range of filters.
Use a filter to determine which objects appear in the list on the current page. Filters
work with a variety of objects. The type of object and the available filters depend on
the page's context. In Avamar Client Manager you can filter the following types of
objects:
l Servers
l Clients
l Policies
l Groups
l Tasks
l Log entries
Filters that apply to the current context appear on the Filters bar at the top of the
page.
Searching by name
To find objects by comparing a search string to object names, use the search field.
Before you begin
Browse to a view that has one of the following search-enabled fields on the Filters
bar:
l User name
l Client name
l Group name
l Domain name
Use search to limit the list to objects with the same and similar names.
Procedure
1. Click the arrow next to the search-enabled field.
A text entry box appears.
2. In the text entry box, type a search string.
Avamar Client Manager compares the search string that you type to the names
of objects and includes matching objects on the list. Objects match when a
portion of the name contains the search string.
3. Click the magnifying glass icon.
Results
Avamar Client Manager refreshes the list and only objects with names that match the
search string appear.
Example 1 Searching by username
To include all clients that have a user with the characters "eng" in their username,
type *eng* in the text entry field.
Filters 323
Avamar Client Manager
: Colon 003A
; Semicolon 003B
, Comma 002c
~ Tilde 007E
@ Commercial At 0040
a. An exception to this exclusion permits the solidus character in the Domain Name filter on
the Policies page.
Procedure
1. On the Filters bar, click the arrow next to Activity Type.
A selection list appears, with the values: Backup and Restore.
2. Select a value.
Select Backup to include only backup tasks in the list. Select Restore to
include only restore tasks in the list.
For example, in the Idle Clients section of the Clients page, select Backup on
the Activity Type filter. Avamar Client Manager limits the list to clients without
any backup activity during the defined period.
Results
Avamar Client Manager filters the results using the activity type that you selected.
Filters 325
Avamar Client Manager
For example, select Last activity failed. Avamar Client Manager refreshes the
list and includes clients only when their most recent activity failed. The failed
activity can be either a backup or a restore.
Results
Avamar Client Manager refreshes the list. Only clients with an activity status that
matches the selected value appear on the list.
Avamar Client Manager refreshes the list. Only entries within the specified
period appear on the list.
5. (Optional) Further refine the results by repeating these steps using the other
values.
Results
Avamar Client Manager refreshes the list. Only entries within the specified period
appear on the list.
Filters 327
Avamar Client Manager
The value that you select determines which clients Avamar Client Manager
includes in the list of successful clients. Avamar Client Manager only includes
clients that match the selected activity status.
For example, select Last activity successful. Avamar Client Manager refreshes
the list and only includes the clients with a successful backup or restore.
Results
Avamar Client Manager refreshes the list. Only clients with an activity status that
matches the selected value appear on the list.
Viewing details
Use the Details panel to view context relevant details.
Before you begin
Browse to a view that includes the Details panel or Details bar on the right-side.
Procedure
1. On the right-side of the page, click the Details bar.
The Details panel expands.
2. In Summary, select an object.
The page context determines the object type. An object can be a client or a
group. You can select more than one object.
Detailed information for the selected object appears in the Details panel.
3. (Optional) When you select more than one object, use the paging controls at
the bottom of the Details panel to view information for each selected object.
Exporting data
Use export to download the selected summary as an Excel spreadsheet.
Before you begin
Browse to a page view that includes Export on the page bar.
Procedure
1. On the page bar, click Export.
Avamar Client Manager includes all information from the summary in the
exported data.
The web server pushes an Excel file containing the summary information to the
browser.
2. Save the file locally.
3. Use an application that can read the Excel-formatted spreadsheets to open the
file.
Overview
The Overview page provides access to high-level information about the management
of Avamar clients. It also provides tools for the administration of Avamar servers.
From the left-side menu of the Overview page, select:
l Server Summary
Select Server Summary to view information about the selected Avamar server, to
add an Avamar server, to remove an Avamar server, or to edit the settings for an
Avamar server.
l Dashboard
Select Dashboard to view information about the client backups for the selected
Avamar server.
Server Summary
The Server Summary section of the Overview page provides columns of information
about the Avamar servers that Avamar Client Manager manages.
Filter this information by using the filters available on the Filters bar. Change the
sorting method that is used for the list by clicking a column heading.
In each of the following columns, click a nonzero value to see a more detailed report
about that column's information:
l Active Clients
l Idle Clients
l Successful Clients
l Failed Clients
Column Description
Server Hostname or IP address of the Avamar server.
Column Description
Backups filter. Also includes the average
amount of time for those backups.
Dashboard
The Dashboard section of the Overview page provides a graphical snapshot view of a
selected server.
The dashboard provides information in panels that you can expand, collapse, or delete
to create the view you need.
Usage tips:
l Collapse or expand a panel by clicking the arrow icon in the panel's title bar.
l Return the dashboard to its default view by reloading the page in the web browser.
Client panel
The Client panel uses a pie chart to represent the total number of potential clients for
the selected server. Colors represent the percentage of the total for:
Dashboard 331
Avamar Client Manager
l Activated
Green represents the percentage of clients that the selected server has activated.
l Not activated
Red represents the percentage of clients that the selected server has registered,
but not activated.
l Free
Gray represents the percentage of unused client connections available on the
selected server.
Server panel
The Server panel provides a grid view of information about the selected server.
Column Description
Node Type Specifies the server's node type: Single or
Multi.
l Proxy
Proxy virtual machine clients. Clients that use Avamar for VMware image backup
and restore.
l vCenter
Avamar clients that protect vCenter management infrastructure by backing up
vCenter hosts.
Analyze panel
The Analyze panel uses a bar chart to represent the number of clients that are in each
of the following states during the selected period:
l Successful
Clients with at least one successful backup.
l Failed
Clients with backup activity but no successful backups.
l Idle
Clients with no backup activity.
Dashboard 333
Avamar Client Manager
On the bar chart, the x-axis represents the period that Avamar has retained the data
and the y-axis represents the number of clients.
Clients
The Clients page provides information and tools for working with Avamar clients.
From this page, you can:
l Select the computers in the enterprise's domain and add them as Avamar clients
l View detailed information about individual clients
l Move, retire, and delete clients
l Change a client's group associations
l Upgrade the Avamar software on the client
To browse between the sections of the Clients page, select from the choices in the
left-side menu.
4. (Optional) Type information in the Contact, Phone, Email, and Location fields.
5. Click OK.
Results
Avamar Client Manager adds the new domain to the selected server and the new
domain appears on the Domain Selection pane.
Creating a group
To make a new set of policies available for assignment to clients, create a group with
the policies. The Create Group command is available when adding a client to a group,
and when moving a client to a new domain or to a new server.
Before you begin
Browse to a view that includes Create Group: either the Add Groups dialog box or
the Client Move dialog box.
Procedure
1. Click Create Group.
On the Client Move dialog box, selecting a domain enables the button.
3. (Optional) Select Enable to enable scheduled backups of clients that you assign
to the group.
To disable scheduled backups of clients that you assign to the group, clear this
checkbox .
4. In Dataset, select a dataset for the group.
5. In Schedule, select a schedule for the group.
6. In Retention Policy, select a retention policy for the group.
7. Click OK.
Results
Avamar Client Manager creates the group in the selected domain.
Setting Description
Override group retention Permits you to assign to a client a retention
setting that is different from the group
setting. After selecting this option, assign a
retention setting by selecting it from the
Select an existing retention policy list.
Select an existing retention policy List of available retention settings that you
can assign to a client. To use this list, first
select Override group retention.
Disable all backups Disables all backups of the client. Users can
still restore data.
Allow file selection for client-initiated backups Permits users to select files to include in
backups that are started from the client. The
Exclude list for the group's dataset does not
apply.
Allow client to add to dataset Permits users to add folders to the datasets
of the client's groups. The following rules
apply to this setting:
l The Avamar server filters the added data
with the group's Exclude list and Include
list.
l The added data is in every scheduled and
on-demand backup for each group that is
assigned to the client.
l User must have access to the Avamar
client web UI to add folders or remove
folders.
Allow client to override daily group schedules Permits users to select a start time for
scheduled backups that is different from the
group start time. Prerequisites:
Setting Description
Allow client to override retention policy on Assigns the retention policy that is specified
client-initiated backups in Select an existing retention policy to
client-initiated backups. Prerequisites:
l Enable Override group retention.
l Enable Allow client-initiated
backups.
Results
A list of the client's backups that match the filter settings appears.
Results
The plug-ins that are installed on the client appear.
Add Clients
The Add Clients section provides information and tools to register and activate
enterprise computers as Avamar clients.
Use the Add Clients section to import information about the computers in the
enterprise. Import the information from a supported LDAP naming system or from a
CSV file.
After import, filter the information by client status and client name to help in the
selection of prospective Avamar clients.
Use Avamar Client Manager to register and activate the selected computers to an
Avamar server. Completion of the activation process requires installation of the
Avamar client software on the computers and access to Avamar client processes from
the server. The normal workflow is to install the client software on a computer before
selecting it for activation.
Before using the directory service method to obtain information about computers in a
domain, configure Avamar Client Manager to use the directory service.
The directory service method requires the following:
l TCP/IP access to the directory service from the server that is running Avamar
Client Manager.
l Account information for a user account with read access to the directory service.
l The name of the directory service domain for the computers that you want to
import.
You can use the output that a Systems management tool generates during installation
of the Avamar client software a group of computers to create the CSV file. However,
only those clients with the Avamar client software successfully installed appear in
Avamar Client Manager.
During the upload of a CSV file, Avamar Client Manager checks the file for correct
formatting, and cancels the upload when it finds a problem.
Hostname,Group
User1-desktop.Acme.corp.com,acme.corp/USA/MA
User1-laptop.Acme.corp.com,acme.corp/USA/CA/SFO
User2-desktop.Acme.corp.com,acme.corp/Engineering
User3-desktop.Acme.corp.com,
User4-desktop.Acme.corp.com,
The first line lists the literal names of each type of value.
The second line contains the hostname User1-desktop.Acme.corp.com, the
separating comma, and the group acme.corp/USA/MA.
The third line contains the hostname User1-laptop.Acme.corp.com, the
separating comma, and the group acme.corp/USA/CA/SFO.
The fourth line contains the hostname User2-desktop.Acme.corp.com, the
separating comma, and the group acme.corp/Engineering.
The fifth and sixth lines contain only the hostnames User3-
desktop.Acme.corp.com and User4-desktop.Acme.corp.com, each followed
by a comma. The formatting rules require a comma, even without a group. The lines do
not list groups, so both hostnames appear at the root level of the hierarchical display.
Figure 16 View after uploading the example CSV file
Activation
Activation consists of changing the relationship between a computer and an Avamar
server to enable the server to manage backups of the computer.
The relationship moves through the three states that are shown in the following table.
State Description
No relationship The computer is unknown to the server. Computers in this state
appear in Add Clients, when you first add the computer information
to Avamar Client Manager.
Registered Avamar Client Manager added the information about the computer to
the Avamar server's database. Computers in this state appear in
Registered Clients after Avamar Client Manager starts the
activation process and completes registration with the Avamar server.
The changed state of these computers also appears in Add Clients.
Activated The computer has Avamar client software that is installed and
running. The client software and the server are in communication and
have exchanged an encrypted key to verify their identities. Computers
in this state appear in Activated Clients after activation is
complete. The changed state of these computers also appears in Add
Clients and Registered Clients.
Avamar Client Manager assigns the computers to the selected group or groups
during activation.
8. Click Finish.
Results
Avamar Client Manager sends the activation task to the queue.
After you finish
To determine the status of the activation process, Check the Activation section of
the Queues page. After the process completes, check the Activation section of the
Logs page to determine its final status.
Registered Clients
Clients that an Avamar server has registered but not activated appear in the
Registered Clients section.
Use the Registered Clients section to select clients and perform the following client-
related tasks:
l Activate
l Delete
l Associate with groups
l View and edit details
l Add and remove group override settings
Activated Clients
Clients that are activated with the selected Avamar server appear in the Activated
Clients section.
Use the Activated Clients section to perform the following tasks:
l Move client to a different server
l Move client to a different Avamar domain
l Retire a client
l Delete a client
l Manage a client's group associations
l View and edit a client's details
l Add and remove group override settings
Option Description
All Replicate all the client's backups to the target server.
Last Replicate only the last backup.
None Replicate none of the backups.
8. Click OK.
Results
In a background process, Avamar Client Manager moves the client to the selected
target.
Retiring a client
To stop backups of an Avamar client, retire the Avamar client. Avamar Client Manager
retains backups that exist at the time of retirement so that you can restore data when
necessary.
Procedure
1. On the left-side menu, click Clients > Activated Clients.
2. Select a client.
You can select more than one client. The retention policy setting you select
applies to all selected clients.
3. On the Actions bar, click Retire.
The Retire Client dialog box appears.
4. In Select Retention Policy, select one of the options.
Option Description
Retire client and retain backups The Avamar server retains the backups for
with existing expiration date the existing retention period
Retire client and retain all The Avamar server retains the backups until
backups indefinitely you manually delete them
Retire client and reset backup The Avamar server retains the backups until
expiration date the date set in New Expiration Date
5. If you select Retire client and reset backup expiration date in the previous
step then, in New Expiration Date, select a date.
The Confirm dialog box appears.
6. Click Yes.
The Alert dialog box appears.
7. Click OK.
Results
In a background process, Avamar Client Manager retires the selected client.
Failed Clients
Clients that have unsuccessful backup or restore activity appear in the Failed Clients
section.
Use the Failed Clients section to perform the following tasks:
l Delete a client
l Manage a client's group associations
l View and edit a client's details
l Add and remove group override settings
When working with failed clients, use the filters that are described in the following
table.
Filter Description
Period Specifies the period that Avamar Client
Manager examines.
Idle Clients
Activated Avamar clients that do not have any activity during a specified period
appear in the Idle Clients section.
When working with idle clients, use the Period filter to specify the period that Avamar
Client Manager examines for activity, and the Activity Type filter to specify the type
of activity.
Use the Idle Clients section to perform the following tasks:
l Delete a client
l Manage a client's group associations
l View and edit a client's details
l Add and remove group override settings
Upgrade Clients
The Upgrade Clients section provides information and tools you can use to apply
upgrades and hot fixes to Avamar clients.
Use the Upgrade Clients section to perform the following tasks:
l Download an upgrade package to a server
l Select an upgrade package
l Apply the package to selected clients
l Remove an upgrade package from a server
Note
l Install, configure, and run the Avamar Downloader Service. The Avamar
Downloader Service obtains the client packages and plug-in packages that the
upgrade feature requires. This service pulls the packages and pushes them onto
the Avamar data server subsystem (GSAN). After the packages are updated in
GSAN, the packages appear in the Avamar Client Manager Select Package
window, and upgrades can be performed.
Results
Avamar Client Manager begins the download. A progress bar appears. After the
download finishes, Avamar Client Manager updates the package status, in sequence,
to each of the following values: Waiting, Processing, and Ready.
NOTICE
Procedure
1. From the list of Avamar clients that are eligible for the upgrade or the hotfix,
select a client.
You can select more than one client.
2. On the Actions bar, click Upgrade.
Results
Avamar Client Manager starts upgrading the selected clients. The upgrade runs in the
background.
Policies
The Policies page provides access to group policy tasks and information.
The Policies page includes a summary of each group policy on the selected Avamar
server.
Use the Policies page to perform the following tasks:
l Add clients to a group
l Remove clients from a group
l View the details of a group's dataset policy, retention policy, and schedule policy
6. Click Add.
Results
Avamar Client Manager adds the clients to the group.
Results
The retention policy details for the selected group appear in a dialog box.
Queues
The Queues page provides access to the Avamar Client Manager activity queues.
The Queues page provides a summary view of active and pending Avamar Client
Manager tasks for the selected Avamar server. Tasks appear in separate sections that
are based on the type of task.
Delete Queues > Delete View active and pending tasks that are related
to the removal of clients from Avamar
servers.
Move Queues > Move View active and pending tasks that are related
to moving clients from one Avamar server to
another
Retire Queues > Retire View active and pending tasks that are related
to retiring Avamar clients.
Upgrade Queues > Upgrade View active and pending tasks that are related
to upgrading the software on Avamar clients.
Canceling a task
To prevent it from running, cancel a pending task.
You can stop a task from running by canceling it while it is in the pending state.
Procedure
1. On the left-side menu, click Queues > task_queue, where task_queue is the
Queues page section for the type of task you are canceling.
For example to cancel a client activation, click Queues > Activation.
2. Select a task.
3. Click Cancel.
A confirmation dialog box appears.
4. Click OK.
Results
Avamar Client Manager removes the task from the queue, cancels the task, and adds
an entry to the log.
Logs
The Logs page provides access to the Avamar Client Manager logs.
The Logs page provides a summary view of Avamar Client Manager logs. Log entries
appear in separate sections that are based on the type of task that generated the
entry.
Delete Logs > Delete View log entries that are related to the
removal of clients from Avamar servers.
Move Logs > Move View log entries that are related to moving
clients from one Avamar server to another.
Retire Logs > Retire View log entries that are related to retiring
Avamar clients.
Upgrade Logs > Upgrade View log entries that are related to upgrading
the software on Avamar clients.
l Activation
Click Logs > Activation to view log entries that are related to client activation.
l Delete
Click Logs > Delete to view log entries that are related to the removal of clients
from Avamar servers.
l Move
Click Logs > Move to view log entries that are related to moving clients from one
Avamar server to another.
l Retire
Click Logs > Retire to view log entries that are related to retiring Avamar clients.
l Upgrade
Click Logs > Upgrade to view log entries that are related to upgrading the
software on Avamar clients.
Use the Logs page to perform the following tasks:
Logs 355
Avamar Client Manager
You can also allow users to add folders to the source data defined by the groups to
which a client belongs. The folders are included in both on-demand and scheduled
backups for the client.
Restore
Users can search for or browse to folders, files, and file versions to either the original
location or to a new location on the same computer. Users can restore data with the
same name or a new name.
When users restore data to the original location with the same name, the restore
process overwrites any current local file versions with the restored files. This type of
restore is useful in situations where the current local versions contain errors or have
data corruption issues.
To avoid overwriting the current local file versions, users can restore to a new
location, restore with a new name, or both.
Domain users can restore files from any Windows or Mac computer on which they
have a user profile to the Windows or Mac computer to which they are logged in.
If large restore tasks are impacting network performance, you can specify a limit for
the amount of data that users are allowed to restore.
Users are allowed to begin with only one restore task at a time. Additional requests are
blocked and a message appears to the user. You can change this behavior to allow
users to start multiple restore tasks.
Activity history
The History page in the web UI provides a 14-day history of the status of restore and
backup tasks for a client computer, as well as listings of the folders and files backed
up during that period. If you are a domain user with a user profile on the source
computer, then you can view the activity history for the source computer from a
different computer.
Category Requirement
CPU 1 GHz
RAM 1 GB
Note
Browsers used with the Avamar software must support TLS 1.2 encryption.
Use one of the environment variables in the following table to launch the web browser.
Table 112 Environment variables for launching a web browser in Avamar Desktop/Laptop
GNOME gnome-open
Others BROWSER
Network requirements
The network in an Avamar Desktop/Laptop environment must meet the requirements
in the following table.
Category Requirement
Protocol TCP/IP.
management tool can remotely push install the software on large numbers of
computers in a short amount of time.
A systems management tool can often generate a list of the computers where the
software is successfully installed. You can use this list in Avamar Client Manager to
register and activate computers.
You can install the Avamar Client for Windows by using several silent install options.
NOTICE
Do not rename client installation packages. The Avamar push upgrade mechanisms are
incompatible with renamed packages.
Argument Description
"path_to_MSI_pkg" Specifies the full path to the location of the
installer package relative to the root of the
computer file system.
2. Configure the systems management tool to copy the correct installer package
to each computer.
3. Designate the computers on which to install the software.
4. Provide the installation launch command:
/usr/sbin/installer -pkg "path_to_install_pkg" -target
install_location
where path_to_install_pkg is the full path to the location of the installer
package relative to the root of the computer file system, and install_location is
the location in which to install the software. Normally, install_location is the
root (/), but any local volume is allowed.
l To delete the backups for the client, delete the client by using Avamar
Administrator.
Retire or delete the client either before or after you uninstall the Avamar client
software.
Uninstall on Windows
Procedure
1. Open the Windows Add or Remove Programs or Programs and Features
applet.
2. In the list of currently installed programs, select Avamar for Windows.
3. Click Remove.
A confirmation message appears.
4. Click Yes.
Uninstall on Macintosh
Procedure
1. Open a Terminal (shell) session.
2. Log in as an administrator.
The uninstall command requires root (super-user) permissions. The sudo
command is used to run the command with root permissions. An administrator
account or another account that is listed in sudoers is what sudo requires.
3. Run the uninstall script by typing the following command:
sudo /usr/local/avamar/bin/avuninstall.sh
Pass-through authentication
Pass-through authentication uses encrypted channels to access user credentials from
a client computer and associate the credentials with file ownership properties. The
client computer operating system obtains the user credentials during login to the
computer or through common access card (CAC) technology.
Avamar Desktop/Laptop performs pass-through authentication transparently. Users
can back up and restore files without viewing the Avamar Desktop/Laptop login
screen.
Avamar Desktop/Laptop enables pass-through authentication by default. It is limited
to users on Windows computers and Mac computers. Also, Windows users with local
administrator privileges can restore files that anyone owns on the computer without
additional login.
Pass-through authentication is supported with LDAP authentication.
Note
Enabling local user access applies to all clients and backups that are associated with
the server. Before you enable local user access, carefully consider its security
implications within the context of the organization. Local user authentication is
inherently less secure than domain authentication.
LDAP authentication
Configure Avamar Desktop/Laptop to use a supported LDAP directory service to
authenticate users by using the directory service user names and passwords.
The authentication process uses Kerberos in a Simple Authentication and Security
Layer (SASL) Bind by default. Alternatively, configure the authentication process to
use plaintext in a Simple Bind. Only SASL Bind is supported with pass-through
authentication. Plaintext Simple Bind is not compatible with pass-through
authentication.
With LDAP authentication, users log in to the client computer with a domain account
authenticated through a domain directory service. To use a local account, enable local
user access.
To increase the security of user data, Avamar Desktop/Laptop obtains the domain
username of a Windows user or Mac user from the client computer and displays it in a
read-only field on the Avamar Desktop/Laptop login screen.
Note
Do not use the root account on a Mac to restore files from backups.
cbc-md5
default_tkt_enctypes = des3-cbc-sha1-kd des-cbc-crc des-
cbc-md5
6. Click Save.
7. Click Close.
Avamar authentication
You can configure Avamar Desktop/Laptop to authenticate users by using Avamar
authentication, which uses internal Avamar domain information.
Avamar authentication works with users who authenticate at the Avamar root level,
Avamar domain levels, or Avamar subdomain levels. The mechanism first checks at the
subdomain level. If the username is found at that level, then authentication proceeds.
If the username is not found, then the next level is checked. This step continues until
the username is found, or the Avamar root is reached without finding the username.
For example, if the login computer 123abc.example.com is activated with the /
clients/mountain Avamar subdomain, then the mechanism checks the Avamar
system in the following order until the username is found:
1. /clients/mountain (activation subdomain)
2. /clients (next level up)
3. / (root)
With Avamar authentication, client computers must have a static, resolvable, fully
qualified domain name. In addition, users must have a local or domain login account for
the client computer and an account on the Avamar domain that is associated with the
client computer.
Avamar Desktop/Laptop applies the role that is assigned to the Avamar user account
when it grants access to the account through Avamar authentication. Users can
perform only those operations that their role allows to. The one exception is that users
with the Restore only operator role can launch a backup from Avamar Desktop/
Laptop.
where domain1, domain2, and domain3 are Avamar domain names that are
combined in a comma-separated list. Each domain name must begin with the
root path designator: /.
Mixed authentication
You can use multiple authentication methods in the same environment.
The authentication process occurs in the following order when you enable multiple
authentication methods:
1. Users on a client in an Avamar domain are authenticated by using Avamar
authentication.
2. Users who are not logged in to a client in an Avamar domain are authenticated by
using pass-through authentication.
3. When mixed authentication is enabled and LDAP is configured, authenticates
users, who are not logged in to a client assigned to a specified Avamar domain,
through LDAP.
Client UI
The client local user interface (client UI) is installed on the client computer when you
install either the Avamar Client for Windows or the Avamar Client for Mac OS X. With
the client UI, an Avamar icon appears in the notification area ("system tray") on
Windows computers or on the menu bar on Mac computers. Right-click the icon on
Windows or click the icon on Mac to open the client menu, which provides access to
backup, restore, program settings, and logs.
The following table lists the functionality that is available in the client UI.
Settings > Show Backup Reminder (days) Controls when a backup reminder appears to
remind you that the computer has not been
backed up for a period of time between one
and seven days. You can also disable the
reminder by selecting Never.
Settings > Show Progress Bar Controls whether the Progress window
appears during a backup. You can cancel,
pause, or view logs for a backup from the
Progress window.
Settings > Show Balloon Messages Controls whether system status balloon
messages appear near the Avamar icon on
supported Windows computers.
Manage > Activate Client Activates the client, which provides a unique
ID for the client and links the client to a
specific Avamar server.
Manage > View Console Opens the client console, which provides
access to local status records for tasks, the
Agent Log, the Console Log, and the Work
Order Log.
Manage > Create ZIP File of Logs Creates a ZIP file of logs required by
administrators to diagnose backup and restore
problems.
(Mac only) Client Agent Tasks Stops or restarts the backup agent process.
Web UI
Use the web browser user interface (web UI) to start an on-demand backup or
restore, view backup and restore activity for a client computer, or configure other
backup settings for a client computer.
The following table describes the main elements of the web UI.
Element Description
Avamar Desktop/Laptop logo You can replace the Avamar logo and the
Desktop/Laptop logo in the upper left corner
of the web UI to rebrand the web UI.
Web UI 371
Avamar Desktop/Laptop
Element Description
perform an on-demand backup of the client by
using the group policies for the groups to
which the client is assigned. When the Add
Data button is enabled on the Backup page,
users can add folders to the group datasets
for scheduled and on-demand backups.
Status bar Displays the date and time of the last and next
scheduled backup, as well as the outcome of
the last backup. The status bar displays
information for the most recent 14 days.
When the last backup was more than 14 days
in the past, the status bar displays the
message No backups found. However,
if the retention policy assigned to the group
for the client is more than 14 days, you may
still see files on the Browse and Search
pages.
l Restore is only allowed for users with local administrator rights on the computer.
Non-administrator users cannot restore any files, including those that they own
locally on a server-class computer.
l Restore data size limits are not enforced.
Procedure
1. Create two replacement graphics that are named ProductNameAvamar.png
and ProductNameDTLT.png.
The replacement graphics must meet the following requirements:
l The file format must be Portable Network Graphic (.png).
l The background must be transparent so that the background gradient is
visible behind the graphic text and images.
l ProductNameAvamar.png Must be 97 pixels wide and 18 pixels tall.
l ProductNameDTLT.png Must be 128 pixels wide and 18 pixels tall.
c. For a multi-node server, load the rootid OpenSSH key by typing the
following command:
Web UI 373
Avamar Desktop/Laptop
ssh-agent bash
ssh-add /root/.ssh/rootid
4. Make backup copies of the original graphics by typing the following commands:
cp ProductNameAvamar.png ProductNameAvamar.png_orig
cp ProductNameDTLT.png ProductNameDTLT.png_orig
c. Find the HTTPS port listening directive and change Listen 443 to
Listen n, where n is the initial contact port number.
ssh-agent bash
ssh-add ~admin/.ssh/admin_key
2. Stop the MCS by typing the following command:
dpnctl stop mcs
Web UI 375
Avamar Desktop/Laptop
After the applet loads, the web page is automatically refreshed to allow the Avamar
client web UI to use the applet. The user must restart the task after the page is
refreshed.
To force clients to use the alternate file browsing method, add the
useAppletToBrowseLocalFile property to the dtlt.properties file on the
Avamar server, and set the value to true.
Table 117 Descriptions of methods for starting an Avamar Desktop/Laptop client backup
Single-click Avamar server queues a backup of l Add data The dataset for each group that is
the client when a user clicks Back associated with the computer, or
Up Now on the client. the dataset that is assigned to the
computer. When Add Data is
enabled, the dataset also includes
folders that the user has added.
Interactive User clicks Back Up and the web l Add data The dataset of the group that the
UI appears. User selects from user selects from the groups that
l On-demand backup are assigned to the client. When
available start and data options and
set
clicks Back Up Now on the Add Data is enabled, the dataset
Backup page. Avamar server adds also includes folders that the user
the backup to the backup queue on has added. When Select Now (on-
the Avamar server. demand backup set option) is
enabled and clicked, the dataset
only includes the files and folders
that the user selects.
Scheduled backups
Perform scheduled backups of Avamar Desktop/Laptop client computers the same
way that you back up other Avamar client computers in the environment. Create
datasets, schedules, retention policies, and groups for the backups by using Avamar
Administrator.
Users see the groups that are associated with an Avamar Desktop/Laptop client on
the Backup page in the web UI.
The next scheduled backup time for each group that is associated with an Avamar
Desktop/Laptop client also appears on the Backup page. The group's policy normally
determines the schedule start time for that group's backups. For individual Avamar
Desktop/Laptop clients, you can permit users to select a different start time for their
client's scheduled backups.
Note
The Override Daily Schedule displays time values using the time zone of the
Avamar server. Avamar Desktop/Laptop uses the time zone of the client when
displaying the times that appear on the Backup page.
Single-click backups
Users can start an on-demand backup on an Avamar Desktop/Laptop client computer
by a single click on the Back Up Now button on the client menu or on the backup
reminder dialog box.
The data that is included in a single-click backup depends on the operating system of
the client computer. The following table describes the data that is included for specific
operating systems. When the Add data option is enabled, Avamar Desktop/Laptop also
adds user selected folders to the data included in the backup.
l Windows Server
l Mac OS X Server
Interactive backups
Interactive backups allow users to select a backup group that is associated with the
client and back up the client by using the group's settings. When on-demand backup
sets are enabled, interactive backups also allow users to choose instead to back up
only selected files and folders.
Group selection
To perform an interactive backup of a single group:
1. Select Back Up... on the Client menu.
2. Select the backup group on the Backup page in the Web UI.
3. Click Back Up Now.
When a user runs an interactive backup of a group, all policies that are associated with
the selected group apply to the backup.
An interactive backup of a group differs from a single-click backup because in an
interactive backup of a group only the selected group is backed up.
File and folder selection
To allow users to back up selected files on an Avamar Desktop/Laptop client without
regard for the group policies that are assigned to the client, enable on-demand backup
sets. After enabling on-demand backup sets, users on Windows, Mac, and Linux
computers that are Avamar Desktop/Laptop clients can create sets of folders and files
to back up through on-demand backups. Users can create multiple sets, save the sets
for reuse, and send a backup that is based on a set to the backup queue of the Avamar
server.
On-demand backup sets do not change the data that is backed up according to the
group policies that are assigned to the Avamar Desktop/Laptop client.
The Avamar server can be configured to limit the number of on-demand backup set
backups that can be started from an Avamar Desktop/Laptop client.
To store backup data to the Data Domain, consider the following information:
l If a Data Domain system has been configured for the Avamar server, on-demand
backups go to the GSAN.
l If a single Data Domain system has been configured for the Avamar server, on-
demand backups go to the Data Domain.
l If there are multiple Data Domain systems configured for the Avamar server, on-
demand backups are sent to the Data Domain, which has more available space.
Value Description
false There is no limit on the number of on-demand
backup set backups that can successfully run
in a day. No limit is the default setting.
The specified value applies to all clients activated on the Avamar server. All
successfully completed backups for all users on an Avamar Desktop/Laptop client
computer count toward the total number of backups allowed each day.
Note
This limit applies only to backups that are based on a user-created on-demand backup
set.
d. Click OK.
Restore types
Avamar Desktop/Laptop users can restore data to the original location or to a new
location on the same computer. Users can restore data with the same name or a new
name.
When users restore data to the original location with the same name, the restore
process overwrites any current local file versions with the restored files. This type of
restore is useful in situations where the current local versions contain errors or have
data corruption issues.
To avoid overwriting the current local file versions, users can restore to a new
location, restore with a new name, or both.
Domain users can restore files from any Windows or Mac computer on which they
have a user profile to the Windows or Mac computer to which they are logged in. You
can disable restore from a different computer by setting the value of the
disableRestoreFromAlternateComputer property in the dtlt.properties
file on the Avamar server to true. This is a global property that affects all clients.
Restore requirements
To restore from a different computer before you perform a restore, review the
permissions requirements and the requirements.
Restore permissions
The data that users can browse to, search for, and restore depends on user login
account permissions.
When users search or browse for data to restore, the results that appear are filtered
based on the current login credentials and the data that has been backed up from the
client computer. The following table provides details on the filtering.
Files Displays all files that the Displays all files that the
logged in user owns. logged in user owns.
When users browse for data to restore, the following actions happen:
l A folder that a user does not have ownership rights for appears on the file system
path for a folder or file for which the user has ownership rights. This option helps
to provide a more accurate representation of the file system on the computer.
l A dimmed checkbox appears next to the folders. The folders are not restored
when you restore a folder or file that includes them in its path.
Users can restore data only if their login credentials grant operating system Write
permission for the restore location. To restore data that has the same path and name
as data on the client computer, the login credentials must authenticate the user as the
owner of the existing data before the restore proceeds.
To restore files on Windows, the login account must have the Restore files and
directories user right in Local Security. This user right is assigned by default to
accounts that are members of either the Administrators or Backup Operators groups.
Assign the right to an account that is not a member of either of these groups, or of
another group that includes this user right, before a user can use the account to
restore data.
Table 121 Requirements to restore from a different computer with Avamar Desktop/Laptop
Category Requirement
Operating system l Windows operating system
l Mac operating system
Note
Note
Avamar server Both source and target are activated with the
same Avamar server and the server is running
Avamar 7.0 or later.
By default, users with local administrator rights on a Windows source computer at the
time of a backup can restore any file from that source computer to a target computer,
regardless of file ownership. You can change this behavior to restrict their access to
only files that they own. To restrict file access for Windows administrators, change
the value of the checkAlternateComputerOwnership property in the
dtlt.properties file on the Avamar server to true.
Restore limits
You can limit the amount of data in a single restore task and the number of concurrent
restore tasks for a client computer.
Restore data size limit
Avamar client users do not normally have a limit on the amount of data that is restored
in a single task. This default setting enables a user to restore an entire backup in a
single task. Large restore tasks can cause undesirable load on the network. Set a
restore data size limit to control the network load that these large restore tasks cause.
When you set a limit, individual users cannot restore more than the limit in any one
restore task. Users must restore files that exceed the limit in multiple tasks that do not
exceed the limit, or an administrator must perform the restore.
NOTICE
By design, the restore data size limit does not apply to server-class clients (those
clients with a very large backup data set).
To specify a restore data size limit, uncomment the limitRestoreSize key in the
dtlt.properties file on the Avamar server, and set the value to the data size limit
in MB.
Restore queue limit
The Avamar client web UI minimizes network and server load by blocking restore
requests for clients that already have a restore task in the queue. Users who start a
new restore while one task is pending receive a message that the request is blocked.
After the pending task is complete, users can begin with a new restore task. You can
change this behavior to allow users to start multiple restore tasks. The change applies
to all clients of the Avamar server.
To remove the restore queue limit, change the value of the
disallowMultipleRestores property in the dtlt.properties file on the
Avamar server to false.
c. For a multi-node server, load the rootid OpenSSH key by typing the
following command:
ssh-agent bash
ssh-add /root/.ssh/rootid
Parameter Description
allowLocalUsers Enables and disables local user access for pass-through
authentication. Uncomment the parameter by removing the #
in front of the parameter, and then set the value to true to
enable local user access for pass-through authentication. Use
the default value of false to disable local user access for
pass-through authentication.
Parameter Description
Administrator, and then set the value of the
allowUserInititedBackupsFileSelection parameter
to true. Use the default value of false to disable selectable
backup sets.
disallowMultipleRestores Controls whether users can start multiple restore tasks for a
client computer simultaneously. Specify false to allow
multiple simultaneous restores, or use the default value of
true to prevent multiple simultaneous restores.
These logs are accessible through the client UI, and also can be accessed directly.
Log locations on Windows computers
On Windows computers the logs are available through the paths in the following table.
Log Path
Workorder %SystemDrive%\Program Files\avs
\var\clientlogs\
Console %APPDATA%\Avamar\
Log Path
Workorder /usr/local/avamar/clientlogs
Agent /var/avamar/
Note
Note
When you use instant access, do not leave the virtual machine running on the Data
Domain system for extended periods. When the virtual machine runs on the Data
Domain system, performance might degrade because of the workflow.
You can also restore a virtual machine to the production environment instead of using
instant access. The Avamar software leverages Changed Block Tracking (CBT) to
dramatically speed the recovery process.
The Avamar for VMware User Guide provides details on instant access and restore of
image backups.
Cloud tier
When you store Avamar backup data on a Data Domain system, you can also configure
the backups to be tiered to the cloud.
Data Domain Cloud Tier support was initiated with Avamar 7.4. DD Cloud Tier moves
data from Data Domain to the cloud. From the Avamar Administrator, you can
configure cloud tier to move Avamar backups from Data Domain to the cloud, and can
perform seamless recovery of these backups.
Data Domain Cloud Tier disaster recovery support was initiated with Avamar 7.5. You
can recover backups from the cloud in case of the loss of a Data Domain and you can
also recover an Avamar server from the cloud.
The Avamar and Data Domain System Integration Guide provides more information about
cloud tier with Data Domain.
Contact Avamar Professional Service representatives for assistance with rolling back
the Avamar server to a checkpoint on a Data Domain system.
l Data transfer during replication is between the Data Domain systems, without
intermediate staging
l Replication uses DD Boost to copy backups and to write replicas
l Requires a Data Domain replication license
l Does not use Data Domain replication
l Replication is configured and monitored on the Avamar server
l Replication task scheduling uses Avamar replication schedules only
l Data Domain administration tools are not used
Note
Backup enforcement does not affect the normal practices for storing and replicating
maintenance backups of the Avamar server, such as data from the MCS.
Note
Data Domain device type Avamar supports any Data Domain system
that supports the execution of the required
DD OS version.
Data Domain File System Enable Data Domain File System by using
either the Data Domain System Manager or
CLI. After you enable file system operations, it
may take up to 10 minutes before Avamar
Administrator correctly reflects the status of
the Data Domain system. The time delay is
increased slightly when the Data Domain
system is using the DD Extended Retention
option. Do not perform backups, restores, or
system maintenance operations until the
status appears correctly in Avamar
Administrator. Otherwise, backups, restores,
or system maintenance operations may fail.
Capacity requirements
Carefully assess backup storage needs when evaluating how much data to store on
the Data Domain system and the Avamar server. Add estimates from data that is sent
to the Data Domain system from any other servers.
When the Data Domain system reaches its maximum storage capacity, no further
backups to the Data Domain system occur until additional capacity is added or old
backups are deleted.
Network requirements
The Avamar server and all Data Domain systems must be on the same local network.
Do not connect the Avamar server and Data Domain systems over a Wide Area
Network (WAN). Configurations that use a WAN are not supported.
You can use Avamar replication over a WAN to replicate data from source Avamar
servers and Data Domain systems to target Avamar servers and Data Domain systems.
Before integrating a Data Domain system with an Avamar server, ensure that enough
network bandwidth is available. Verify that the network infrastructure provides more
bandwidth than the bandwidth required by the maximum throughput of the Data
Domain system. This step is to obtain the maximum throughput available on a Data
Domain system (for restores, level zero backups, and subsequent incremental backups
after a level-zero backup).
The network configuration must also meet the following requirements:
l Assign a Fully Qualified Domain Name (FQDN) to each Data Domain system.
l Do not use IP addresses in place of hostnames when registering a Data Domain
system. This action can limit the ability to route optimized duplication traffic
exclusively through a registered interface.
l Ensure that DNS on the Data Domain system is correctly configured.
l Ensure that forward and reverse DNS lookups work between the Avamar server,
the Data Domain system, and all backup and restore clients.
l Use Hosts files to resolve hostnames to non-routable IP addresses.
l Do not create secondary hostnames to associate with alternate or local IP
interfaces.
NTP requirements
The Avamar server, the Data Domain system, and all Avamar clients must use the
same Network Time Protocol(NTP) server.
Additional configuration settings when adding a Data Domain to the 8TB or 16 TB AVE
Before adding a Data Domain system to the 8 TB or 16 TB Avamar Virtual Edition
(AVE), it is recommended to modify the following Avamar GSAN settings in order to
improve system performance.
l avmaint config maxcompdatastripe=20971520 --avamaronly
l avmaint config checkdiratomicrefs=true --avamaronly
2. Create the DD Boost user account with administrator privileges by typing the
following command:
user add username role admin
where username is the username for the new account.
3. Set the new account as the DD Boost user by typing the following command:
ddboost set user-name username
where username is the username for the account.
4. Enable DD Boost to allow the changes to take effect by typing the following
command:
ddboost enable
Note
b. In the DDBoost User Name box, type the username of the DD Boost
account for Avamar to access the Data Domain system for backups,
restores, and replication.
c. In the Password box, type the password for the account that Avamar uses
to access the Data Domain system for backups, restores, and replication.
d. In the Verify Password box, type the password again for verification.
e. If you have more than one Data Domain system that is associated with
Avamar, you can specify one Data Domain system to be the default
replication storage. Select Use system as default replication storage if
this system is the default replication storage.
f. To store checkpoints for a single-node Avamar server or Avamar Virtual
Edition (AVE) server on the Data Domain system instead of the Avamar
server, select the Use as target for Avamar Checkpoint Backups
checkbox.
g. Select the Use certificate authentication for REST communication
checkbox to enable Avamar to use certificate-based authentication while
performing an operation with Data Domain system using REST-based
communication.
Note
h. To view the maximum number of streams that the Data Domain system
supports, click Verify.
i. Specify the maximum number of streams that Avamar can use at any one
time to perform backups and restores:
l To specify a defined number of streams, type the number in the Max
used by Avamar box.
l To specify a maximum number of streams which are based on the
percentage of the total number of supported streams:
a. Type the percentage in the Max used by Avamar box.
b. Select the As percentage of the max limit checkbox.
Consider both the maximum number of streams that the Data Domain
system supports, as well as whether other applications are using streams to
send data to and receive data from the Data Domain system.
If the writing to and reading from the Data Domain system use all available
streams, then Avamar queues backup or restore requests until one or more
streams become available.
8. Click OK.
A progress message appears.
9. When the operation completes, click Close.
Results
When you add a Data Domain system to the Avamar configuration, Avamar creates an
MTree on the Data Domain system for the Avamar server. The MTree refers to the
directory created within the DD Boost path. Data Domain systems support a maximum
of 100 MTrees. If you reach the limit, you cannot add the Data Domain system to the
Avamar configuration.
User accounts
The following user accounts are commonly used for system administration and
maintenance tasks:
l root
l admin
The admin account requires authentication by Secure Shell (SSH).
Note
Cryptographic changes in Avamar 7.5.1 require the use of PuTTY 0.7 or later, and
WinSCP 5.11.1 (build 7725) or later.
Procedure
l To start a command shell session on a single-node server, open a command shell
and log in to the server as admin.
l To start a command shell session on a multi-node server:
a. Open a command shell and log in to the utility node as admin.
b. Load the admin OpenSSH key by typing the following commands:
ssh-agent bash
ssh-add ~admin/.ssh/admin_key
ssh-agent bash
ssh-add ~admin/.ssh/admin_key
Note
To determine the active user account (login ID) of a shell session, type whoami.
Using sudo
On Gen4 and later Avamar Data Stores, the admin user accounts are automatically
added to the sudoers file. This option enables admin users to run a limited set of
commands that would otherwise require operating system root permission.
NOTICE
The Avamar software does not check or validate the information that is typed in the
Show Free Form section of the More Options pane. The values in the Key and Value
fields override settings that are specified with the GUI controls for the options.
Backup options
The backup options that appear depend on the type of plug-in.
This section describes the backup options for the following plug-ins:
l AIX file system
l FreeBSD file system
l HP-UX file system
l Linux file system
l Macintosh file system
l NetWare file system
l SCO OpenServer file system
Backup options for the Avamar Plug-in for Microsoft Windows are available in the
Avamar for Windows Server User Guide. Backup options for application plug-ins, such as
SQL Server and SharePoint VSS, are available in the user guide for the plug-in.
The following tables describe the options that are available when performing an on-
demand backup or when configuring a dataset for scheduled backups for the listed file
system plug-ins.
Option Description
Store backup on Data Domain Stores the backup on a configured Data Domain system
system instead of on the Avamar server. To store the backup on a
Data Domain system, select the checkbox and then select the
Data Domain system from the list.
Encryption method to Data Specifies the encryption method for data transfer between
Domain system the client and the Data Domain system.
Table 129 Backup plug-in options for (NetWare only) SMS Authentication
Option Description
Server login ID Specifies the SMS login username. For example,
CN=admin.O=HOSTNAME_CTX.
Server password Specifies the password for the SMS login username.
Option Description
List backup contents Specifies how much information about the backup contents to
include in the log files. The information includes:
l No file listing
l List file names
l List files and dates
Informational message level Specifies how many informational messages to include in the
log files. This option includes:
l No informationals—Suppresses all informational
messages, but includes errors and warnings in the log
files.
l Some informationals—Includes some informational
messages in the log files.
l Many informationals—Includes additional status
information in the log files.
l All informationals—Provides maximum information.
Includes all informational messages, errors, and warnings
in the log files.
Report advanced statistics Specifies whether to write advanced timing and deduplication
statistics to the log files.
Enable debugging messages Specifies whether to write maximum information to log files,
which creates large log files.
Option Description
Do not traverse any mounts Specifies whether to traverse mount points during the backup.
Traverse fixed-disk mounts Specifies whether to traverse only hard disk file system mount
during the backup.
Traverse fixed-disk and Specifies whether to traverse both hard disk and NFS network
remote network mounts mount points during the backup.
Force traversal of specified Accepts a comma-separated list of one or more file system
file system type(s) types (for example, nfs, ext2, jfs, xfs) that should not be
traversed during this backup.
Option Description
Run user-defined script at Runs a user-defined script at the beginning of the backup
beginning of backup session. The script must be located in /usr/local/
avamar/etc/scripts.
Abort backup if script fails Specifies whether to stop the backup when the script returns
a non-zero status code.
Option Description
Run user-defined script at Runs a user-defined script at the end of the backup session.
end of backup The script must be located in /usr/local/avamar/etc/
scripts.
Exit process with script Specifies whether avtar should exit with the exit code of the
failure exitcode script instead of a standard avtar exit code.
Option Description
Check client-side caches and If selected, a backup does not occur. Instead, Avamar
report inconsistencies performs a validation check of the client-side cache with the
Avamar server.
Check and repair client-side If selected, a backup does not occur. Instead, Avamar
caches performs a validation check of the client-side cache with the
Avamar server, and repairs inconsistencies.
Maximum client file cache Specifies the maximum client file cache size in MB. A negative
size (MBs) value indicates a fraction of RAM. For example, -8 specifies
that no more than 1/8th of physical RAM should be allocated
to the client file cache.
Maximum client hash cache Specifies the maximum client hash cache size in MB. A
size (MBs) negative value indicates a fraction of RAM. For example, -8
specifies that no more than 1/8th of physical RAM should be
allocated to the client hash cache.
Option Description
Client-side flag file Specifies the path to a flag file on the client that contains
additional option settings.
Network usage throttle Specifies a setting that reduces network usage to a specified
(Mbps) rate, expressed as megabits/second. For example, 0 =
unrestricted, 50% of a T1 = 0.72.
Directly connect to all server Specifies whether to establish multiple connections to the
nodes server. Multiple connections can improve backup performance.
Option Description
Soft limit size (MBs) Specify the soft limit size of a backup. If the size of the backup
source exceeds the soft limit, the backup succeeds with a
warning. If you specify both the soft and hard limit size, ensure
that the soft limit size is smaller than the hard limit size.
Hard limit size (MBs) Specify the hard limit size of a backup. If the size of the
backup source exceeds the hard limit, the backup fails.
Restore options
The restore options that are available depend on the type of plug-in.
This section describes the backup options for the following plug-ins:
l AIX file system
l FreeBSD file system
l HP-UX file system
l Linux file system
l Macintosh file system
l NetWare file system
l SCO OpenServer file system
Restore options for the Avamar Plug-in for Microsoft Windows are available in the
Avamar for Windows Server User Guide. Restore options for application plug-ins, such
as SQL Server and SharePoint VSS, are available in the user guide for the plug-in.
File system plug-in restore options
The following table describes the options that are available when you perform a
restore using the listed file system plug-ins.
Option Description
Overwrite existing files Controls behavior when the file to be restored
exists. One of the following:
l Never
l Always
l Generate New Name
l If Modified
l If Newer
Encryption method from Data Domain system If the backup was stored on a Data Domain
system, select the encryption method to use
for data transfer from the Data Domain
system to the client.
Option Description
Server login ID (NetWare only) Specifies the SMS login
username. For example,
CN=admin.O=HOSTNAME_CTX.
Option Description
List backup contents Specifies how much information about the
backup contents to include in the log files.
The information includes:
l No file listing
l List file names
l List files and dates
Option Description
Run user-defined script at beginning of Runs a user-defined script at the beginning of
restore the restore session. The script must be
located in /usr/local/avamar/etc/
scripts.
Abort restore when script fails When the script returns a non-zero status
code, specify whether to stop the restore.
Option Description
Run user-defined script at end of restore Runs a user-defined script at the end of the
restore session. The script must be located
in /usr/local/avamar/etc/scripts.
Exit process with script failure exitcode Specifies whether avtar should exit with the
exit code of the script instead of a standard
avtar exit code.
Option Description
Check client-side caches and report If selected, a restore does not occur. Instead,
inconsistencies Avamar performs a validation check of the
client-side cache with the Avamar server.
Check and repair client-side caches If selected, a restore does not occur. Instead,
Avamar performs a validation check of the
client-side cache with the Avamar server, and
repairs inconsistencies.
Rebuild client-side caches from most recent Does not restore data. If selected, Avamar
backup uses the contents of the last backup to re-
create the client-side file cache.
Option Description
Do not descend into subdirectories Specifies whether to restore only the
specified top-level directory and not any
subdirectories.
Recreate original path beneath target Specifies whether to re-create the original
directory path to files and directories beneath the
specified target directory. For example, if you
restore /usr/MyDir/MyFile to /tmp and
you select this option, then the full path to
the restored file is /tmp/usr/MyDir/
MyFile.
5. Copy files that you want to be downloadable to the user into the folder.
6. Change directory to /usr/local/avamar/httpds/downloads/ by typing
the following command:
cd /usr/local/avamar/httpds/downloads/
where:
l heading—Defines the root folder name.
l displayName—Defines the sub-folder name.
l path—Defines the location of the software file on disk, in which /
DPNInstalls/downloads points to /data01/avamar/src/
downloads on the Avamar server.
8. Refresh the Downloads page to verify that you can see the newly uploaded
files.
3. Copy files that you want to be downloadable to the user into the folder.
4. Change directory to /usr/local/avamar/httpds/docs/ by typing the
following command:
cd /usr/local/avamar/httpds/docs/
Where:
l heading—Is set to the default value of 40.
l displayName—Defines the name of the document as it is displayed in the
Documentation page.
l path—Defines the location of the document file on disk, in which /
axiondocs/cur points to /space/avamar/doc/downloads on the
Avamar server.
6. to verify that you can see the newly uploaded files, refresh the Documentation
page.
accelerator The Avamar NDMP Accelerator (accelerator) is a specialized Avamar server node that,
when used as part of an Avamar system, enables backup and restore of network
addressed storage (NAS) systems by way of the network data management protocol
(NDMP).
activation The process of passing the client ID (CID) back to the client, where it is stored in an
encrypted file on the client file system.
authentication system A username and password system that is used to grant user access to the Avamar
server. Avamar supports its own internal authentication system (avs), as well as several
external authentication systems (OpenLDAP, Windows Active Directory, NIS, and
SMB).
Avamar Administrator A graphical management console software application that is used to remotely
administer an Avamar system from a supported Windows or Linux client computer.
Avamar client A computer or workstation that runs Avamar software and accesses the Avamar server
over a network connection. Avamar client software comprises a client agent and one or
more plug-ins.
Avamar Downloader A Windows-based file distribution system that delivers software installation packages to
Service target Avamar systems.
Avamar File System A browsable virtual file system view of the normally inaccessible Avamar HFS. The
(AvFS) Avamar File System provides read-only accessibility to all backups stored on an Avamar
server down to the individual file level. This allows an Avamar server to be used as an
online long-term historical strategic enterprise information store in addition to a backup
and restore repository.
Avamar server The server component of the Avamar client/server system. Avamar server is a fault-
tolerant, high-availability system that efficiently stores the backups from all protected
clients. It also provides essential processes and services required for data restores,
client access, and remote system administration. Avamar server runs as a distributed
application across multiple networked storage nodes.
Avamar Web Access A browser-based user interface that provides access to the Avamar server for the
express purpose of restoring files to a client.
backup A point-in-time copy of client data that can be restored as individual files, selected data,
or as an entire backup.
backup policy In the AUI, a backup policy specifies a dataset, schedule, and retention settings that are
applied to a client or a group of clients. A backup policy must contain at least one
Avamar client. If the backup policy contains two or more clients, the clients must belong
to the same Avamar domain. You can override backup policy settings at the client level.
client activation The process of passing the client ID (CID) back to the client, where it is stored in an
encrypted file on the client file system.
client agent A platform-specific software process that runs on the client and communicates with the
Management Console Server (MCS) and with any plug-ins installed on that client.
client registration The process of establishing an identity with the Avamar server. When Avamar
recognizes the client, it assigns a unique client ID (CID), which it passes back to the
client during client activation.
ConnectEMC A program that runs on the Avamar server and that sends information to Avamar
Support. ConnectEMC is typically configured to send alerts for high priority events as
they occur, as well as reports once daily.
dataset A policy that defines a set of files, directories, and file systems for each supported
platform that are included or excluded in backups across a group of clients. A dataset is
a persistent and reusable Avamar policy that can be named and attached to multiple
groups.
DNS Domain Name Server. A dynamic and distributed directory service for assigning domain
names to specific IP addresses.
domain A feature in Avamar Administrator that is used to organize large numbers of clients into
named areas of control and management.
Email Home An optional feature that uses the High Priority Events profile and Notification schedule
to regularly send server error and status messages to Avamar Support.
EMC repository A repository that contains server installation packages, client installation packages, and
manifest files. The repository is located on the EMC network. Each EMC customer has
a download center that contains files available to them. Outgoing communication from
the Avamar Downloader Service to the EMC repository is encrypted with SSL over an
HTTP connection.
EM Tomcat server The Avamar EM Tomcat server (EMT) provides essential services required to display
(EMT) Avamar system information, and provides a mechanism for managing Avamar systems
using a standard web browser. The EMT also communicates directly with MCS.
full replication A full “root-to-root” replication creates a complete logical copy of an entire source
system on the destination system. The replicated data is not copied to the REPLICATE
domain. Instead, it is added to the root domain just as if source clients had registered
with the destination system. Also, source server data replicated in this manner is fully
modifiable on the destination system. This replication method is typically used for
system migration (from a smaller Avamar configuration to a larger, possibly multi-node
configuration) or system replacement (for instance, in a case of disaster recovery).
group A level of organization in Avamar Administrator for one or more Avamar clients. All
clients in an Avamar group use the same group policies, which include the dataset,
schedule, and retention policy.
group policy In Avamar Administration, a group policy is defined as a dataset, schedule, and retention
policy for all clients in an Avamar group.
HFS Hash File System. The content addressed storage area inside the Avamar server used to
store client backups.
HFS check An Avamar Hash File System check (HFS check) is an internal operation that validates
the integrity of a specific checkpoint. Once a checkpoint has passed an HFS check, it
can be considered reliable enough to be used for a server rollback.
MAC address Media Access Control Address. A unique hardware address, typically embedded at the
lowest level in a hardware assembly, that uniquely identifies each device on a network.
manifest file An XML file listing all the server, client, and workflow packages currently available for
download from the EMC repository.
MCS Management console server. The server subsystem that provides centralized
administration (scheduling, monitoring, and management) for the Avamar server. The
MCS also runs the server-side processes used by Avamar Administrator.
module Avamar 1.2.0 and earlier multi-node Avamar servers utilized a dual-module synchronous
RAIN architecture in which nodes were equally distributed in two separate equipment
cabinets on separate VLANs. The term “module” is a logical construct used to describe
and support this architecture (older multi-node Avamar servers comprised a primary
module and a secondary module). These legacy systems continue to be supported.
However, newer multi-node Avamar servers use a single module architecture, and even
though Avamar Administrator provides “module detail” information, a module is
therefore logically equivalent to the entire server.
NDMP Network data management protocol. An open protocol that is used to move data from a
NAS system to a backup server.
NIS Network Information Service. An external authentication system that can be used to log
in to an Avamar server.
node A networked storage subsystem that consists of both processing power and hard drive
storage, and runs Avamar software.
NTP Network Time Protocol. Controls the time synchronization of a client or server
computer to another reference time source.
ODBC Open DataBase Connectivity. A standard database access method that makes it
possible to access any data from any application, regardless of which database
management system (DBMS) is handling the data.
OpenLDAP Open Lightweight Directory Access Protocol. An external authentication system that
can be used to log in to an Avamar server.
packages Avamar software installation files, hotfix patches, and OS patches available from the
EMC repository. Packages comprise three types:
l Client—A release of Avamar file system or application backup software.
l Server—A new release of Avamar server software, a service pack, or a patch for
the operating system, MC, or GSAN.
l Workflow—A package that runs operations such as adding a node or replacing a
node.
Package files use the .avp file extension.
PAM Pluggable Authentication Module. A Linux library that enables a local system
administrator to define how individual applications authenticate users.
plug-in Avamar client software that recognizes a particular kind of data resident on that client.
plug-in options Options that you specify during backup or restore to control backup or restore
functionality.
policy A set of rules for client backups that can be named and applied to multiple groups.
Groups have dataset, schedule, and retention policies.
registration The process of establishing an identity with the Avamar server. When Avamar
recognizes the client, it assigns a unique client ID (CID), which it passes back to the
client during client activation.
replication Replication is an optional feature that enables an Avamar system to store read-only
copies of its data on a remote system. The replicated data can be replicas of client
backups and copies of Avamar system data. Replication supports disaster recovery of
the Avamar system.
restore An operation that retrieves one or more file systems, directories, files, or data objects
from a backup and writes the data to a designated location.
retention The time setting to automatically delete backups on an Avamar server. Retention can be
set to permanent for backups that should not be deleted from an Avamar server.
Retention is a persistent and reusable Avamar policy that can be named and attached to
multiple groups.
roles A setting in Avamar Administrator that controls which operations each user can perform
in the Avamar server. Roles are assigned on a user-by-user basis.
schedule The ability to control the frequency and the start and end time each day for backups of
clients in a group. A schedule is a persistent and reusable Avamar policy that can be
named and attached to multiple groups.
SSH Secure Shell. A remote login utility that authenticates by way of encrypted security
keys instead of prompting for passwords. This prevents passwords from traveling
across networks in an unprotected manner.
storage node A node in the Avamar server that provides storage of data.
system migration A planned operation that uses full “root-to-root” replication to copy all data residing on
a source Avamar server to a new destination server. If global client IDs (global CIDs) are
used, clients that formerly backed up to the source server can continue to operate
transparently without reregistering with the new destination server.
TFTP Trivial File Transfer Protocol. A version of the TCP/IP FTP protocol that has no
directory or password capabilities.
utility node In scalable multi-node Avamar servers, a single utility node provides essential internal
services for the server. These services include MCS, Domain Name Server (DNS),
External authentication, Network Time Protocol (NTP), and Web access. Because
utility nodes are dedicated to running these essential services, they cannot be used to
store backups.