NDMP Backup and Restore Protocol Access for 7-Mode

Data ONTAP 7.3 and later supports NDMP v4. Using v4 is strongly recommended and is generally required if the NetApp storage is used as secondary storage for DPX Block backups. If necessary, you can change the NDMP version.

To set the version level of a NAS appliance:

  1. Telnet to the appliance.

  2. Log in to the appliance as root.

  3. Execute the command:

    ndmpd version <version-number>

Data ONTAP 7.3 and later can support NDMP challenge authentication. It is strongly recommended to use challenge authentication to protect the NDMP login credentials over the network.

It is recommended to scan NetApp devices into the Enterprise using the root account, as this account has access to all features, storage, and SCSI subsystems. For NetApp devices that only interact with NDMP for backup and restore operations, you can use a non-root account. For NetApp devices acting as secondary storage for DPX Block backups, OSSV, and NetApp SnapVault protection, the root account is required. Note that an update in Data ONTAP 8.2.1 permits non-root accounts to function for all DPX interactions. For more information, see the DPX Best Practices Guide in the Catalogic Knowledge Base.

To create a non-root account on a NetApp storage system:

  1. Log in to the secondary (or use rshell) and use the useradmin procedure to create a role, a group, and a user account. For example:

    useradmin role add <role-name> -a *
    
    useradmin group add <group-name> -r <role-name>
    
    useradmin user add <user-name> -g <group-name>

    You are prompted for a password.

  2. Create an NDMP password for the non-root user on the appliance by logging into the appliance. From the command line on the appliance, issue the command:

    ndmpd password <user-name>

    where is the account name used by DPX to log into the appliance through NDMP. The output of this command is a password. Use this username and password to scan the appliance into the Enterprise and to perform NDMP backup and restore operations.

    If you use the root account, it is not necessary to register a separate NDMP password. However, if you plan to use a non-root account, it is not possible to register the secondary node without creating an NDMP password.

  3. Add the secondary node to the Enterprise. Use the NDMP password generated earlier when registering with non-root account.

Note that a non-root user could have restricted permissions and may not be able to back up certain data.

Last updated