Use these procedures to manage existing appliances, add appliances you want to manage from this appliance’s UI, and remove appliances you no longer want to manage:
Use this procedure to edit these appliance settings and to access the Support Toolbox:
• | Appliance Name, IP address, and FQDN |
• |
• | Users |
• | Date and time |
• | License |
• | Backup copy |
• | Encryption |
• | OS password |
• | CHAP authentication for iSCSI storage |
• | Advanced configuration settings, such as MaxConcurrentJobs and QuickSeek (for advanced users only) |
For a description of each option, see Appliance settings. To edit DNS, port security, and the appliance hosts file, see Networks.
1 | On the Configure > Appliances page, select the appliance and click Edit. |
2 | On the Edit Appliance dialog, modify information on the desired tab and click Save. Available tabs are: |
• | General – Use to edit the appliance’s name and IP Address. Make sure to remember the new IP address so you can continue to access the appliance’s UI. |
• | Email – Use to configure appliance email. |
• | Users – Use to add, modify, or remove appliance users and to set up Active Directory (AD) authentication. For AD setup, see To set up Active Directory authentication below. |
• | Date Time – Use to set the appliance date and time. |
• | License – Use to view, modify, or upgrade the appliance license. |
• | Backup Copy – Use to configure the appliance as a backup copy target. For details, see Adding a Unitrends appliance backup copy target. |
• | Advanced – Use to set up or access these advanced features: |
– | Encryption - Set up by providing a passphrase and saving the master key file. (For details, see To configure encryption or To change the encryption passphrase.) Once you configure encryption, you can encrypt backups by asset (Configure > Protected Assets > Edit Asset). |
– | Support Toolbox - Use to access additional information, such as log files, lists of running processes and services, and disk status, and to perform related administrative tasks. For details, see To use the Support Toolbox. |
– | General Configuration - Edit advanced appliance configuration settings. For details, see To configure advanced settings. |
– | OS Password - Use to change the appliance operating system password. (This is not the same as the UI password). For details, see To change the appliance OS password. |
– | iSCSI CHAP - Use to set up CHAP authentication for use with iSCSI storage targets. For details, see To configure iSCSI CHAP authentication. |
– | SNMP - Use send SNMP traps to your own Remote Monitoring and Management (RMM) software. For details, see To set up SNMP trap notifications. |
You can now use Active Directory (AD) domain credentials for Unitrends user accounts. Set Unitrends users up as members of specified AD domains and they can access the appliance without being added as users on the appliance itself.
Note: AD authentication is implemented at the UI and Apache component level. The Unitrends operating system is not joined to the AD domain.
The AD group to which a user belongs determines which features that user can view and utilize. Users are granted one of the following privilege levels: monitor, manage, administrator, or superuser.
1 | Create the following groups in your Active Directory domain: |
Group |
Description |
---|---|
Unitrends-Superuser |
Members of this group are granted superuser privileges in the Unitrends UI. |
Unitrends-Admin |
Members of this group or domain administrators are granted administrator privileges in the Unitrends UI. |
Unitrends-Manage |
Members of this group are granted manage privileges in the Unitrends UI. These users can view statuses and reports, run jobs, and perform other management tasks, such as adding or modifying assets and retention settings. |
Unitrends-Monitor |
Members of this group are granted monitor privileges in the Unitrends UI. These users are only able to view the status of completed jobs and run reports. They cannot run jobs, view running jobs, or configure the appliance in any way. |
Note: You may name these groups to suit your environment. If you use your own names, be sure to enter these names when you configure AD authentication on the appliance. User group names in your AD domain must match the names you enter in step 8.
2 | Add users to the Unitrends domain groups as desired. |
Users who are not domain administrators must be assigned to a Unitrends group to log in to the UI using AD authentication.
Note: Add users to the groups only. Do not add groups. Nested grouping is not a Microsoft best practice and may cause undesirable results.
3 | Do one of the following: |
• | Create a DNS entry for the AD server with reverse lookup configured, then skip to step 8. |
• | Continue with step 4 to add the AD server to the Unitrends appliance's hosts file. |
4 | Log in to the appliance UI. |
5 | On the Configure > Appliances page, select the appliance and click the Network tab below. |
6 | Click Edit Hosts File. |
7 | Add the Active Directory server to the appliance hosts file: |
Note: This host entry must be added before you configure the appliance for AD authentication.
• | Click Add. |
• | Enter the Host Name of the AD server that manages the Active Directory domain. |
• | Enter the IP Address of the AD server. |
• | For Qualified Name, enter the Active Directory domain only. Do not include the server name. |
• | Click Save. |
• | Example: for an AD server called SERVER_AD whose IP address is 192.168.111.75 and AD domain is company_domain.com, enter the following: |
– | SERVER_AD in the Host Name field |
– | 192.168.111.75 in the IP Address field |
– | company_domain.com in the Qualified Name field |
8 | Configure the appliance for AD authentication: |
• | On the Configure > Appliances page, select the appliance and click Edit. |
• | In the Edit Appliance dialog, click Users. |
• | Click Add, enter the following to add each Unitrends AD user group, then click Save: |
– | Username - Name of the user group you have added to the AD domain. (See step 1 for details). |
– | Password - AD user group's password. |
– | Confirm Password - Enter the password again. |
– | Role - Select the role to apply to the AD user group. |
• | Click Modify AD Settings and enter the following in the Current Active Directory Settings area: |
Field |
Action |
---|---|
Enable Active Directory Authentication |
Check this box to start using AD authentication, or leave unchecked to start using AD authentication at a later time. |
Use SSL |
The Use SSL option is not used. |
Active Directory Server |
Enter the hostname of the AD server that manages the Active Directory Domain. If left blank, the appliance populates this field using the hosts file entry. If you are using DNS and did not add the AD server to the hosts file, be sure to enter the hostname here. This field is limited to 15 characters. |
Active Directory Domain |
Enter the name of the AD domain. Do not include the AD server name. For example, ad_domain.company_domain.com. This name must be present in the appliance hosts file or resolvable through DNS. |
9 | Click Save. |
This procedure assumes you have set up the Unitrends user account in Active Directory and have configured AD authentication as described in To authenticate using Active Directory.
1 | Connect to the appliance by directing a Chrome or Firefox browser to: |
https://<appliance IP address>ui/
2 | On the Login page, enter the AD domain and user name in either of the following formats: |
ad_domain\ad_username or ad_username@ad_domain.company_domain.
For example, for user jsmith on AD domain accounting and company domain americanaccountants.com, enter:
accounting\jsmith
or
jsmith@accounting.americanaccountants.com
3 | Enter the password for this AD user. |
4 | Click Login. |
1 | On the Configure > Appliances page, select the appliance and click Edit. |
2 | On the Edit Appliance dialog, click the Advanced tab. |
3 | Check Enable Encryption. |
4 | Enter a Passphrase and Confirm Passphrase. |
Important! Be sure to keep the passphrase secure. If you forget the passphrase there is no way to recover it.
5 | Click Save. |
6 | Return to the Configure > Appliances page, select the appliance and click Edit. |
7 | On the Edit Appliance dialog, click the Advanced tab. |
8 | Click Save Master Key File. |
9 | You receive a message indicating the master key file was saved to the appliance's samba share. Click OK. |
10 | Log in to a Windows workstation as an administrator with full system access. |
11 | Launch File Explorer and enter the following path to access the master key file on the Unitrends appliance: |
\\ApplianceIP\samba
12 | Copy the master key file, called crypt_image.iso, to removable media and store it in a safe location. |
Important! Be sure to keep the master key file secure. If you ever need to perform disaster recovery of the appliance, you will need this key to access any encrypted backups.
13 | Once you have copied the key to removable media, delete crypt_image.iso from \\ApplianceIP\samba for increased security. |
1 | On the Configure > Appliances page, select the appliance and click Edit. |
2 | On the Edit Appliance dialog, click the Advanced tab. |
3 | Enter the Current Passphrase. |
4 | Check Change Passphrase and enter a New Passphrase and Confirm New Passphrase. |
Important! Be sure to keep the passphrase secure. If you forget the passphrase there is no way to recover it.
5 | Click Save Master Key File. |
6 | You receive a message indicating the Master Key File was saved to the appliance's samba share. Click OK. |
7 | Click Save. |
8 | Log in to a Windows workstation as an administrator will full system access. |
9 | Launch File Explorer and enter the following path to access the master key file on the Unitrends appliance: |
\\ApplianceIP\samba
10 | Copy the master key file, called crypt_image.iso, to removable media and store in a safe location. |
Important! Be sure to keep the Master Key File secure. If you ever need to perform disaster recovery of the appliance, you will need this key to access any encrypted backups.
11 | Once you have copied the key to removable media, delete crypt_image.iso from \\ApplianceIP\samba for increased security. |
1 | Log in to the appliance UI. |
You must log in directly to the appliance. You cannot access the Support Toolbox of a managed appliance.
2 | On the Configure > Appliances page, select the appliance and click Edit. |
3 | In the Edit Appliance dialog, click Advanced and select Support Toolbox. |
4 | The Support Toolbox (Advanced) dialog displays. Scroll through the toolbox to find the information or task you are interested in. Hover over the options to see descriptions and helpful tips. |
1 | Log in to the appliance UI. |
You must log in directly to the appliance. You cannot change the configuration settings of a managed appliance.
2 | On the Configure > Appliances page, select the appliance and click Edit. |
3 | In the Edit Appliance dialog, click Advanced and select General Configuration. |
4 | Modify settings as desired and click Save |
1 | Log in to the appliance UI. |
You must log in directly to the appliance. You cannot change the configuration settings of a managed appliance.
2 | On the Configure > Appliances page, select the appliance and click Edit. |
3 | In the Edit Appliance dialog, click Advanced and select OS Password. |
4 | Enter the Current OS Root Password, the New OS Root Password, and confirm by entering it again in the Confirm New OS Root Password field. |
The appliance is deployed with these default operating system credentials:
• | User root |
• | Password unitrends1 |
5 | Click Save. |
1 | Log in to the appliance UI. |
2 | On the Configure > Appliances page, select the appliance and click Edit. |
3 | In the Edit Appliance dialog, click iSCSI CHAP. |
4 | Verify that the Use System CHAP Credentials box is checked. |
5 | Enter credentials in the Username, CHAP Password, and Confirm CHAP Password fields, then click Save. One set of credentials is used to access all iSCSI targets that have been configured to use CHAP authentication. |
• | By default, Username contains the appliance's iSCSI qualified name (IQN). It is required that the username and password on the initiator (backup appliance) match those defined on the targets. Modify the Username entry if necessary. |
• | The password must be 12-16 characters in length. |
1 | If you will be using SNMP V3, configure the username and password from the command line as follows: |
• | Using a terminal emulator, such as PuTTY, connect to the appliance using the following: |
– | Appliance IP address |
– | Port 22 |
– | SSH connection type |
• | Log in as user root. (If you have not reset the OS root user password, the default password is unitrends1.) |
• | Enter the following command to configure the SNMP V3 username and password: |
# /usr/bp/bin/cmc_snmpd script user create<snmp_user><snmp_passwd>
The script defaults to authorization type MD5 and privacy/encryption of DES.
2 | Log in to the appliance UI. |
3 | On the Configure > Appliances page, select the appliance and click Edit. |
4 | In the Edit Appliance dialog, click Advanced and select SNMP. |
Note: Your appliance comes configured with a default destination of notifications.unitrends.com. Various system alerts are sent to this address to enable Unitrends to proactively resolve problems, if and when they arise. For example, if a disk drive is failing, Unitrends receives a trap and dispatches a warranty request on the failed component (if the appliance support contract is up-to-date). This destination must remain in place for proactive monitoring to continue.
5 | In the Agent Configuration area, click Download MIB, and install it in your RMM environment. The file is also available at http://<Unitrends appliance IP>/snmp/. |
Note: You will also need the Net-SNMP MIBs. These come standard in most RMM software. If you need them, they are available at http://<Unitrends appliance IP>/snmp/.
6 | In the Trap Destinations area, click Add. |
7 | Enter the Destination address and Community, check Enabled, and click Save. |
8 | Click Test. A test trap is sent to all destinations. You see a Success message if the destination you configured is operational. |
1 | Click Add Appliance. |
2 | Enter the Name you want to use to identify the appliance. |
3 | Enter the IP Address of the appliance. |
4 | Enter the User Name and Password you used to configure the appliance. |
5 | Click Save. |
Once you add a remote appliance, it displays on the Configure > Appliances tab in Available status. You can then manage operations on the remote appliance as your user role permits, with some exceptions (for example, you are unable to manage users on remote appliances). To manage an appliance from this UI, the appliance must have an Available status.
Appliance status information includes:
Status | Description |
---|---|
Available (logged in) | You are logged in to this appliance and can manage its operations. |
Available | This is a remote appliance that can be managed from this UI. |
Not Available |
The appliance is configured as a backup copy source only and cannot be managed from this UI. To enable management, simply click Edit, check Enable Management of this appliance, supply User Name and Password credentials, and click Save. |
Pending |
This is a remote appliance that is requesting permission to send backup copies to the appliance you are logged in to. Click ! to accept or deny the request. |
1 | Log in to the managing appliance. |
2 | Go to Configure > Appliances and select the appliance you want to remove. |
3 | Click Remove. |
1 | Select the options icon in the upper-right. |
2 | Click Check for Updates. |
3 | Click Apply Update. |
1 | On the Configure > Appliances page, select the appliance and click Edit. |
2 | On the General tab, click Shutdown/Restart. |
This procedure assumes you have added a disk to your UEB appliance that meets the requirements in Create a separate database partition on your UEB appliance.
1 | Using a terminal emulator, such as PuTTY, connect to the appliance using the following: |
– | Appliance IP address |
– | Port 22 |
– | SSH connection type |
2 | Log in as user root. (If you have not reset the OS root user password, the default password is unitrends1.) |
3 | Issue this command to download the create database partition script: |
# wget ftp://ftp.unitrends.com/utilities/newdisk
4 | Issue this command to add execute permissions: |
# chmod +x newdisk
5 | Issue this command to run the script: |
# ./newdisk
6 | In the script output, you see one of the following: |
• | Output similar to the following, indicating that an eligible database disk is available. Note the device partition (/dev/sdd in the example). You will need it in the next step. Proceed to step 7. |
Available added disk = /dev/sdd (size 107.2 GB)
• | The following message, indicating that an eligible disk is not available. Add an eligible disk and rerun this procedure. |
No available added disks found
• | A message similar to the following, indicating that the disk you added is less than 100GB in size. Add an eligible disk and rerun this procedure. |
Disk /dev/sdd size X GB is less than minimum 100 GB
• | A message similar to the following, indicating that the disk you added is less than twice the current database size. Add an eligible disk and rerun this procedure. |
Disk /dev/sdd size X GB is less than twice database X GB
7 | Issue the cmc_stateless dbpart command followed by the device partition you noted above to format the disk and migrate the database. The following example uses /dev/sdd as the device partition: |
# cmc_stateless dbpart /dev/sdd