DP120 9.0X S v1.2 PDF

DP120 Data Protector 9.
0X
Essentials
Student Guide
DP120 Data Protector 9.0X
Essentials
Student Guide
Use of this material to deliver training without prior written permission from HP is prohibited.
© Copyright 2014 Hewlett-Packard Development Company, L.P.
The information contained herein is subject to change without notice. The only warranties for HP
products and services are set forth in the express warranty statements accompanying such products
and services. Nothing herein should be construed as constituting an additional warranty.
HP shall not be liable for technical or editorial errors or omissions contained herein.
This is an HP copyrighted work that may not be reproduced without the written permission of HP.
Use of this material to deliver training without prior written permission from HP is prohibited
Microsoft®, Windows®, Windows®Vista are U.S. registered trademarks of Microsoft Corporation.
Adobe and Acrobat are trademarks of Adobe Systems Incorporated.
Java is a registered trademark of Oracle and/or its affiliates.
Oracle® is a registered US trademark of Oracle Corporation, Redwood City, California.
UNIX® is a registered trademark of The Open Group.
LiveVault® is a registered trademark of Autonomy Corporation plc
DP120 Data Protector 9.0X Essentials
Student Guide
Rev 1.2 December 2014
Content
Module 1 — Introduction 1
1–3. SLIDE: Welcome ............................................................................................................................................. 2
1–4. SLIDE: Overview ............................................................................................................................................. 3
1–5. SLIDE: Agenda................................................................................................................................................ 5
1–7. SLIDE: Additional Resources……………………………………………………………………………………………………………6
Module 2 — HP’s Adaptive Backup and Recovery Solutions 1

2–3. SLIDE: HP Adaptive Backup and Recovery concept ...................................................................................... 2
2–4. SLIDE: HP Adaptive Backup and Recovery Suite .......................................................................................... 3
2–5. SLIDE: HP Data Protector.............................................................................................................................. 4
2–6. SLIDE: Introducing Data Protector 9.0 ......................................................................................................... 5
2–7. SLIDE: Non-Staged Granular Recovery for VMware ..................................................................................... 6
2–8. SLIDE: Data Protector Federated Deduplication .......................................................................................... 7
2–9. SLIDE: Data Protector Catalyst Over Fiber Channel ..................................................................................... 8
2-10. SLIDE: Data Protector Enhanced UI Preview ................................................................................................ 9
2-11. SLIDE: HP Backup Navigator .......................................................................................................................10
2-12. SLIDE: Data Protector Management Pack ..................................................................................................11
2-13. SLIDE: For more information ......................................................................................................................12
Module 3 — Architecture 1
3–3. SLIDE: HP Data Protector .............................................................................................................................. 2
3–4. SLIDE: HP Data Protector history .................................................................................................................. 4
3–5. SLIDE: Protected environment ...................................................................................................................... 5
3–6. SLIDE: Backup options ................................................................................................................................... 6
3–7. SLIDE: Direct attached backup ...................................................................................................................... 7
3–8. SLIDE: Network backup ................................................................................................................................. 8
3–9. SLIDE: SAN attached backup ......................................................................................................................... 9
3-10. SLIDE: Array based replica backup (ZDB) ...................................................................................................10
3-11. SLIDE: Backup and replication methods ....................................................................................................12
3-12. SLIDE: Cell concept .....................................................................................................................................13
3-13. SLIDE: Client server architecture ................................................................................................................16
3-14. SLIDE: Cell Manager (CM) ............................................................................................................................17
3-15. SLIDE: Disk Agent (DA) ................................................................................................................................18
3-16. SLIDE: Media Agent (MA).............................................................................................................................19
3-17. SLIDE: Integration Agent (IA) ......................................................................................................................20
3-18. SLIDE: Installation Server (IS) .....................................................................................................................21
3-19. SLIDE: User Interface ..................................................................................................................................22
3-20. SLIDE: Granular Recovery Extension Agent ...............................................................................................23
3-21. SLIDE: Internal Database (IDB) ...................................................................................................................24
3-22. SLIDE: Typical Data Protector session .......................................................................................................25
3-23. SLIDE: Variables used in this training .........................................................................................................27
3-24. SLIDE: DP Tuning via global file ..................................................................................................................28
3-25. SLIDE: DP Tuning via omnirc file.................................................................................................................29
3-26. SLIDE: Support matrix ................................................................................................................................30
Module 4 — Installation 1
4–3. SLIDE: Installation Overview ........................................................................................................................ 2
4–4. SLIDE: Cell Manager Platform Support DP 9.0X ........................................................................................... 3
Content
4–5. SLIDE: Localization .......................................................................................................................................4

4–6. SLIDE: DP 9.00 DVD Packaging .....................................................................................................................5
4–7. SLIDE: Product Documentation ....................................................................................................................7
4–8. SLIDE: Overall Installation Sequence ...........................................................................................................8
4–9. SLIDE: Plan the layout of the cell .............................................................................................................. 10
4–10. SLIDE: Check hardware and software requirements ................................................................................ 13
4–11. SLIDE: Preparation on Windows ................................................................................................................ 15
4–12. SLIDE: Installation Wizard on Windows .................................................................................................... 16
4–13. SLIDE: CM Installation on Windows cont. ................................................................................................ 17
4–14. SLIDE: CM Installation on Windows cont. ................................................................................................ 18
4–15. SLIDE: CM Installation on Windows cont. ................................................................................................. 19
4–16. SLIDE: Preparation on UNIX....................................................................................................................... 20
4–17. SLIDE: DP 9.00 Cell Manager Installation on UNIX Systems ..................................................................... 23
4–18. SLIDE: DP 9.00 Cell Manager processes .................................................................................................... 25
4–19. SLIDE: Client installation overview ........................................................................................................... 26
4–20. SLIDE: Remote push installation............................................................................................................... 27
4–21. SLIDE: Remote push installation cont. ..................................................................................................... 28
4–22. SLIDE: Remote push installation cont. ..................................................................................................... 30
4–23. SLIDE: Windows Firewall push installation ............................................................................................... 31
4–24. SLIDE: Push installation with secure shell ................................................................................................ 35
4–25. SLIDE: Local client installation - Windows ................................................................................................ 36
4–26. SLIDE: Local Client Installation - Unix ....................................................................................................... 37
4–27. SLIDE: Export of clients ............................................................................................................................. 38
4–28. SLIDE: Import of clients ............................................................................................................................. 39
4–29. SLIDE: Adding components to clients ....................................................................................................... 40
Module 5 —Upgrade and Migration 1

5–3. SLIDE: Contents ............................................................................................................................................2
5–4. SLIDE: Upgrade and Migration Scenarios .....................................................................................................3
5–5. SLIDE: Upgrade and Migration Scenarios cont. ............................................................................................4
5–6. SLIDE: Upgrade & Migration Windows ..........................................................................................................5
5–7. SLIDE: Upgrade & Migration paths HP-UX, Linux and Solaris ......................................................................6
5–8. SLIDE: Upgrading devices with default block size ........................................................................................8
5–9. SLIDE: Upgrade of a Windows Cell Manager 1/4 ..........................................................................................9
5-10. SLIDE: Upgrade of a Windows Cell Manager 2/4 ....................................................................................... 11
5-13. SLIDE: IDB Migration Concept .................................................................................................................... 14
5-14. SLIDE: IDB Core Migration .......................................................................................................................... 16
5-15. SLIDE: After Core Migration ....................................................................................................................... 18
5-16. SLIDE: Manually Catalog Migration ........................................................................................................... 20
5-17. SLIDE: The omnimigrate command ........................................................................................................... 22
5-18. SLIDE: Report old Catalog .......................................................................................................................... 25
5-19. SLIDE: IDB Size and Update Duration ........................................................................................................ 27
5-20. SLIDE: Upgrade of a UNIX Cell Manager..................................................................................................... 28
5-21. SLIDE: Upgrade of a MoM Environment ..................................................................................................... 32
Module 6 — Licensing and Product Structure 1

6–3. SLIDE: Data Protector licensing ....................................................................................................................2
6–4. SLIDE: Data Protector licensing schemes .....................................................................................................4
6–5. SLIDE: Data Protector product structure – traditional .................................................................................6
6–6. SLIDE: New Capacity based license method .................................................................................................9
6–7. SLIDE: License key validity ........................................................................................................................ 11
II Data Protector Essentials

Contents
6–8. SLIDE: License reporting and checking.......................................................................................................12

6–9. SLIDE: License reporting tool .....................................................................................................................13
6-10. SLIDE: General hints ...................................................................................................................................14
Module 7 — Backup Devices 1

7–3. SLIDE: DP Device types ................................................................................................................................. 2
7–4. SLIDE: The logical device .............................................................................................................................. 5
7–5. SLIDE: Physical to logical device mapping ................................................................................................... 6
7–6. SLIDE: Data Protector tape format............................................................................................................... 7
7–7. SLIDE: Tape based Storage Devices ............................................................................................................. 9
7–8. SLIDE: HP Tape drive portfolio ...................................................................................................................10
7–9. SLIDE: Tape drive performance considerations .........................................................................................11
7-10. SLIDE: Tape library terminology.................................................................................................................13
7-11. SLIDE: SAN connected SCSI Library – example configuration ....................................................................15
7-12. SLIDE: Multiple devices ...............................................................................................................................16
7-13. SLIDE: Multipath devices ............................................................................................................................18
7-14. SLIDE: SCSI library – Autoconfiguration .....................................................................................................20
7-15. SLIDE: SCSI Library – Properties 1/4 ..........................................................................................................22
7-19. SLIDE: SCSI Library – Drive Properties 1/4 .................................................................................................28
7-23. SLIDE: Device preparation on Windows .....................................................................................................35
7-24. SLIDE: Automatically discover changed SCSI address ...............................................................................38
7-25. SLIDE: Disk based Backup Devices .............................................................................................................40
7-26. SLIDE: Virtual Tape Library - Overview ......................................................................................................41
7-27. SLIDE: Configure a VTL in Data Protector ...................................................................................................43
7-28. SLIDE: Backup to Disk device (B2D) - Overview .........................................................................................44
7-29. SLIDE: File Library - Overview ....................................................................................................................45
7-30. SLIDE: File Library – Configuration 1/3 ......................................................................................................49
7-31. SLIDE: File Library – Configuration 2/3 ......................................................................................................50
7-32 SLIDE: File Library – Configuration 3/3.......................................................................................................52
7-33. SLIDE: Disk Staging .....................................................................................................................................53
7-34. SLIDE: Device tools: Devbra, uma...............................................................................................................55
7-35. SLIDE: Device tools cont.: SANConf, LTT ....................................................................................................58
Module 8 — Media Management 1

8–3. SLIDE: The Media Pool ................................................................................................................................... 2
8–4. SLIDE: Media pool properties - General ........................................................................................................ 5
8–5. SLIDE: Media pool properties - Allocation 1/2 .............................................................................................. 7
8–6. SLIDE: Media pool properties - Allocation 2/2 .............................................................................................. 9
8–7. SLIDE: Media pool properties - Condition factors .......................................................................................11
8–8. SLIDE: Media pool properties – Media pool usage ......................................................................................13
8–9. SLIDE: Media pool properties – Media pool quality .....................................................................................14
8-10. SLIDE: Creating a Media pool 1/4 ...............................................................................................................15
8-14. SLIDE: Free pool concept ............................................................................................................................19
Data Protector Essentials III

Content
8-15. SLIDE: Multiple free pools ......................................................................................................................... 21

8-16. SLIDE: Free pool properties ....................................................................................................................... 22
8-17. SLIDE: Create a Free Pool .......................................................................................................................... 24
8-18. SLIDE: Medium Properties ......................................................................................................................... 25
8-19. SLIDE: Location Tracking and Priority ....................................................................................................... 27
8-20. SLIDE: Media Management actions ........................................................................................................... 28
8-21. SLIDE: Formatting Tape Media .................................................................................................................. 30
8-22. SLIDE: Media Export & Import 1/2 ............................................................................................................. 33
8-23. SLIDE: Media Export & Import 2/2 ............................................................................................................. 34
8-24. SLIDE: Vaulting with Media Pools .............................................................................................................. 36
Module 9 — Backup 1
9–3. SLIDE: Backup, high level view ......................................................................................................................2
9–4. SLIDE: Backup specification execution..........................................................................................................4
9–5. SLIDE: Backup Specification Content ............................................................................................................5
9–6. SLIDE: Creating backup specification ............................................................................................................6
9–7. SLIDE: Backup context / Group view .............................................................................................................8
9–8. SLIDE: Creating backup specification ............................................................................................................9
9–9. SLIDE: Creating backup specification: Wizards .......................................................................................... 11
9-10. SLIDE: Creating backup specification: Sources ......................................................................................... 12
9-11. SLIDE: Creating backup specification: Destination.................................................................................... 14
9-12. SLIDE: Dynamic device allocation 1/2 ....................................................................................................... 16
9-13. SLIDE: Dynamic device allocation 2/2 ....................................................................................................... 17
9-14. SLIDE: Static device allocation .................................................................................................................. 20
9-15. SLIDE: Object mirroring 1/2 ....................................................................................................................... 21
9-16. SLIDE: Object mirroring 2/2 ....................................................................................................................... 23
9-17. SLIDE: Creating backup specification: Options .......................................................................................... 25
9-18. SLIDE: Creating backup specification: Filesystem options 1/2 ................................................................. 26
9-19. SLIDE: Creating backup specification: Filesystem options 2/2 ................................................................. 29
9-20. SLIDE: Scheduler Overview ........................................................................................................................ 31
9-21. SLIDE: Scheduler – Feature Comparison ................................................................................................... 33
9-22. SLIDE: Using the Legacy Scheduler 1/2 ..................................................................................................... 34
9-23. SLIDE: Using the Legacy Scheduler 2/2 ..................................................................................................... 36
9-24. SLIDE: Using the Advanced Scheduler 1/2 ................................................................................................ 37
9-25. SLIDE: Using the Advanced Scheduler 2/2 ................................................................................................ 39
9-26. SLIDE: Using an incremental backup chain ............................................................................................... 43
9-27. SLIDE: Protection of a backup chain .......................................................................................................... 45
9-28. SLIDE: Creating Backup Spec: Backup Object Summary ........................................................................... 46
9-29. SLIDE: Backup Object Summary – Object Properties 1/2 .......................................................................... 47
9-30. SLIDE: Backup Object Summary – Object Properties 2/2 .......................................................................... 49
9-31. SLIDE: Preview backup session ................................................................................................................. 50
9-32. SLIDE: Pre- and post- execution................................................................................................................ 51
9-33. SLIDE: Performing backups ....................................................................................................................... 52
9-34. SLIDE: Backup session message output .................................................................................................... 53
9-35. SLIDE: Resume/Restart failed Backup sessions ........................................................................................ 54
9-36. SLIDE: Missed job executions .................................................................................................................... 56
9-37. SLIDE: Reconnect broken connections ...................................................................................................... 57
Module 10 — Restore 1
10–3. SLIDE: What is Restore?...............................................................................................................................2
10–4. SLIDE: Restore methods ..............................................................................................................................3
10–5. SLIDE: Restore prerequisites .......................................................................................................................4
IV Data Protector Essentials

Contents
10–6. SLIDE: Concept of Parallel Restore ............................................................................................................. 6

10–7. SLIDE: Restore – Sequence ......................................................................................................................... 8
10–8. SLIDE: Restore – Objects ...........................................................................................................................10
10-9. SLIDE: Restore – Session ...........................................................................................................................12
10-10. SLIDE: Restore – Source ...........................................................................................................................14
10-11. SLIDE: Restore – Object properties ..........................................................................................................16
10-12. SLIDE: Restore – Destination....................................................................................................................18
10-13. SLIDE: Restore – Options ..........................................................................................................................20
10-14. SLIDE: Restore – Devices ..........................................................................................................................22
10-15. SLIDE: Restore – Media .............................................................................................................................24
10-16. SLIDE: Restore – Media/object copies ......................................................................................................27
10-17. SLIDE: Restore – Summary .......................................................................................................................29
10-18. SLIDE: Restore – Single or parallel? .........................................................................................................31
10-19. SLIDE: Restore – Point in time restore .....................................................................................................32
10-20. SLIDE: Restore – By query name or location ............................................................................................33
10-21. SLIDE: Restore – By query backup or modification time..........................................................................34
10-22. SLIDE: Resume failed Restore sessions ...................................................................................................35
Module 11 — Monitoring, Reporting, Notification 1

11–3. SLIDE: Monitoring, Reporting, Notification overview ................................................................................. 2
11–4. SLIDE: Monitoring current sessions ............................................................................................................ 4
11–5. SLIDE: Viewing previous session details ..................................................................................................... 5
11–6. SLIDE: Reporting possibilities ..................................................................................................................... 6
11–7. SLIDE: Reports and report categories ......................................................................................................... 7
11–8. SLIDE: Reporting overview .......................................................................................................................... 8
11–9. SLIDE: Interactive Reports ........................................................................................................................10
11-10. SLIDE: Scheduled Reports ........................................................................................................................11
11-11. SLIDE: Scheduled Reports cont. ...............................................................................................................12
11-12. SLIDE: Notification overview ....................................................................................................................13
11-13. SLIDE: Default notification .......................................................................................................................14
11-14. SLIDE: Adding a notification .....................................................................................................................15
11-15. SLIDE: Web Reporting ...............................................................................................................................16
Module 12 — Media and Object Copy and Verification ...................................................1

12–3. SLIDE: Overview........................................................................................................................................... 2
12–4. SLIDE: Media Copy ....................................................................................................................................... 3
12–5. SLIDE: Interactive media copy ..................................................................................................................... 5
12–6. SLIDE: Automated Media Operation 1/2 ..................................................................................................... 8
12–7. SLIDE: Automated Media Operation 2/2 ...................................................................................................11
12–8. SLIDE: Object Copy ....................................................................................................................................15
12–9. SLIDE: Object Copy – Example 1 ................................................................................................................17
12-10. SLIDE: Object Copy – Example 2 ...............................................................................................................18
12-11. SLIDE: Object Copy GUI/CLI .......................................................................................................................19
12-12. SLIDE: Interactive Object Copy 1/3 ...........................................................................................................20
12-15. SLIDE: Automated Object Copy 1/2 ..........................................................................................................23
12-16. SLIDE: Automated Object Copy 2/2 ..........................................................................................................24
12-17. SLIDE: Object Copy wizard – Filter 1/2 .....................................................................................................25
12-18. SLIDE: Object Copy wizard – Filter 2/2 .....................................................................................................27
12-19. SLIDE: Object Copy wizard – Devices ........................................................................................................28
12-20. SLIDE: Object Copy wizard – Options........................................................................................................30
12-21. SLIDE: Summary .......................................................................................................................................32
Data Protector Essentials V

Content
12-22. SLIDE: Media and Object verification ....................................................................................................... 33

12-23. SLIDE: Media verification ......................................................................................................................... 34
12-24. SLIDE: Object Verification GUI/CLI ........................................................................................................... 36
12-25. SLIDE: Interactive Object verification 1/4 ............................................................................................... 37
Module 13 — Object Consolidation ..............................................................................................1

13–3. SLIDE: Object Consolidation - Motivation....................................................................................................2
13–4. SLIDE: Synthetic Full Backup – How it Works .............................................................................................3
13–5. SLIDE: Synthetic Full Backup – Requirement 1/2 .......................................................................................4
13–6. SLIDE: Synthetic Full Backup – Requirement 2/2 .......................................................................................5
13–7. SLIDE: Object Consolidation GUI/CLI ...........................................................................................................7
13–8. SLIDE: Interactive Object Consolidation 1/3 ...............................................................................................8
13–9. SLIDE: Interactive Object Consolidation 2/3 ...............................................................................................9
13-10. SLIDE: Interactive Object Consolidation 3/3 ........................................................................................... 10
13-11. SLIDE: Virtual Full Backup – How it Works .............................................................................................. 12
13-12. SLIDE: Virtual Full Backup – Requirements ............................................................................................ 13
13-13. SLIDE: Synthetic Full Backup vs. Virtual Full Backup 1/2........................................................................ 14
13-14. SLIDE: Synthetic Full Backup vs. Virtual Full Backup 2/2........................................................................ 15
13-15. SLIDE: Object Consolidation – Backup Types .......................................................................................... 16
13-16. SLIDE: Restore Considerations ................................................................................................................ 17
13-17. SLIDE: Restore with Consolidation and Copies........................................................................................ 19
13-18. SLIDE: Limitations.................................................................................................................................... 20
Module 14 — Internal Database 1

14–3. SLIDE: Concept 1/4 – Embedded database system ...................................................................................2
14–4. SLIDE: Concept 2/4 – DP IDB as embedded database ................................................................................3
14–5. SLIDE: Concept 3/4 – What is the IDB used for ...........................................................................................4
14–6. SLIDE: Concept 4/4 – PostgreSQL ..............................................................................................................5
14–7. SLIDE: Architecture 1/7 – Overview ............................................................................................................6
14–8. SLIDE: Architecture 2/7 – Catalog database ..............................................................................................7
14–9. SLIDE: Architecture 3/7 – Media Management database ...........................................................................9
14-10. SLIDE: Architecture 4/7 – Detail Catalog Binary Files ............................................................................. 10
14-11. SLIDE: Architecture 5/7 – Session Message Binary Files ........................................................................ 13
14-12. SLIDE: Architecture 6/7 – Serverless Integration Binary Files ................................................................ 14
14-13. SLIDE: Architecture 7/7 – Encryption Keystore ....................................................................................... 16
14-14. SLIDE: IDB Directory structure ................................................................................................................. 18
14-15. SLIDE: IDB related Data Protector Services............................................................................................. 21
14-16. SLIDE: Internal Database Size Limits....................................................................................................... 23
14-17. SLIDE: Administration tasks .................................................................................................................... 25
14-18. SLIDE: Manage IDB grow 1/2 ................................................................................................................... 26
14-19. SLIDE: Manage IDB grow 2/2 ................................................................................................................... 28
14-20. SLIDE: IDB Maintenance 1/3 .................................................................................................................... 30
14-23. SLIDE: Maintenance Mode 1/2 ................................................................................................................. 34
14-24. SLIDE: Maintenance Mode 2/2 ................................................................................................................. 37
14-25. SLIDE: IDB Backup .................................................................................................................................... 38
14-26. SLIDE: IDB Backup objects ....................................................................................................................... 41
14-27. SLIDE: IDB Incremental Backups ............................................................................................................. 42
VI Data Protector Essentials

Contents
14-28. SLIDE: IDB Restore - Overview .................................................................................................................43

14-29. SLIDE: IDB Online Restore 1/4 ..................................................................................................................44
14-33. SLIDE: IDB Offline Restore ........................................................................................................................50
14-34. SLIDE: IDB Restore during Disaster Recovery ..........................................................................................52
14-35. SLIDE: IDB reports ....................................................................................................................................54
14-36. SLIDE: Notifications ..................................................................................................................................56
Module 15 — Deduplication 1
15–3. SLIDE: Deduplication technology ................................................................................................................ 2
15–4. SLIDE: How Deduplication works ................................................................................................................ 3
15–5. SLIDE: Supported Deduplication Configurations ........................................................................................ 5
15–6. SLIDE: Target side Deduplication ................................................................................................................ 6
15–7. SLIDE: Source side Deduplication................................................................................................................ 8
15–8. SLIDE: Server side Deduplication ................................................................................................................ 9
15–9. SLIDE: Multi side Deduplication.................................................................................................................10
15-10. SLIDE: Backup-to-Disk (B2D) devices ......................................................................................................11
15-11. SLIDE: Configure a Backup to Disk device 1/6..........................................................................................13
15-17. SLIDE: Gateway Configuration for Source Side Deduplication.................................................................19
15-18. SLIDE: Gateway Configuration for Target Side Deduplication .................................................................20
15-19. SLIDE: Gateway Configuration for Server Side Deduplication .................................................................21
15-20. SLIDE: Creating a backup specification ....................................................................................................22
15-21. SLIDE: Running Backup with Data Deduplication .....................................................................................26
15-22. SLIDE: Creating an Object Replication specification ................................................................................27
Module 16 — Access control and Security 1

16–3. SLIDE: Access control and security levels .................................................................................................. 2
16–4. SLIDE: Access Control ................................................................................................................................. 3
16–5. SLIDE: User Rights ...................................................................................................................................... 4
16–6. SLIDE: User Groups ..................................................................................................................................... 7
16–7. SLIDE: The Admin Group ............................................................................................................................. 8
16–8. SLIDE: The Operator Group......................................................................................................................... 9
16–9. SLIDE: The User Group ..............................................................................................................................10
16-10. SLIDE: Custom Groups ..............................................................................................................................11
16-11. SLIDE: Default group permissions ...........................................................................................................12
16-12. SLIDE: Add User Group..............................................................................................................................13
16-13. SLIDE: Add Users.......................................................................................................................................15
16-14. SLIDE: User Restrictions ...........................................................................................................................16
16-15. SLIDE: LDAP user integration ...................................................................................................................19
16-16. SLIDE: Client and Cell security ..................................................................................................................21
16-17. SLIDE: Certificate based DP GUI connection .............................................................................................23
16-18. SLIDE: Network Access—INET (HP-UX) ....................................................................................................24
16-19. SLIDE: Network Access—INET (Windows)................................................................................................25
16-20. SLIDE: Inet User Impersonation ...............................................................................................................26
16-21. SLIDE: Creating Impersonator Users ........................................................................................................28
16-22. SLIDE: Changing the Web Password .........................................................................................................32
Data Protector Essentials VII

Content
Module 17 — Auditing 1
17–3. SLIDE: Auditing overview.............................................................................................................................2
17–4. SLIDE: Backup session auditing...................................................................................................................3
17–5. SLIDE: Enhanced Event logging ...................................................................................................................7
Module 18 — Disaster Recovery 1

18–3. SLIDE: Overview Disaster Recovery............................................................................................................2
18–4. SLIDE: Disaster Recovery Phases ...............................................................................................................4
18–5. SLIDE: DRM for EADR and OBDR .................................................................................................................5
18–6. SLIDE: Phase 0 a: Perform a full backup ....................................................................................................6
18–7. SLIDE: Phase 0 b: Create DR Image 1/4 ......................................................................................................7
18–8. SLIDE: Phase 0 b: Create DR Image 2/4 ......................................................................................................9
18–9. SLIDE: Phase 0 b: Create DR Image 3/4 ................................................................................................... 10
18-10. SLIDE: Phase 0 b: Create DR Image 4/4 ................................................................................................... 11
18-11. SLIDE: Phase 1: Booting the recovery image .......................................................................................... 13
18-12. SLIDE: Recovery Method/options GUI ..................................................................................................... 14
18-13. SLIDE: Recovery progress monitor GUI ................................................................................................... 16
18-14. SLIDE: DR on Dissimilar hardware ........................................................................................................... 17
Module 19 — Patching 1
19–3. SLIDE: Data Protector Enhancements and Fixes ........................................................................................2
19–4. SLIDE: How to download Fixes and Enhancements ....................................................................................4
19–5. SLIDE: Download from Software Support Online (SSO) ..............................................................................5
19–6. SLIDE: GR Patch Installation ........................................................................................................................7
19–7. SLIDE: Step 1: Update the Installation Server (IS) ......................................................................................8
19–8. SLIDE: Step 2: Update the Client .................................................................................................................9
19–9. SLIDE: List installed Data Protector Patches ........................................................................................... 10
Module 20 — Troubleshooting 1
20–3. SLIDE: Log files ............................................................................................................................................2
20–4. SLIDE: Debug (Execution Tracing) ...............................................................................................................5
20–5. SLIDE: Debug Log Collector .........................................................................................................................8
20–6. SLIDE: Message Details ............................................................................................................................ 11
20–7. SLIDE: Network Connectivity .................................................................................................................... 12
20–8. SLIDE: Services ......................................................................................................................................... 14
20–9. SLIDE: Backup Devices.............................................................................................................................. 17
20-10. SLIDE: Backup and Restore ..................................................................................................................... 19
20-11. SLIDE: omnihealthcheck .......................................................................................................................... 22
20-12. SLIDE: HealthCheckConfig file ................................................................................................................. 23
20-13. SLIDE: omnitrig –run_checks................................................................................................................... 24
VIII Data Protector Essentials

Contents
Data Protector Essentials IX

Module 1 — Introduction
Objectives
Upon completion of this module, you will be able to:
• Describe the content and structure of this course
• Find additional information about HP Data Protector software on HP web pages
Contents
Module 1 — Introduction 1
1–3. SLIDE: Welcome ......................................................................................................................... 2
1–4. SLIDE: Overview......................................................................................................................... 3
1–5. SLIDE: Agenda ........................................................................................................................... 5
1–7. SLIDE: Additional Resources ..................................................................................................... 6
Module 1
Introduction
1–3. SLIDE: Welcome
Welcome
Introduction
•Overview
•Agenda
•Logistics
•Additional Resources
3 © Copyright 2012 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice.
Welcome to HP Software Education, and the
DP120 HP Data Protector 9.0X Essentials
course.
This course is designed for system administrators who will be responsible for the installation,
configuration, and management of the HP Data Protector management software.
This course covers the HP Data Protector software product functionality for the version 9.0X.
Throughout this course, the product name “HP Data Protector software” will be shortened to just
Data Protector or DP for simplicity.
1-2 Data Protector Essentials

Module 1
Introduction
1–4. SLIDE: Overview
Overview
Introduction
The following courses for HP Data Protector software are available:
Basic Course
4 days
DP120 Essentials
Update Course
2 days
DP121 Update
VMware Advanced Windows

Integration Integrations
2 days 4 days
DP220 Virtualization DP200 Integrations
Overview
The following courses for HP Data Protector software are available:
HP Data Protector software DP120 Essentials course – 4 days
This 4 days course covers the main features and functions of Data Protector software. It explains
the product architecture, installation of the product and how to configure and run backups and
restores in Data Protector. In addition it explains the Internal database used by the product, the
special handling in case of a Disaster and how to troubleshoot the product. At the end of the course
the product and licensing structure is explained.
HP Data Protector software DP121 Update course –2 days
The 2 days course provides IT professional with information about the new HP Data Protector
software 8.10 version and explains the required steps on how to install the software in your
environment and how to update or migrate from a previous version. The course explains the new
Internal Database and architecture changes to improve the scalability and performance in Data
Protector and covers the new features and functions that are part of this version.
The course offers Hands-on lab on all the key features and changes to ensure a thorough
understanding of the course contents.
Data Protector Essentials 1-3

Module 1
Introduction
HP Data Protector software DP200 Advanced Windows Integration course – 4 days
The 4 days HP Data Protector software DP200 Advanced Windows Integration course will focus
on HP Data Protector software integrations with the main MS Windows based Application and
Database solutions, such as MS Exchange, MS SQL Server and MS SharePoint. The course explains
how to configure the integration, how to run backup and restores and how to perform a Disaster
Recovery. It covers all the supported integration methods, such as using the Online Backup API of
the application or database or how to utilize the Volume Shadow Copy framework for backup and
restores. In addition the Granular Recovery module for Exchange and SharePoint to perform single
item recovery will be explained in this 4 days course.
HP Data Protector software DP220 VMware Integration course – 2 days
The 2 days HP Data Protector software DP220 VMware Integration course explains the functions
and features of the Data Protector VMware Integration agent, from single ESX server integrations
up to large VMware vCloud Director configurations. In addition, the function of the HP Data
Protector software VMware Granular Recovery agent that will allow the single restore of files and
Directories from a VMware backup is explained in detail.

Module 1
Introduction
1–5. SLIDE: Agenda
Agenda
Introduction
The following chapters will be covered in the DP120 HP Data Protector software 9.0X Essentials
course:
Day 1 Day2 Day 2 Day3 Day 3 Day 4

Day4
• Introduction • Backup Devices • Restore • Deduplication

• HP Adaptive • Media Management • Monitor/Reporting/ • Security
Backup and • Backup Notification • Auditing
Recovery Solutions • Media & Object Copy • Disaster Recovery
• Architecture • Object Consolidation • Patching
• Installation • Internal Database • Troubleshooting
• Upgrade
• Licensing & Product
Structure
Agenda
The DP120 HP Data Protector software 9.0X Essentials course is a 4 day course and will be
delivered as Classroom or Remote course, both with Hand-on Labs included.
The main chapters of this course are listed on the slide.

Module 1
Introduction
1–7. SLIDE: Additional Resources
Additional resources
Introduction
• Data Protector product documentation

• Bundled with the product
• Updated versions available as direct download
on SSO Portal or as part of Data Protector Documentation Patch
• Visit Data Protector on the web:

• Via hp.com:
http://hp.com/go/dataprotector
• Via autonomy.com:
http://autonomy.com/products/data-protector
• Data Protector Consulting & Support services

• See Student Guide for more information
• Training
• Contact Autonomy Education under:
https://registration.autonomy.com/dp
Additional Resources
Hewlett Packard provides several additional resources designed to make you successful with our
products. These include:
• Product documentation
A soft copy (Acrobat PDF format) is included with your HP Data Protector software
distribution. Additional product manuals, support matrices and technical papers are
available for download on the HP Software Support Online portal (listed below) or released
as part of a Data Protector Documentation Patch.
• Data Protector on hp.com http://hp.com/go/dataprotector
This is the main entry point for general Data Protector information with links to latest
whitepapers and solution briefs

Module 1
Introduction
• Data Protector on autonomy.com http://www.autonomy.com/products/data-protector
Visit the link to see Data Protector as integrated part of Autonomy, an HP company,
advanced data protection suite. You find links to download Data protector trial version,
video that explains Data Protectors industry’s leading features, together with Whitepapers
and contact information.
• Consulting and Support services
For consulting requests contact your local sales representative or visit us on the internet
via: http://www.autonomy.com/work/services/professional-services
For support, patches and additional information about the product visit the
Software Support Online (SSO) portal on:
https://softwaresupport.hp.com/group/softwaresupport/
(Note: HP Passport registration and SAID Contract Identifier required)
• Training https://registration.autonomy.com/dp
For Data Protector Training courses, their schedules and for registration visit our Training
course registration page.
Selected courses are now available as Self-Study Course.

For more information and registration visit
https://registration.autonomy.com/autonomy/selfstudy.php

Module 2 — HP’s Adaptive Backup and
Recovery Solutions
Objectives
• Understand and explain HP’s Adaptive Backup and Recovery strategy
Contents
Module 2 — HP’s Adaptive Backup and Recovery Solutions 1
2–3. SLIDE: HP Adaptive Backup and Recovery concept ................................................................. 2
2–4. SLIDE: HP Adaptive Backup and Recovery Suite ...................................................................... 3
2–5. SLIDE: HP Data Protector ......................................................................................................... 4
2–6. SLIDE: Introducing Data Protector 9.0 ..................................................................................... 5
2–7. SLIDE: Non-Staged Granular Recovery for VMware................................................................. 6
2–8. SLIDE: Data Protector Federated Deduplication ...................................................................... 7
2–9. SLIDE: Data Protector Catalyst Over Fiber Channel ................................................................. 8
2-10. SLIDE: Data Protector Enhanced UI Preview ............................................................................ 9
2-11. SLIDE: HP Backup Navigator................................................................................................... 10
2-12. SLIDE: Data Protector Management Pack .............................................................................. 11
2-13. SLIDE: For more information .................................................................................................. 12
Module 2
HP’s Adaptive Backup and Recovery Solutions
2–3. SLIDE: HP Adaptive Backup and Recovery concept
HP Adaptive Backup and Recovery

HP Adaptive Backup and Recovery is a new, innovative & game-changing technology
and vision for the backup market.
Core Capabilities
I. Prioritization
Set policies based on data & application
priority & business criticality
II. Prediction
Real-time operational analytics drive
optimal resource utilization
III. Recommendation Zero Downtime
Instant Restores Tiered Backup
Actionable suggestions to mitigate Backup
potential conflicts & ensure SLAs are met Operational
Granular Control Integrations
Analytics
IV. Automation
Self-learning system enables automated
provisioning adjustments >_ APP
OS
Applications OS File Systems Hypervisor Networking Compute Storage Archive Cloud
HP Adaptive Backup and Recovery concept
HP Adaptive Backup and Recovery (ABR) is a new, innovative & game-changing technology and
vision for the backup market. It contains the following core capabilities:
I. Prioritization
Set policies based on data & application priority & business criticality
II. Prediction
Real-time operational analytics drive optimal resource utilization
III. Recommendation
Actionable suggestions to mitigate potential conflicts & ensure SLAs are met
IV. Automation
Self-learning system enables automated provisioning adjustments
ABR is a based on a phased rollout approach with Prioritization and Prediction already available.

Module 2
2–4. SLIDE: HP Adaptive Backup and Recovery Suite
HP Adaptive Backup and Recovery Suite
HP Data Protector
Management Pack
Real Time
Monitoring
HP Data
Protector
Integrated / Aware Granular Control

Disaster Recovery Instant Recovery
Deduplication Encryption
Reporting and
>_ APP Analyzing
OS HP Backup
Applications OS File Systems Hypervisor Networking Compute Storage Archive Cloud Navigator
HP is revolutionizing how backup and recovery is addressed. Our backup and recovery platform, HP
Data Protector delivers a framework that is deeply integrated into the technology stack and
workload aware. You benefit from a solution that provides zero-downtime/zero-performance-
impact backups to facilitate instant recovery and disaster recovery planning for core datacenters,
regional offices and branch offices
Regardless of your size, you’ll build your data protection strategy on enterprise class software that
uses key storage technologies to address your capacity and security needs now and into the future.
Add to this platform the complimentary products HP Backup Navigator for reporting, analysis,
trending and forecasting, along with HP Data Protector Management Pack for real-time
monitoring of the backup and recovery infrastructure, and you’ll be assured that you are investing
in a company whose vision and execution of our solution is based on evolving the backup and
recovery process to be just as agile as the datacenter and capable of shifting just as quickly as the
workloads your are tasked with protecting.

Module 2
2–5. SLIDE: HP Data Protector
HP Data Protector
Meaning Based Data Protection
HP Data Protector delivers:
• Centralized management:
Perform global backup and recovery operations from a single
console that is extremely powerful, yet simple and easy to use,
install, and configure.
• Advanced backup to disk, tape, and cloud:
Get integrated protection across a continuum of storage
options.
• Zero-downtime backup and Instant Recovery:
Protect critical applications such as databases, messaging
platforms, and enterprise platforms through advanced
integration with storage hardware snapshots and recover it in
minutes instead of hours
• Granular recovery extension:
Recover single items faster, providing admin-centric recovery
capabilities to improve recovery-related SLAs.
HP Data Protector
Data Protector is the industry's first unified meaning based data protection solution that utilizes an
intelligent data management approach to seamlessly protect and harness data based on its
meaning from edge to datacenter and across physical, virtual and cloud environments.
HP Data Protector delivers:

• Centralized management
Perform global backup and recovery operations from a single console that is extremely
powerful, yet simple and easy to use, install, and configure.
• Advanced backup to disk, tape, and cloud

Get integrated protection across a continuum of storage options.
Zero-downtime backup and Instant Recovery

Protect critical applications such as databases, messaging platforms, and enterprise
platforms through advanced integration with storage hardware snapshots and recover in minutes
instead of hours for critical applications such as databases, messaging and enterprise platforms.
• Granular recovery extension

Recover single items faster, providing admin-centric recovery capabilities to improve
recovery-related SLAs.

Module 2
2–6. SLIDE: Introducing Data Protector 9.0
Introducing HP Data Protector 9.0
HP Data Protector 9.0 Key Features
• SmartCache based non-staged GRE for VMware

Single-step, enhanced granular recovery for virtual
machines, based on the newly introduced Data Protector
SmartCache backup device
• StoreOnce Integrations
Scale-out store management with Federated Catalyst for
B6200 and 6500, Support for high performance backups
with StoreOnce Catalyst over fiber channel
• Enhanced UI Preview
New HP One View look and feel user interface for select
modules: Advanced Scheduler, Global options & Missed job
executions
Introducing Data Protector 9.0
The most recent Data Protector version 9.0 introduces the following key features:
• SmartCache based non-staged GRE for VMware

Single-step, enhanced granular recovery for virtual machines, based on the newly introduced Data
Protector SmartCache backup device
• StoreOnce Integrations
Scale-out store management with Federated Catalyst for B6200 and 6500, Support for high
performance backups with StoreOnce Catalyst over fiber channel
• Enhanced UI Preview
New HP One View look and feel user interface for select modules: Advanced Scheduler, Global
options & Missed job executions
The features are explained with more details on the following pages.

Module 2
2–7. SLIDE: Non-Staged Granular Recovery for VMware
Non-Staged Granular Recovery for VMware

Accelerate single item recovery
Description
– Direct, non-staged single file recovery for VMware
– Based on the newly introduced SmartCache Device
– Restore driven by the VMware administrator
– Browse to select file for restore
Usage
– Single item recovery from image
based VMware backups
Benefit
– Accelerated single item recovery
from large virtual machines
Non-Staged Granular Recovery for VMware
Description
The non-staged recovery feature in GRE for VMware introduces the presentation and recovery of
files from a VMware backup, without restoring the backed up VMDK files into a staging area. As a
requirement the backup has to be performed into the newly introduced Data Protector SmartCache
Device.
Usage
During a non-staged VMware Granular Recovery the appropriate backed up VMDK file is directly
mounted on the mount proxy host and enables the user to browse the disk and select the file(s) to
recover. Hence, with non-staged recovery, it is not necessary to restore a disk (or a whole chain) of
any particular backup for recovering files.
Benefit
Using the non-staged recovery feature in GRE for VMware will significantly accelerated single item
recovery from large virtual machines by obsoleting the restore of the backed up VMware data files.

Module 2
2–8. SLIDE: Data Protector Federated Deduplication
Data Protector Federated Deduplication
StoreOnce Enhancements
Description
– Deduplication store can span multiple nodes
Applications
(B6200 & 6500 only)
– Supported with Application Source and Backup
Server deduplication
Virtualization
– Stores are teamed within the StoreOnce UI
Usage
File Servers
– Balance capacity, performance and growth over
multiple nodes
– Best practice is to group like data types together
Databases Benefit
– Easier capacity and performance planning
as well as management
Data Protector Federated Deduplication
Description
The latest generation of StoreOnce Catalyst release supports the configuration of federated
deduplication devices for the StoreOnce models B6200 and 6500. These federated stores can span
up to 4 nodes and allow the configuration significant larger stores.
Federated stores need to be configured within the StoreOnce UI.
Usage
Federated stores will automatically balance capacity, performance
and grow over multiple nodes. Within Data Protector federates
stores can be configured within B2D devices like normal stores.
For best performance it is recommended to configure separate
stores for the separate data types you are backing up, e.g.
Filesystem stores, Oracle stores, VMware stores.
Benefit
Federated Deduplication simplifies the capacity and performance planning as well as the StoreOnce
management.

Module 2
2–9. SLIDE: Data Protector Catalyst Over Fiber Channel
Data Protector Catalyst Over Fiber Channel
StoreOnce Enhancements
Description
LAN FC – Catalyst protocol now available over Ethernet
and Fiber Channel
– Application Source & Backup Server deduplication
– Limited to Windows & Linux media agents
Usage
– Catalyst based backup in the data center where
fibre channel infrastructure is available
Catalyst
Benefit
– Improve backup & restore performance
– Leverage existing backup SAN infrastructure
Data Protector Catalyst Over Fiber Channel
Description
In addition to federated deduplication the latest generation of the StoreOnce Catalyst release
introduces supports for Ethernet and Fiber Channel interfaces. Application Source and Backup
Server Deduplication are supported in such configurations. With the current release the feature is
limited to Windows and Linux gateway systems only.
Usage
The feature allows Catalyst based backup in Data centers where Fibre Channel infrastructure is
available. In Data Protector enter the so called Catalyst over Fiber Channel (COFC) address instead
of an IP or FQDN of the store during the B2D
configuration. The store needs to be
configured within the StoreOnce UI, the COFC
address/alias is generated and displayed
within that StoreOnce UI.
Benefit
Store Once Catalyst Backups over Fibre Channel take advantage or an existing backup SAN
infrastructure and will significantly improve the backup & restore performance.

Module 2
2-10. SLIDE: Data Protector Enhanced UI Preview
Data Protector Enhanced UI Preview

Common look & feel across HP products
Updated for:
• Advanced scheduler
• Missed job executions
• Global options
Data Protector Enhanced UI Preview
Data Protector is now supporting the new HP One View look and feel user interface for the select
modules:
• Advanced Scheduler
• Global options
• Missed job executions
The updated modules provide a new look and feel by offering the same functionality.
Additional updates are planned.

Module 2
2-11. SLIDE: HP Backup Navigator
HP Backup Navigator
Comprehensive Backup/Recovery Reporting for HP Data Protector
Key Features
• Central monitor for multiple DP Cell Managers • Performance, capacity trending & future
• Simplified tracking of infrastructure changes planning and simplified error analysis
across complete Data Protector environment • Customizable reporting and dashboard
HP Backup Navigator
HP Backup Navigator, a companion product to HP Data Protector software, enables you to

collect, correlate, and analyze trends in backup and recovery data to isolate and expose
patterns in your data protection operation.
Designed to rapidly analyze large volumes of operational data, HP Backup Navigator quickly
identifies performance-related information, capacity utilization rates and trends, and future
infrastructure requirements, based on projected data characteristics and infrastructure
capabilities.
The key features are:

• Central monitor of multiple DP Cell Managers
• Simplified tracking of infrastructure changes across complete Data Protector environment
• Performance, capacity trending & future planning and simplified error analysis
• Customizable reporting and dashboard
For more information visit http://www.autonomy.com/adaptivebackup/backup-navigator
2 - 10 Data Protector Essentials

Module 2
2-12. SLIDE: Data Protector Management Pack
Data Protector Management Pack

Key Features
• extend the functionality of Microsoft System Center Operations Manager (MS SCOM) to
support monitoring, reporting, and troubleshooting of HP Data Protector environments
• fully integrates topology, health, and performance data into the MS SCOM
• providing the end-to-end operations overview across the entire Data Protector environment
Data Protector Management Pack
HP Data Protector Management Pack for Microsoft® Systems Center Operations Manager (SCOM)
delivers real-time intelligent monitoring, analysis, isolation, remediation, and reporting for Data
Protector environments. It continually monitors the health and state of each component in the
backup and recovery infrastructure to provide you with actionable insight that can increase the
effectiveness of your data protection services.
HP Data Protector Management Pack for Microsoft® SCOM adds Data Protector specific monitors,
rules, views, tasks, knowledge and reports into an existing SCOM installation.
Monitoring the health and performance of the backup and recovery infrastructure is the first step in
identifying what has happened. The next logical step is to identify how one issue may relate to the
next. The diagnostic and actionable insight provided HP Data Protector Management Pack allows
for the separation of cause and effect while uncovering often-unrelated dependencies that have an
effect on the infrastructure.
Using graphical cues and visualization interfaces, HP Data Protector Management Pack delivers
actionable insight by providing the tasks that can be used to address the issues uncovered in the
diagnostic analysis. In real time, IT staff can quickly isolate issues and execute solutions that make
use of HP Data Protector best practices.
Data Protector Essentials 2 - 11

Module 2
2-13. SLIDE: For more information
HP Adaptive Backup and Recovery
For more information visit:
www.adaptive-backup.com
For more information
Please visit the web page: www.adaptive-backup.com

Module 2

Module 3 — HP Data Protector Architecture
Objectives
• Identify the environment in which HP Data Protector Software operates
• Identify the components and structure of the Data Protector cell
• Describe the operational concept of the Data Protector and list basic tuning approaches
Contents
Module 3 — HP Data Protector Architecture 1
3–3. SLIDE: HP Data Protector .......................................................................................................... 2
3–4. SLIDE: HP Data Protector history .............................................................................................. 4
3–5. SLIDE: Protected environment .................................................................................................. 5
3–6. SLIDE: Backup options............................................................................................................... 6
3–7. SLIDE: Direct attached backup .................................................................................................. 7
3–8. SLIDE: Network backup ............................................................................................................. 8
3–9. SLIDE: SAN attached backup ..................................................................................................... 9
3-10. SLIDE: Array based replica backup (ZDB) ............................................................................... 10
3-11. SLIDE: Backup and replication methods ................................................................................ 12
3-12. SLIDE: Cell concept ................................................................................................................. 13
3-13. SLIDE: Client server architecture............................................................................................ 16
3-14. SLIDE: Cell Manager (CM) ........................................................................................................ 17
3-15. SLIDE: Disk Agent (DA)............................................................................................................ 18
3-16. SLIDE: Media Agent (MA) ........................................................................................................ 19
3-17. SLIDE: Integration Agent (IA) .................................................................................................. 20
3-18. SLIDE: Installation Server (IS)................................................................................................. 21
3-19. SLIDE: User Interface .............................................................................................................. 22
3-20. SLIDE: Granular Recovery Extension Agent ........................................................................... 23
3-21. SLIDE: Internal Database (IDB) ............................................................................................... 24
3-22. SLIDE: Typical Data Protector session ................................................................................... 25
3-23. SLIDE: Variables used in this training..................................................................................... 27
3-24. SLIDE: DP Tuning via global file ............................................................................................. 28
3-25. SLIDE: DP Tuning via omnirc file ............................................................................................ 29
3-26. SLIDE: Support matrix ............................................................................................................ 30
Module 3
Architecture
3–3. SLIDE: HP Data Protector
HP Data Protector software

Rethinking protection for the modern data center
What is it?
• Software that provides automated data protection for
businesses with 24x7 availability needs
What does it do?

• Data Protection: copies data onto a secondary storage
device, including disk or tape, so that in case of a disaster,
data can be easily recovered
• Media management: easily manages the library catalogues
to keep track of all media and copies of data for fast recovery
Most important features:

• Scalable and Highly Flexible Architecture
• Easy Central Administration
• Excellent Backup Performance
• Support of High Available Environments
• Enterprise Application Protection
• Comprehensive backup and recovery of Virtual Environments
HP Data Protector
HP Data Protector is a backup solution that provides reliable data protection and high accessibility
for your fast growing business data. Data Protector offers comprehensive backup and restore
functionality specifically tailored for enterprise-wide and distributed environments.
The following list describes major Data Protector features:
Scalable and Highly Flexible Architecture

Data Protector can be used in environments ranging from a single system to thousands of systems
on several sites. Due to the network component concept of Data Protector, elements of the backup
infrastructure can be placed in the topology according to user requirements. The numerous backup
options and alternatives to setting up a backup infrastructure allow the implementation of virtually
any configuration you want.

Module 3
Architecture
Easy Central Administration

Through its easy-to-use graphical user interface (GUI), Data Protector allows you to administer
your complete backup environment from a single system. To ease operation, the GUI can be
installed on various systems to allow multiple administrators to access Data Protector via their
locally installed consoles. Even multiple backup environments can be managed from a single
system.
Excellent Backup Performance

Data Protector enables you to perform backup to several hundred backup devices simultaneously
over SAN, LAN or WAN connections and supports backups in multiple streams to each device to fully
utilize the available bandwidth and allow you to tune your backups to best fit your requirements. In
addition Data Protector supports HP StoreOnce based Deduplication in various combinations to
remove any redundant data from the backup and protects only the unique data blocks.
Support of High Available Environments

Data Protector enables you to meet high availability needs for continued business operations
around the clock by:
• Supporting clusters to ensure fail-safe operation and support backup of virtual nodes.
• Enabling the Data Protector Cell Manager itself to run on a cluster.
• Supporting all popular online database Application Programming Interfaces.
• Providing best in class support for HP Storage based high-availability solutions like the HP
StorageWorks P6000 EVA Disk Array Family, HP StorageWorks P9000 XP Disk Array Family,
or HP StorageWorks P10000 3PAR array
• Providing various disaster recovery methods for Windows and UNIX platforms.
• Offering methods of duplicating backed up data during and after the backup to improve
fault tolerance of backups or for redundancy purposes.
Enterprise Application Protection

Data Protector provides online backup of Microsoft Exchange Server, Microsoft SQL Server,
Microsoft SharePoint Server, Oracle, Informix Server, SAP R/3, SAP MaxDB, Lotus Notes/Domino
Server, IBM DB2 UDB, Sybase database objects, and VMware Virtual Infrastructure and Hyper-V
objects. For a list of supported versions for a particular operating system, see the HP Data
Protector Product Announcements, Software Notes, and References.
Comprehensive backup and recovery of Virtual Environments

Data Protector is able to backup Virtual Environments by supporting all available main Hypervisors.
Supporting VMware’s Storage API Data Protector is able to backup every single VM up to whole
virtualized Data Centers or vCloud Director environments. Using the Data Protector Granular
Recovery module for VMware it is possible to recover single files from a VMware Server backup.
For detailed documentation describing the features of Data Protector, including integrations, as
well as the latest platform and integration support information, consult the HP Data Protector
home page at: http://www.hp.com/go/dataprotector.

Module 3
Architecture
3–4. SLIDE: HP Data Protector history
HP Data Protector history
• Former name OmniBack II was changed to Data Protector in 2002

• First version of OmniBack II was released in 1994
• Current version Data Protector 9.01 was released in July 2014
HP Data Protector history
The first version of Data Protector was released in 1994 as HPUX version only version and called
OmniBack II these days. The original name was taken from a backup tool that was originally
developed by Apollo Computers, a company that HP took over in 1989. After several releases with a
fast growing installed base the decision was made to change the name to Data Protector in 2002.
For backwards compatibility reasons, the existing directory structure and binary names were kept,
so today all Data Protector installation directories and binary names still contain the reference to
the original name of the product such as:
• Directory names on Windows systems : C:\Program Files\OmniBack

• Directory names on Unix systems : /etc/opt/omni
• CLI command to start Data Protector : omnisv -start

Module 3
Architecture
3–5. SLIDE: Protected environment
Protected environment
REGIONAL
OFFICE DATA CENTER
BRANCH LAN/
OFFICE WAN
DISASTER RECOVERY Backupterm

Long devices
Archive
SITE
Protected environment
Data Protector is able to provide backup services from small and medium, up to enterprise sized
installations. It is able to manage challenging installations such as high available applications and
database setups, as well as virtualized environments. In addition, it supports complex multi-site
setups with regional and branch offices, connected over LAN/WAN to business critical systems and
applications.
Based on geographical, network connectivity or security reasons the client systems might be
managed by a single or by multiple Data Protector cells. Even if you choose to have multiple cells,
Data Protector allows you to easily configure common policies and concepts among the cells and
share the available backup infrastructure with all configured cells.

Module 3
Architecture
3–6. SLIDE: Backup options
Available Backup options
Data Protector supports the following backup options:

• Direct attached backup
• Network backup
• SAN attached backup
• Array based replica backup (ZDB)
Backup options
Data Protector offers several ways of performing a backup and running a restore. Advanced backup
and restore functionality offered by Data Protector are Zero Downtime Backup (ZDB) and Instant
Recovery (IR).
Backup models supported by Data Protector are:

• Direct attached storage
• Zero Downtime Backup with disk arrays
• Heterogeneous network backup
• Backup into the HP Cloud
• Storage Area Network (SAN) attached online and nearline storage
• Advanced backup to virtual tape libraries (disk based backup)
• Network Attached Storage (NAS, using NDMP)
In the next slides we will discuss the main concepts:

• Direct attached backup
• Network backup
• SAN attached backup
• Array based replica backup

Module 3
Architecture
3–7. SLIDE: Direct attached backup
Direct attached backup

• Direct attached backup device needed
• No other host is part of the backup process
• Data is transferred from application disk to backup device
Cell
Manager
LAN
Application Application Application Media server

host host host Backup host
Tape Backup
or: Disk Backup

Disk Array Tape Library
Direct attached backup
The concept of direct attached backup means that only one host is included in the backup process.
The data is read by the Data Protector Disk Agent and written to the backup device by Data
Protector Media Agent. In this scenario both Agents (Disk and Media) are running on the same
system, no other host is included in the backup process.
A direct attached backup device is a device which is controlled by the Media Agent installed on the
host, e.g.:
• direct attached tape drive (SCSI)

• NAS attached device (NDMP)

Module 3
Architecture
3–8. SLIDE: Network backup
Network backup
• Backup devices connected to a dedicated backup host
• Application host and Backup host are part of the backup process
• Data transferred via LAN from application disk to backup device
Cell
LAN Manager

Tape Library
Disk Array (Direct or SAN
attached)
Network backup
In opposite to the direct attached backup, where both Agents (Disk and Media Agent) are running on
the same system, when talking about network backup the network (LAN) is included in backup
process.
The Disk Agent installed on one system is reading the backup data and sending the data via LAN to
the Media Agent installed on the system where the backup device is connected.

Module 3
Architecture
3–9. SLIDE: SAN attached backup
SAN attached backup

• SAN attached backup device needed
• no other host is part of backup process
• data is transferred from application host to the backup device
Cell
Manager
LAN

Tape Library
Disk Array Tape Library

SAN
SAN attached backup
Data Protector supports the Storage Area Network (SAN) concept by enabling multiple systems to
share backup devices in the SAN environment. The same physical device can be accessed from
multiple systems. Thus, any SAN connected system can perform a local backup to these devices
without using any other system.
Because data is transferred over the SAN, backups do not need any bandwidth on the conventional
LAN. This type of backup is sometimes referred to as a “LAN-free” backup.

Module 3
Architecture
3-10. SLIDE: Array based replica backup (ZDB)
Array based replica backup (ZDB)

• Disk array functionality is used to create a replica (Snapshot/Mirror)
• replica is mounted on a dedicated backup host and data is backed up
from there to a backup device, so no impact on application host, also
called Zero Downtime Backup (ZDB)
Cell
Manager
LAN
Application Application Application Backup

host host host host
SAN
Optional:
Tape or Disk Backup
Optional: Instant Recovery (IR) ZDB IR

created replica can be kept within the
array for fast Replica based Restore
and Recovery Disk Array Tape Library
Array based replica backup (ZDB)
Zero Downtime Backup (ZDB) is a backup approach in which Disk Array based mirror and snapshot
techniques are used to minimize the impact of backup operations on an application system. A
replica of the data to be backed up is created first, and all subsequent backup operations are
performed on the replicated data rather than the original data.
As a backup occurs in the background while the application remains online and available for use,
the impact on your environment during a backup is minimal. The recovery window is dramatically
reduced by using the Instant Recovery (IR) functionality, which enables recovery of vast amount of
data in minutes rather than hours. This makes ZDB and IR capabilities suitable for high-availability
systems and mission-critical applications.
The following are the basic principles behind ZDB and IR:
• Create, at high speed, a copy of the data to be backed up and then perform backup
operations on the copy, rather than on the original data.
• Restore a backup copy of data, held on the array, to its original location on the array
to facilitate high-speed recovery.

Module 3
Architecture
Using Data Protector, you can perform three types of ZDB:
• ZDB to tape
• ZDB to disk
• ZDB to disk+tape
The main difference between a traditional tape backup and ZDB is that during a traditional tape
backup, application operation is affected until the streaming of data to the backup medium is
complete. Using ZDB, application operation is only affected during the time it takes to create a
replica. As this process is almost instantaneous, the impact on the application is considerably
reduced. After the replica is created, the application is returned to normal operation, and backup to
tape is done without impacting the application. Regardless the fact that the backup is physically
performed from a backup host the backup is handled in the IDB like it was done directly on the
application host.
ZDB to tape
The basic concept of ZDB to tape is the following: create, at a high speed, a copy of data (a replica)
from the source volumes at a specific point in time, and use this replica for a backup to a standard
backup medium, typically to tape, but of course also a disk backup is possible. The replica is
presented to a backup host to minimize the backup impact to the application host. After the
backup, the created replica may be overwritten Restore is done from tape and does not differ to a
normal restore.
Note: ZDB to tape method supports backup to a disk or tape device
ZDB to disk
With ZDB to disk a replica is created and kept on the array. The replica is temporary presented to
the backup host to validate consistency the created volume, but no tape backup is performed. A
high speed recovery of the backed up data can be performed using Instant Recovery.
Note: ZDB to disk method only creates the replica. No backup to a disk or tape device is
performed.
ZDB to disk+tape
From the functionality point of view, ZDB to disk+tape is ZDB to disk with the added capability to
stream data from the replica to tape or disk medium, after replication.
Restore of the backed up data can be performed ether by utilizing Instant Recovery of by running a
traditional tape restore.
Note: ZDB to disk+tape method consists internally out of two Data Protector sessions, the
replica creation part and the optional backup to a disk or tape device, while externally only
one session-id is used. Normal restore and IR based restore is possible by using the same
session-id.

Module 3
Architecture
3-11. SLIDE: Backup and replication methods
Backup and Replication methods

Possibilities: Combinations:
• Backup to physical backup device/tape • Disk  Tape (D2T)
library • Disk  Disk (D2D)
• Backup to virtual tape library • Tape  Tape
• Backup to a file library/file device • Tape  Disk
• Disk  Disk  Tape (D2D2T)*
• Media copy
• Disk  Disk + Tape (ZDB)
• Object copy
• Object consolidation
• Backup mirroring
• Zero Downtime Backup (ZDB) *
Disk Disk
Backup and replication methods
Most companies are challenged today to reduce or eliminate downtime, this includes a requirement
to reduce or eliminate the backup windows.
Many companies are opting for Disk-to-Disk (D2D) backup as a way to reduce the time spent
executing backup jobs and in addition to have better performance when restoring single files. While
Disk-to-Tape (D2T) is still necessary to meet long term archiving and compliance requirements,
D2D is fast becoming the primary backup method. To meet these challenges, Data Protector
provides an ever increasing set of possibilities and combinations to meet the data security and
service levels required. Shown above are the backup possibilities offered with Data Protector.

Module 3
Architecture
3-12. SLIDE: Cell concept
Cell concept
Manager of Managers
• Backup domain (MoM)
Cell2
• Logical organization of systems
• Can match your organization or
geographical region Cell1
• Heterogeneous system support
• Independent, but centrally managed
GUI
Client Cell
sytems
Backup IDB Manager Backup
devices specifications
Cell
GUI Media pools,

media
Cell concept
The Data Protector cell is a network environment that has a Cell Manager, client systems, and
backup devices. The Cell Manager is the central control point that manages all backup and restore
operations in the cell and runs the Internal Database (IDB). After the installation of Data Protector
agent software on client systems these systems become Data Protector client systems that are
part of the cell and their data is backed up to media in configured backup devices.
The Data Protector IDB keeps track of the files you back up so that you can browse and easily
recover single files or the entire system. Data Protector facilitates backup and restore jobs. You can
do an immediate (or interactive) backup using the Data Protector Graphical User Interface (GUI) or
using the Command Line. You can also schedule your backups to run unattended.
The Data Protector architecture breaks down the size and complexity of the enterprise network by
allowing systems to be configured into Data Protector cells. This cell is a loosely coupled collection
of systems, organized to allow for central management of backup processes.
Important: A client system can only belong to one cell at the same time.
Roles in the Data Protector Cell

Before installation you need to determine the role of each system in your Data Protector cell. The
following cell components must be selected in order to set up the environment properly.

Module 3
Architecture
Cell components Roles in the cell Description

Cell Manager The computer that is the Only one Cell Manager system can
central point for managing be present in each cell. You cannot
the backup environment. run Data Protector without having
the Cell Manager system installed.
Installation Server The computer that holds This computer must have the
the Data Protector software Installation Server for the
depots for remote particular platform (UNIX or
installation. Windows) installed. By default, the
Cell Manager and Installation
Server are on the same system.
Client system Computers that are backed These computers must have the
up. Disk Agent installed.
The Disk Agent is also installed on
the Cell Manager, allowing you to
back up the Data Protector
configuration, the IDB, and data on
the Cell Manager.
Client system Computers with access to These computers must have a
(Backup system) backup devices. Media Agent installed.
A backup device can be connected
to any system in the cell, not only
to the Cell Manager.
DP User Interface Computers that can access You can install the graphical user
Data Protector interface on many systems, and
functionality. are therefore able to access the
Cell Manager from different
locations.
Cells are generally independent parts of the enterprise network. They are administered and
operate independently of each other. Data Protector has the capability to monitor and administer
all the cells from a central administration point utilizing the Cell Console or Enterprise Console or
the Manager of Managers console.
Note: If Client systems are configured in different time zones, some of the Data Protector
session messages might be confusing as local client time is shown. In DP
configuration tasks the Cell Manager’s time zone and time settings are used.
Manager of Managers—MoM
Data Protector can be managed in larger environments by implementing the Manager of Managers
(MoM) layer. An existing Data Protector Cell Manager can be configured as the Manager of
Managers (MoM) which allows remote administration and monitoring of many cells from a single
GUI. A centralized media management database (CMMDB), cross-cell device sharing as well as
central license management may also be configured with MoM.

Module 3
Architecture
Organizing Data Protector clients into cells

In small environments, the most simple approach is to manage all Data Protector clients within one
Data Protector cell. A single cell can contain up to 5000 clients.
To efficiently hierarchically structure and manage large-scale environments, you can combine
single DP cells into a Manager-of-Managers (MoM) environment. A MoM can manage up to 50 Data
Protector cells. An environment structured in such a way, allows you to manage up to 50 000
clients from a single MoM setup.
Such a setup allows you to manage an unlimited number of Data Protector clients from one central
location while distributing administrative and managerial rights to different Data Protector users
and user groups.
The maximum number of clients that can still efficiently be managed within one Data Protector cell
depends on the following factors:
• Data Protector Internal Database (IDB) load: filesystem log level, types of objects backed up
(disk image, application database, other object types), zero downtime backup sessions,
NDMP backup sessions, and so on.
• Network traffic and system load: local versus network backup, level of concurrent backup
and other activities, network traffic and system load unrelated to Data Protector.
• Maintenance tasks: user management, configuration of backup specifications, upgrading,
patching.
Note: Check the HP Data Protector Product Announcements, Software Notes, and
References as here you find all limitations documented.

Module 3
Architecture
3-13. SLIDE: Client server architecture
Client–server architecture
communication
port: 5555
Cell Client cell server

Cell Manager
DP GUI*
IDB
Cell Client Cell Client
Disk DATA Media

Agent Agent
*installable on Cell Manager or any other supported cell client
Client server architecture
The basic Data Protector implementation utilizes only two architecture layers, the Cell Manager,
and the DP Client layers. The User Interface is installed on the Cell Manager but it may be installed
on clients as well.
Data Protector is composed of separate client/server modules, each of which performs a

specialized task. The major component is the Cell Manager; it is responsible for the control of the
entire Data Protector Cell and the invocation of the specialized agent processes.
The agent processes are used for accessing disk and tape devices for backup, restore and media
management tasks. The two fundamental agents are:
• Disk Agent – responsible for read/write actions from disk drives for backup and restore
• Media Agent – responsible for read/write actions to backup media (tape or disk drives)
Backed up data is send directly from the Disk Agent to the Media Agent, using a SAN or LAN
connection. The basis of the client/server model is that the Data Protector software consists of
client modules and a server module. These modules can all be installed on a single system (a single
client cell) or be distributed across many systems (up to 5000 in one Data Protector cell).
Communication between modules is accomplished via TCP/IP sockets, initiated on port 5555.

Module 3
Architecture
3-14. SLIDE: Cell Manager (CM)
Cell Manager (CM)

• Supported on: HP-UX, Windows, Linux
Cell Manager
• Always requires a local installation Daemons (Services)
CRS
• Cell Manager contains: MMD
 Cell Services (daemons) KMS
 Session Managers HPDP-IDB IDB
User Interface
 Internal Database (IDB) HPDP-IDB-CP
 Scheduler data and configuration files HPDP-AS
 Agents and User Interface (CLI/GUI) Session Managers
 Installation Server (optional)
Disk, Media and Integration Agents
• Cell Services are managed

via omnisv commands: MA IA
DA
omnisv -stop
omnisv -start
omnisv -status Disk DB
Cell Manager (CM)
The Cell Manager is the main control center for the cell and contains the Internal Database (IDB). It
runs the core Data Protector software and the Session Manager, which starts and stops backup and
restore sessions and writes session information to the IDB.
Any system within a chosen cell environment can be set up as a Data Protector Client. Essentially, a
client is a system that can be backed up, a system connected to a backup device with which the
backup data can be saved, or both. The role of the client depends on whether it has a Disk Agent or
a Media Agent installed.
A client that will be backed up using Data Protector must have a Disk Agent installed. Data
Protector controls the access to the disk. The Disk Agent lets you back up information from, or
restore information to, the client system.
A client system with connected backup devices must have a Media Agent installed. This software
controls the access to the backup device. A Media Agent controls reading from and writing to, a
backup device’s media.

Module 3
Architecture
3-15. SLIDE: Disk Agent (DA)
Disk Agent (DA)
• Provides disk access (read/write)

• Exchanges data with Media Agents (MA)
• Invoked by session manager
• Remote Installation via Installation Server
or local client installation
• Installed once per client
• Multi-vendor support
For a list of supported OS see:

Platform and Integration Support Matrix
Source DA MA
Data
Disk Agent (DA)
The Disk Agent is a component needed on a client to back it up and restore it. Disk Agent controls
reading from and writing to a disk. During a backup session, the Disk Agent reads data from a disk
and sends it to the Media Agent, which then moves it to the device. During a restore session the
Disk Agent receives data from the Media Agent and writes it to the disk. During an object
verification session the Disk Agent receives data from the Media Agent and performs the
verification process, but no data is written to disk. The Disk Agent component consists of
specialized processes that are started on demand by the respective Backup or Restore Manager
process (Session Manager).
These programs are installed in:

UNIX /opt/omni/lbin
WINDOWS C:\Program Files\Omniback\bin
Disk Agent program names: (*.exe files on Windows):

• Volume Backup/Restore Disk Agent vbda/vrda
• Raw Backup/Restore Disk Agent rbda/rrda
• File system Browser Disk Agent (browse remote filesystems) fsbrda
• Database Backup Disk Agent (for internal database) dbbda
Refer to the Platform and Integration Support Matrix for a list of currently supported platforms.

Module 3
Architecture
3-16. SLIDE: Media Agent (MA)
Media Agent (MA)
• Provides backup media access (read/write) located in backup devices like:

standalone tape drive, physical or virtual tape library, file library
• Exchanges data with Disk Agents (DA)
• Invoked by session manager
• Remote Installation via Installation Server or
local client installation
Standalone
• Installed once per client drive
• Multi-vendor support Tape Library
For a list of supported Devices see:

Device Support Matrix
Vitual Tape Library

Source DA MA
Data
Media Agent (MA)
The Media Agent is a process that controls reading from and writing to a backup device, which read
from or writes to a medium (typically a tape). During a backup session, a Media Agent receives data
from the Disk Agent and sends it to the backup device for writing it to the medium. During a restore
session, a Media Agent locates data on the backup medium and sends it to the Disk Agent for
processing. A Media Agent also manages the robotics control of a library.
A Media Agent component must be installed on the client system to which the backup device is
physically attached (direct attached or SAN attached). The Media Agent component consists of
specialized processes that are started on demand by the respective Backup, Restore, Copy,
Consolidation or Media Management Session Managers.
These programs are installed in:

UNIX /opt/omni/lbin
WINDOWS C:\Program Files\Omniback\bin
Media Agent program names: (*.exe files on Windows)

• Backup, Copy and Restore Media Agent bma/cma/rma
• Media Management Agent mma
• Utility Media Agent (controls library robotic) uma
• Device Browser Agent (used for auto-discovery/configuration) devbra

Module 3
Architecture
3-17. SLIDE: Integration Agent (IA)
Integration Agent (IA)
• Enables true online backup of databases and applications

• Integrates with vendors API or backup and restore tools
• Exchanges data with Media Agents
• Installation via Installation Server or local
• Multi-vendor support
For a list of supported Application and

Database Integrations see:
Platform and Integration Support Matrix
...and more
DB IA MA
Integration Agent (IA)
Data Protector provides a set of integration components that enable data to be exchanged
between the most popular applications (databases) and Data Protector. Data Protector accesses
the application vendors API in order to perform online backups and restores. The ability to perform
online backups is a highly desirable feature in mission-critical, high-availability environments. Data
Protector also provides integrations with many other applications that assist in areas such as high
availability, system control, and monitoring.
Application Integrations
• Oracle
• SAP ERP
• IBM Informix, DB2 and Lotus Domino
• Microsoft SQL, Exchange, SharePoint, VSS, DPM
• VMware
• Citrix Xen Server … and many more
Note: Refer to the Platform and Integration Support Matrix for a list of currently
supported platforms.

Module 3
Architecture
3-18. SLIDE: Installation Server (IS)
Installation Server (IS)
• Repository for all Data Protector Agents

to allow push installation to remote clients
• Supported on all Cell Manager platforms
• Requires always a local installation
• Dedicated Installation Server for Windows
and UNIX/Linux push installation needed
• Possible to share IS with multiple Cells
• Supports SSH on Unix
• Must be registered/imported on the CM
UNIX
based IS
Cell
IDB Manager
WINDOWS
based IS
Installation Server (IS)
Data Protector Installation Server is a computer system that holds a repository of the Data
Protector software packages for a specific architecture. The Installation Server is used for remote
installation of Data Protector clients. In mixed environments at least two Installation Servers are
needed: one for UNIX systems and one for Windows systems. The Installation Server must be
registered as such with a Cell Manager.
Note: The Installation Server is not restricted to a single cell, it can be imported into
several cells, but it is limited to distribution services for its native platform
(Windows only or UNIX only)
When the Cell Manager system pushes agent software to a client system, the particular Installation
Server from which the software is to be obtained is specified.
Data Protector patches are applied to the Installation Servers(s) and then distributed to clients
during an update/push request from the Cell Manager.
Note: Refer to the Platform and Integration Support Matrix for a list of currently
supported platforms.

Module 3
Architecture
3-19. SLIDE: User Interface
User Interface
• Graphical User Interfaces (GUI)
• Also known as MFC GUI
• Command Line Interface (CLI)

• omni* commands
• DP GUI and DP CLI also called
Command Console (CC) in DP
• Web Reporting Interface

• see Reporting chapter
GUI
Network Cell
IDB Manager
User Interface
Data Protector provides easy access to all configuration and administration tasks using the Data
Protector GUI on Windows and UNIX platforms. You can use the original Data Protector GUI (on
Windows) or the Data Protector Java GUI (on Windows and UNIX). Both user interfaces can run
simultaneously on the same computer. Additionally, a command-line interface is available on
Windows and UNIX platforms.
The Data Protector architecture allows you to flexibly install and use the Data Protector user
interface. The user interface does not have to be used from the Cell Manager system; you can
install it on any desktop system and it allows you to transparently manage Data Protector cells
with Cell Managers on all supported platforms.
Data Protector provides a rich and powerful command line interface. The CLI can be used in
situations where a GUI is not available, for example, when dialing in to a system for remote
support, or when writing shell scripts or batch files. Most of the Data Protector commands will
reside in the bin directory below the product home.

Module 3
Architecture
3-20. SLIDE: Granular Recovery Extension Agent
Granular Recovery Extension Agent

• Available for MS Exchange, MS SharePoint
and VMware Integration
• Separate DP GRE agent installation required
• Remote IS based or local installation possible
• Separate license required
• Provides End User single item recovery

functionality from a normal full backup
• No DP GUI required
• Fully integrated into the
Application GUI
Granular Recovery Extension Agent
In addition to the regular Database and Application Integration Agents Data Protector offers
Granular Recovery Extension Agents for:
• MS Exchange
• MS SharePoint and
• VMware
While regular Database and Application agents allow only restore and recovery of whole Exchange
Databases, SharePoint Content databases and VMware virtual machines the Granular Recovery
Extension Agents allow single item recovery for these named applications, like a single email
recovery from an Exchange User Mailbox, a single picture or word document recovery from a
SharePoint Web Page or a single file restore from a VMDK Image backup.
The Granular Recovery Extension Agent is fully integrated into the named application and does not
require the usage of the Data Protector GUI. The application administrator is able to trigger the
application database restore into a cache area and the end user is able to extract the missing item
from that cache area back into his running application.
Note: The Granular Recovery Extension requires a separate license for each database system
that requires a single item recovery.

Module 3
Architecture
3-21. SLIDE: Internal Database (IDB)
Internal Database (IDB)
What is the IDB used for?

• Fast and convenient restore
Browse and select the files and directories
to be restored. Required list of media’s and
restore devices will be provided
• Backup management
Information about performed backup, restore, copy and consolidation sessions
• Media management
Stores information about all used media in backup, copy and consolidation sessions, manage
protection of stored data and track location of backed up data on medias for fast restore as
well as track location of medias in tape libraries
• Reporting and Auditing

Support various reports about Data Protector operations as well as auditing about
performed configuration changes
•Encryption/decryption management
In case of encrypted backups operation encryption keys are stored in IDB and retrieved in
case of a restore
Internal Database (IDB)
The Data Protector Internal Database (IDB) is an embedded database, located on the Cell Manager,
which keeps information regarding what data is backed up; on which media it resides; the result of
backup, restore, copy, and media management sessions; and what devices and libraries are
configured.
There are five key reasons for using the IDB:

• Fast and convenient restore: The information stored in the IDB enables you to browse files
and directories to be restored. It lists the media and devices required for restore.
• Backup management: The information stored in the IDB enables you to monitor and verify
the result of backup sessions.
• Media management: The IDB enables you to allocate media during a backup and copy
sessions, track media management operations, group media in different media pools, and
track media locations in tape libraries.
• Reporting and Auditing: Support various reports about Data Protector operations as well as
auditing about performed configuration changes
• Encryption/decryption management: In case of encrypted backups operation encryption
keys are stored in IDB and retrieved in case of a restore
Note: For more detailed information refer to the IDB chapter of this training.

Module 3
Architecture
3-22. SLIDE: Typical Data Protector session
Typical Data Protector Backup Session
Cell Manager
request read/write
CRS HPDP-IDB-CP
start
User Interface session IDB
BSM catalog
TCP/IP Port 5555 control/report TCP/IP Port 5555

Media Agent client Disk Agent client
Direct
Data transfer
MA DA
Disk
read/write read/write
Typical Data Protector session
There are several processes that execute while backup or restore jobs are performed. The slide
illustrates the location of the processes that execute on the various systems, as well as their roles.
Note: Data from the backup flows directly between Disk and Media agent, and does not
flow through the Cell Manager.
What are the acronyms stand for?

• CRS Cell Request Server
• HPDP-IDB-CP Internal Database Service (Connection Pooler)
• BSM Backup Session Manager
• IDB Data Protector Internal Database
• DA Disk Agent
• MA Media Agent
Remote Processes
Data Protector is a distributed application and relies heavily on multiple cooperating of local and
remote processes. Its Inter-Process Communication (IPC) mechanisms are designed and
implemented with great care to maximize system response time and data throughput.
Data Protector concentrates on simple bi-directional messaging for both data and message
transfer.

Module 3
Architecture
As both network capacity and backup device speed are expected to increase significantly during the
lifetime of the Data Protector product, all IPC channels are carefully designed to avoid
communication bottlenecks. Data Protector uses the following fast and reliable IPC mechanisms,
available on all major platforms today:
Shared Memory (shmem) + Pipe/Socket (Local)

When data is transferred between Disk and Media Agent processes that reside on the same system,
shared memory is used for transferring data. Notification and control is implemented via a pipe
mechanism. This significantly increases the overall data throughput rate for a backup session. For
this reason, a local backup is always preferable to a network backup.
Standard TCP/IP Socket Interface (Remote)

The Data Protector session manager processes contact the standard inetd daemon (on Unix) to
start up remote agents. On Windows systems, there will be a Data Protector Inet service running to
handle network requests on the defined listening port, 5555. The stream socket connections are a
natural message-passing medium for them. Stream sockets are also used for Disk and Media Agent
data transfer if the agents do not reside on the same host.
Full network transparency is accomplished with the networking software.
Starting Remote Processes

Data Protector uses the standard inet (inetd) facility to start up remote processes. This mechanism
requires that a fixed port number be allocated for Data Protector. Within a Data Protector Cell, all
systems must have the same port number configured, but it may vary from cell to cell. The default
port number used is 5555. If this port is already in use, Data Protector can use another port
number. This number must be identified in the global file (in addition to the Windows Registry)
before installing the clients. The Data Protector session manager invokes specific agent processes,
depending on the request it has received, and uses the following mechanism to achieve this:
1. The session manager connects to the system on which it wants to start a Media or
Disk Agent process via the predefined port number, 5555.
2. At the Unix client system, the inetd (daemon process) is listening on port 5555 and
starts the HP Data Protector inet process, as defined in the /etc/inetd.conf. On the
Windows client platforms, the Data Protector Inet service is already running on port
5555 to handle incoming requests.
3. The Session Manager sends a control block that informs the remote system exactly
which agents to start and the ports that are to be used for communication, etc.
4. The Data Protector inet process then starts the desired agents.

Module 3
Architecture
3-23. SLIDE: Variables used in this training
Variables used in this training
$DP_HOME ... Data Protector home directory
C:\Program Files\Omniback on Windows

/opt/omni on Unix
$DP_CONFIG ... Data Protector configuration files directory
C:\Program Files\Omniback\config\server on Windows 2003

C:\ProgramData\Omniback\config\server on Windows 2008, Windows7
and higher
/etc/opt/omni/server on Unix
$DP_VAR ... Data Protector IDB, log and temporary files directory
C:\Program Files\Omniback on Windows 2003

C:\ProgramData\Omniback on Windows 2008, Windows 7
and higher
/var/opt/omni on Unix
Variables used in this training
Within this training, the following variables are used to refer important Data Protector directories:
Variable Setting Explanation
DP_HOME DP Home directory

C:\Program Files\Omniback on all Windows OS
/opt/omni on all Unix versions

DP_CONFIG DP configuration directory
C:\Program Files\Omniback\config\server on Windows 2000/2003/XP
C:\ProgramData \Omniback\config\server on Windows Vista/7 and Server2008/2012
/etc/opt/omni/server/ on all Unix versions

DP_VAR DP Internal Database, Log and temporary
files directory
C:\Program Files\Omniback on Windows 2000/2003/XP
C:\ProgramData\Omniback on Windows Vista/7 and Server 2008/2012
/var/opt/omni on all Unix versions

Module 3
Architecture
3-24. SLIDE: DP Tuning via global file
DP Tuning via global file

Allow cell wide tuning of Data Protector parameters, like timeouts, ports, limits
• Global Option Tuning possible through DP GUI: Internal Database  Global Options
• Location of the global option file on the CM: DP_CONFIG/options/global
DP Tuning via global file
Global options affect the entire Data Protector cell and cover various aspects of Data Protector,
such as timeouts and limits. All global options are described in the global options file, which you
can directly edit through the DP GUI to customize Data Protector. Change to the Internal Database
context, expand Internal Database and select Global Options to see the Global Option Tuning
page. For tuning identify the option you want to change and modify the entry under Value.
Hit the Save Button to apply this

change.
Note that a restart of the DP
services is required for activation
The global options file is located on the Cell Manager under:

WINDOWS: DP_CONFIG\options\global
UNIX: DP_CONFIG/options/global
Note: The global option file can also directly modified by a text editor, but in this way no syntax
is performed. In case of a typo or a value setting out of the supported range DP switches
back to the documented default setting without updating the global file.

Module 3
Architecture
3-25. SLIDE: DP Tuning via omnirc file
DP Tuning via omnirc file
• Tuning file is located on every DP client as:
WINDOWS DP_HOME\omnirc
UNIX DP_HOME\.omnirc
• List default DP Agent settings

(MA/DA..) with description
• Tuning is done by changing
values in the omnirc file
• Changes affects local client only
• No restart of DP services
required, automatically
checked at next session start
Note: omnirc does not exist as a default. It needs to be renamed for activation
Unix : .omnirc.TMPL  .omnirc
Windows: omnirc.tmpl  omnirc
DP Tuning via omnirc file
The behavior of each Data Protector client can be modified by making changes within omnirc, a file
that need to be stored under:
WINDOWS 2008 and higher: C:\ProgramData\Omniback\omnirc

Older WINDOWS: DP_HOME\omnirc
UNIX: DP_HOME/.omnirc
As a default only a template file exist - omnirc.tmpl - that needs to be copied to omnirc or .omnirc
respectively. To overwrite the default Data Protector behavior on a specific client uncomment the
appropriate option in the omnirc file on that client and set it to the new value. A short description
of available options in the omnirc file explains the purpose of the variable and the supported
values. Changes in omnirc require no restart of the Data Protector services, just re-run the
operation that was supported to be changed by that parameter.
Besides tuning the file is often used for troubleshooting or for the activation of undocumented
product features that are introduced by special Test Modules. Follow the instructions from Data
Protector Support on how to activate these functions via omnirc.
Note: There is no DP GUI support and DP CLI support for a central omnirc tuning.
The omnirc file needs to be edit locally on each DP client.

Module 3
Architecture
3-26. SLIDE: Support matrix
Support Matrices
List certified and supported HW and SW for all Data Protector

agents like:
• supported Operating Systems
• supported Backup Devices
• supported Database and
Application Integrations
• supported Disk Arrays Integrations
Important:
Always check the latest support matrix online on SSO Portal
https://softwaresupport.hp.com/group/softwaresupport/support-matrices#DP
Support matrix
Data Protector supports all of todays main Operating Systems, Databases and Applications. A
detailed listing of the supported Platforms and Integrations can be obtained from the Platform and
Integration Support Matrix. A similar Support Matrix exists for all the Backup Devices that are
supported by Data Protector Media Agents and the Disk Arrays that are supported for Zero
Downtime backup and Instant Recovery operations.
Support Matrices are included in the product documentation, can be push-installed as part of the
Data Protector documentation module and stored under:
WINDOWS : DP_HOME\docs\support_matrices
UNIX : DP_HOME/doc/C/support_matrices
Note: Check always the latest support matrices online as they will be updated frequently.
The updated version of the support matrices are available on the SSO portal:

Module 3
Architecture

Module 4 — HP Data Protector Installation
Objectives
Upon completion of this module, you will be able to
• plan an installation of Data Protector
• understand the installation sequence
• install the Data Protector Cell Manager
• understand the remote installation concept
• distribute Data Protector agent components to client systems
• maintain an existing cell
Contents
Module 4 — HP Data Protector Installation 1
4–3. SLIDE: Installation Overview .................................................................................................... 2
4–4. SLIDE: Cell Manager Platform Support DP 9.0X....................................................................... 3
4–5. SLIDE: Localization ................................................................................................................... 4
4–6. SLIDE: DP 9.00 DVD Packaging ................................................................................................. 5
4–7. SLIDE: Product Documentation ................................................................................................ 7
4–8. SLIDE: Overall Installation Sequence ....................................................................................... 8
4–9. SLIDE: Plan the layout of the cell ........................................................................................... 10
4–10. SLIDE: Check hardware and software requirements ............................................................. 13
4–11. SLIDE: Preparation on Windows ............................................................................................ 15
4–12. SLIDE: Installation Wizard on Windows ................................................................................. 16
4–13. SLIDE: CM Installation on Windows cont. ............................................................................. 17
4–14. SLIDE: CM Installation on Windows cont. ............................................................................. 18
4–15. SLIDE: CM Installation on Windows cont............................................................................... 19
4–16. SLIDE: Preparation on UNIX ................................................................................................... 20
4–17. SLIDE: DP 9.00 Cell Manager Installation on UNIX Systems ................................................. 23
4–18. SLIDE: DP 9.00 Cell Manager processes ................................................................................ 25
4–19. SLIDE: Client installation overview ........................................................................................ 26
4–20. SLIDE: Remote push installation ........................................................................................... 27
4–21. SLIDE: Remote push installation cont. ................................................................................. 28
4–22. SLIDE: Remote push installation cont. ................................................................................. 30
4–23. SLIDE: Windows Firewall push installation ........................................................................... 31
4–24. SLIDE: Push installation with secure shell............................................................................. 35
4–25. SLIDE: Local client installation - Windows ............................................................................ 36
4–26. SLIDE: Local Client Installation - Unix .................................................................................... 37
4–27. SLIDE: Export of clients .......................................................................................................... 38
4–28. SLIDE: Import of clients ......................................................................................................... 39
4–29. SLIDE: Adding components to clients .................................................................................... 40
Module 4
Installation
4–3. SLIDE: Installation Overview

Installation Overview
Data Protector installation is a 2-Step process:

• Data Protector Cell Manager and Installation Server Installation
• Data Protector Clients Installation
Step1: Cell Manager and

Installation Sever Installation
Step2: Data Protector Clients
Installation
• Always a local Installation

• Cell Manager and Installation Server can
be on the same or on separate systems
• Push Installation
• Local Installation
Installation Overview
The Data Protector installation is always a 2-Step process:

Step1 Data Protector Cell Manager and Installation Server installation
Step2 Data Protector Clients Installation
Both steps are covered in detail on the following pages.
The overall Data Protector rollout requires carefully planning, which is also discussed in this
chapter.

Module 4
Installation
4–4. SLIDE: Cell Manager Platform Support DP 9.0X

Cell Manager Platform Support DP 9.00
The DP 9.00 Cell Manager is supported on following platforms:
Windows
Beginning with version 8.00,
• Windows Server 2008
Data Protector does not longer
• Windows Server 2008 Cluster support any 32-bit OS as
• Windows Server 2008 R2 Cell Manager platform
• Windows Server 2008 R2 Cluster
• Windows Server 2012
• Windows Server 2012 R2
Linux
• CentOS 6.x
• Oracle Enterprise Linux (OEL) 6.x
• RedHat Enterprise Linux (RHEL) 5.x, 6.x
• SuSE Linux Enterprise Server 11
HP-UX
• HP-UX 11i v3 (aka 11.31) on Itanium
For Updates always refer to the latest version of the DP 9.00 Platform & Integration Support Matrix on the HP SSO Portal
Cell Manager Platform Support DP 9.0X
Before starting a Cell Manager installation ensure that the planned Operating System is fully
supported as Cell Manager platform. The slide above lists the support status of the Data Protector
9.00 Media Release (MR) version without any patches or Service Packs.
For updates refer to the latest Platform and Integration Support Matrix, available on the SSO portal
at: https://softwaresupport.hp.com/group/softwaresupport/support-matrices#DP

Module 4
Installation
4–5. SLIDE: Localization
Localization
In general Data Protector is orderable in English only, but

selected localized versions of Data Protector exists:
Data Protector 9.00 Localized Versions:

(Requires installation of DP9.02 Patch Bundle)
• French localization: Media Product # TD586EF/E
• Japanese localization: Media Product # TD586EJ/E
• Simplified Chinese local.: Media Product # TD586ES/E
Localized content:
• Online Help
• Subset of the Product Documentation:
Admin Guide, Getting Started Guide, Concepts Guide, Installation Guide,
Troubleshooting Guide, Disaster Recovery Guide, Product Announcements
Localization
In general Data Protector is orderable as English version only. Selected localized versions of Data
Protector exists.
Data Protector 9.0 requires the installation of Patch Bundle 9.02 to enable the following
localization versions:
• French localization
• Japanese localization
• Simplified Chinese localization
Note: Only a subset of the Data Product Documentation is available as localized version.
All other product manuals are only available in the English version.

Module 4
Installation
4–6. SLIDE: DP 9.00 DVD Packaging
DP 9.00 DVD Packaging

DP 9.00 product case contains 3 DVDs
DVD 1 - Windows DVD 2 - HP-UX Depot

• CM, IS Server for Windows 64-bit • CM, IS for HP-UX
• Complete Documentation • Complete Documentation
• Windows IA-64 clients • HP-UX and other UNIX clients
• HP Open VMS clients
• Mac OS X clients
• SW Integration Packages
• Product Information
DVD 3 - Linux Depot

• CM, IS for RHEL, SLES
• Complete Documentation
• UNIX clients
• Mac OS X clients
DP 9.00 DVD Packaging
Data Protector 9.00 can be ordered as electronic delivery or on physical media. The physical media
set contains three DVDs that are packaged like in the major releases before. Three DVDs are
required to cover the various operating systems and processor architectures that DP supports.
All three DVD types contain the DP Starter Packs, the Cell Manager and Installation Server for the
platform, include all manuals in PDF format (in the DOCS directory), and the HP Software
Integration Packages.
DVD 1 also includes the agents for Open VMS clients, DVD-2 includes the agents for HP-UX, Solaris
and Linux clients and DVD 3 includes the agents for HP-UX, Solaris and Linux clients, too.
In detail the contents of the DVDs are:
DVD 1
- Cell Manager and Installation Server for Windows
- The complete set of English guides in the electronic PDF format
- Windows IA-64 clients
- HP OpenVMS clients (Alpha and IA-64 systems)
- Product information
- HP software integration packages

Module 4
Installation
DVD 2
- Cell Manager, Installation Server, and clients for HP-UX
- Clients for other UNIX systems
- Clients for Mac OS X systems
DVD 3
- Cell Manager, Installation Server, and clients for Linux systems
- Clients for other UNIX systems
- Clients for Mac OS X systems
All Data Protector installation files for Microsoft Window systems are digitally signed by HP. The
Readme.txt file contains the instruction to verify the HP Signature.
Data Protector Download

Data Protector 9.00 is also available for electronic download, also known as e-delivery.
If you purchase the software ensure to specify the e-delivery option and you will receive an email
with the download instructions after your purchase. The e-delivery option is the same like the
regular Product Number with an “E” at the end.
Example:
B6961BA Data Protector Starter Pack for Windows (standard version)

B6961BAE Data Protector Starter Pack for Windows (e-delivery version)
In addition Data Protector can be downloaded for evaluation purposes with the Instant-On 60 days
license from www.hp.com/go/dataprotector under “Trials and Demos”.

Module 4
Installation
4–7. SLIDE: Product Documentation

Product Documentation
Documentation
• Bundled with the Data Protector
Cell Manager Installation and part of the
push-able DP Documentation modules
Note: Updated versions available as direct download on the HP SSO Portal or as part of DP Documentation Patch
Product Documentation
A complete set of the Data Protector product documentation is included in with each software
distribution (on DVD or electronic download) and gets automatically installed as a default
component during each Cell Manager installation. The location of the documentation is:
DP_HOME\docs
The product documentation contains the installation and integration guides, concept guides and
the product announcements. In addition it contains a set of the support matrices and the CLI guide.
It is possible to run a Push Installation of the Data Protector product documentation and Online
Help to any remote Data Protector client system in the same way like any other Data Protector
component. Just select the English Documentation component or a localized documentation
component for client installation.
Updated Product Documentation, Whitepapers and the latest version of the Support Matrices can
be downloaded from the SSO portal: (HP Passport Login and SAID Support identifier required)

Module 4
Installation
4–8. SLIDE: Overall Installation Sequence
Overall installation sequence

Plan the layout of the Cell
Installation
Check hardware and software requirements
Cell Manager and Installation Server Installation
Client Installation
Maintenance
Manage clients: Import, export, add components
Migrate / Upgrade / Patch
Overall Installation Sequence
This slide provides an overview about the Data Protector overall installation sequence.
Plan the layout of the Cell

• Before you start to install the Data Protector software, make a plan about the layout of the
cell. Consult the Data Protector Support Matrix to validate if the environment is supported
and the documentation about potential limitations, like number of Clients or number of
files and file versions that can be stored within one Data Protector IDB.
Hardware and Software Requirements

• Installation Servers and Cell Managers have certain hardware and software requirements,
which you should check and verify before you start installing the software.
Install Cell Manager and Installation Servers

• Cell Manager and Installation Servers are installed directly from the product release media
(electronic or DVD).
• If you have additional Installation Servers they have to be imported into the Cell Manager.

Module 4
Installation
Install Clients
• After you have installed the Cell Manager and Installation Servers, the Data Protector client
systems may be installed remotely, using the DP GUI to push the respective agent
components from the depot on the Installation Server through the network to the clients,
or the clients can be installed manually from the local DVD media.
Clients that are manually installed from the media must be imported into the cell after their
installation completed.
• An Instant-On license is automatically created when the product is first installed. This gives
you usage for 60 days, during which time you must apply for and install a permanent
license
Maintenance
• Cell Maintenance is an ongoing process. After completion of the initial installation new
client systems might have to be added to the cell in order to back them up. New Data
Protector components need to be pushed to existing clients to cover newly installed
applications and databases.
• In case a new Data Protector version is available with features that are required in your
environment an upgrade to a newer version needs to be performed. In case of a Cell
Manager platform change (e.g. 32bit to 64bit, Windows to Linux) a Cell Manager Migration
needs to be performed. If both steps have to be performed you have to run first the
migration before you run the upgrade. More details about this process can be found in the
Upgrade chapter.
• Ongoing Maintenance also includes Data Protector patch installation sessions, which often
requires downtime for the cell (depending on the patch module) and should be carefully
planned. Data Protector patches can be downloaded from the SSO Portal under:
(HP Passport login and SAID Support Identifier required)

Module 4
Installation
4–9. SLIDE: Plan the layout of the cell
Plan the layout of the cell
• Which platforms will be backed up?

• Which applications will be integrated with Data Protector?
• Which system will be the Cell Manager (CM)?
• Is remote installation possible for the clients?
• Are there several Installation Servers (IS) needed?
• Which systems will be Installation Servers?
• Where will the GUI be installed?
• How many clients will be in the Cell?
• Is there more than one cell needed?
• Is this a new installation or an upgrade?
Plan the layout of the cell
This slide lists the questions that must be answered during the installation planning.
Which platforms will be backed up?/Which applications will be backed up using a Data Protector
integration agent?
Check the HP Data Protector Platform and Integration Support Matrix to see whether DP supports
these systems, applications and databases. In addition refer to the Device Support Matrix to ensure
that your planned backup devices (Tape, Disk) are supported with DP.
Which system will be the Cell Manager (CM)?

The Cell Manager can be installed on HP-UX, Linux and Windows OS. For supported versions check
the latest version of the support matrix. The Cell Manager system should be reliable and ideally
configured with high availability characteristics (Cluster, RAID, Disk Mirroring, etc). Permanent
availability of the Cell Manager with its Internal Database is essential for Data Protector to be
operational. Consider size, performance and growth rate of the IDB
Which system(s) will be the Installation Server(s)?/Are there several Installation Servers (IS)
needed?
Any system that is supported as a Cell Manager can also be used as Installation Server. About 2 GB
is needed for the depot directory that stores the DP client agent components.

Module 4
Installation
In a heterogeneous (Windows/Unix) environment, plan to allocate two IS, one running on a

supported Windows OS to serve Windows Client installations, and one IS running on a supported
UNIX system for all UNIX client installations. An Installation Server can be imported into more than
one cell. In large environments it is recommended to configure multiple IS to support faster
installations and upgrades.
Is remote installation possible for the clients?

Remote installation and update is possible for all UNIX and Linux flavors and for Windows. For
Novell and OpenVMS OS a remote installation is not possible, see the Installation Guide how to
install Data Protector on these clients.
Where will the Cell Console (GUI/CLI) be installed?

The Cell Console is the Management interface for DP. It can be installed on many client platforms.
It is up to you whether you want restrict the number of GUI clients and therewith access to Data
Protector to a few systems only, or you want install a large number of GUIs.
The DP Cell Console (GUI/CLI) is able to connect to different Cell Managers, if Data Protector user
configurations allows the access. Just ensure that all configured Cell Manager are running the same
version, because it is not possible to manage a DP cell with an older or newer version of DP GUI/CLI
How many clients will be in the Cell?

Is there more than one cell needed?
The answer to these questions depends on the size of your environment. Theoretically you can add
up to 5000 clients into one DP Cell. However, depending on the frequency of backups, the numbers
of files to backup, their sizes and how often their contents change, the number of entries in the DP
internal database can grow quickly and reach their limit. Check the limitations, which are listed in
the Product Announcements that is part of the Data Protector documentation folder
See a sample below.

Module 4
Installation
Will the clients all be on the same domain?

DP is able to include clients in a cell from different domains. However it is very sensible to an
absolutely correct network setup. Meaning that the respective other domain must be reachable for
the CM to contact the client and vice versa the client must be able to easily reach the CM in the
other domain.
Is this a new installation or an upgrade?

Maybe this question should be on top of the list as you need not care about the cell setup if it is
already available. However the steps to perform an upgrade from a currently installed DP version
to a newer one are pretty similar to an initial installation. In both cases the CM and IS must be
installed/upgraded and in the second step the clients need to be installed/upgraded.
Depending on the used Data Protector version IDB and configuration files might require an update.
Details about the upgrade process are covered in Module5 Upgrade.

Module 4
Installation
4–10. SLIDE: Check hardware and software requirements
Hardware Requirements
Windows – Linux – HP-UX – Cluster (64bit)
Module RAM Disk space

Cell Manager 4 GB (Windows, Linux, HPUX) 1,5 GB + IDB
Installation Server 512 MB 2 GB (Windows)
Disk Agent 128 MB* 20 MB
Media Agent 128 MB* 20 MB
Integration modules 128 MB* 20 MB
Detailed requirements are listed in the:

HP Data Protector Product Announcements,
Software Notes, and References
* … Listed number is required for each DP agent

Check hardware and software requirements
The table shows the requirements for Cell Manager, Installation Server, Windows GUI and DP
agents.
Product Download
Data Protector can also be downloaded from
the WEB. Go to
www.hp.com/go/dataprotector
Click on Trials and Demos, next select the HP

Data Protector 9.00 SW E-Media Evaluation.
The manuals are available as PDF files

bundled with the product or can be
downloaded from the HP SSO portal (HP
Passport login required:

Module 4
Installation
Electronic Delivery Program

Customers who do not need the product on DVD media can order it also via E-Delivery.
For more information, refer to the QuickSpecs document.
It is available on:
www.hp.com/go/dataprotector
under: Resources  Quick Specs
Depending on your environment there might be additional pre-requisites that must be satisfied
before installation. See the HP Data Protector Installation and licensing guide for more details and
configuration steps.

Module 4
Installation
4–11. SLIDE: Preparation on Windows
Preparation on Windows
Logon as (Domain) Administrator
Verify that system got at least 4GB RAM
Verify that host name resolution is enabled (DNS)
Make sure the Cell Manager (and Installation Server) have static IP addresses
Verify that port number 5555 is free on all systems in the cell
Verify that ports 7112, 7113 and 7116 are free on the Cell Manager
Verify that ports 9990 and 9999 are free on the Cell manager
Java JRE 1.7 64bit must be installed – if not it will automatically installed
On DP installation partition get prepared for future IDB grow (DCBF)
Preparation on Windows
To install a Data Protector Cell Manager on Windows you must have Administrator rights. The Data
Protector Cell Manager system must meet the following requirements:
• Verify, that system got at least 4GB RAM installed.

• The host name resolution must be enabled and work consistently on all systems where
Data Protector is supposed to be installed. The computer name and the hostname must be
the same.
• Assign a static IP address for the Cell Manager system. The static IP address is used to
request a permanent Data Protector license. If the system is configured as a DHCP client, its
IP address changes and the license key becomes invalid
• Have the port number 5555 (default) free. If this is not the case, refer to Changing the Data
Protector default port number inside the Installation and Licensing manual.
• Verify that ports 7112, 7113 and 7116, used by IDB services, are available on the CM
• Verify that ports 9990 and 9999, used by the DP application server, are available on the CM
• Check, if JAVA JRE 1.7 64bit is installed on the CM. If not it will be installed during the DP CM
installation
• Check for enough free space on you installation volume. Note that the DP Internal
Database, especially the DCBF section, might grow up very rapidly to several GB in size.
• Start the installation as shown on the next slides

Module 4
Installation
4–12. SLIDE: Installation Wizard on Windows
DP 9.00 CM Installation on Windows
Installation on Windows
• Insert the Windows installation DVD
• In the HP Data Protector start-up window, select 'Install Data Protector'
• Alternatively, on the installation media, go to the WINDOWS_OTHER\<platform> directory
Run setup.exe to start the installation wizard
1 2
Installation Wizard on Windows
To start the Data Protector installation insert the Windows installation DVD-ROM on your system.
In the HP Data Protector autorun window, select 'Install Data Protector' to start the Data Protector
Setup installation Wizard.
Alternatively run setup.exe directly from the installation medium, located under:
WINDOWS_OTHER\<platform>
<platform>… ia64 or x8664, refers to the platform of the planned CM system.
Installation Procedure:
1.) After the welcome screen
2.) Accept the License Agreement

Module 4
Installation
4–13. SLIDE: CM Installation on Windows cont.

DP 9.00 CM Installation on Windows
Installation Procedures on Windows
3 5
4 6
CM Installation on Windows cont.
3. Chose Cell Manager from the Installation type window

4. Provide user and password for the CRS service (default: current used user account)
5. If needed change the destination folder
6. Select additional DP components to be installed on the CM
Default selection:
• Cell Manager
• Installation server
• Disk Agent
• General Media Agent
• User Interface (GUI/CLI)
• English Documentation

Module 4
Installation

DP 9.00 CM Installation on Windows cont.
Installation Procedures on Windows
7. Accept or change the IDB service and Application Server account (default CRS user
account) and the service ports for the IDB and JBOSS Application Server
The installation verifies, if ports and accounts can be used on this system.

Module 4
Installation

DP 9.00 CM Installation on Windows cont.
8 10
9 11
8. Windows Firewall Configuration: Per default Data Protector opens inbound ports as
needed, while required outbound ports need to be manually configured.
9. Overview shows configuration for a last check before the installation starts  click on
Install
10. Installation status
11. Setup completed windows  click Finish
After the installation a log file can be checked for warnings or error messages

Module 4
Installation
4–16. SLIDE: Preparation on UNIX
Preparation on UNIX
Logon as root
Verify that sufficient system memory (4GB) is available
Check or adjust kernel parameter shmmax to >= 2.5GB
Verify if inetd or xinetd daemon up and running
HPUX only: Check /etc/inetd.conf if identd is activated
Make sure the Cell Manager (and Installation Server) have static IP addresses.
Verify that port number 7112, 7113, 7116 and 9999 are free on the Cell Manager
Create an OS user hpdp in an OS group hpdp (no root permission required)
On DP IDB partition get prepared for future IDB grow (DCBF)
Preparation on UNIX
The listed preparation steps applies to Linux and HP-UX. First log on the planed Cell Manager
system with root privileges.
Verify that sufficient memory is available

Data Protector installation routine checks for 4GB of installed memory, while 8GB of installed
memory are recommended.
In order to check your installed memory run:
LINUX: cat /proc/meminfo | grep MemTotal
HPUX: machinfo | grep Memory
Check or adjust kernel parameter shmmax to >= 2.5 GB

During installation data Protector checks the current setting of shmmax. The minimum required
value is 2.684.354.560 byte
In order to check your installed memory run:
LINUX: cat /proc/sys/kernel/shmmax
HPUX: kcusage shmmax
Verify if inetd or xinetd daemon are up and running

Inetd on HPUX or xinetd on LINUX needs to be up and running for installation
To check if services are running perform:

Module 4
Installation
LINUX: ps -ef | grep xinetd

HPUX: ps -ef | grep inetd
To start these service, execute:

LINUX: rcxinetd start
HPUX: /usr/sbin/inetd
HPUX only: Check /etc/inetd.conf if identd is activated

On HPUX the identd daemon is used by the IDB for authentication and need to be activated on the
Cell Manager
Perform the following check for verification:
grep ident /etc/inetd.conf

auth stream tcp6 wait bin /usr/lbin/identd identd
If service is comment out, remove the comment, save the inetd.conf file and restart inetd service.
Make sure that Cell Manager and Installation server have a static IP address
Data Protector licensing is based on the IP address of the Cell Manager. Therefore you need to
assign a fixed IP address in Active Directory/DNS to the Cell Manager system and request your
permanent license for it.
Installation Server does not require one, if it is running on a separate system, only in case when Cell
Manager and Installation server are running on the same system.
Port 5555 is used for initial communication between Cell Manager and client systems and need to
be available on all client. It is possible to change the default port on UNIX and WINDOWS, but
ensure that the newly configured port is available and replaced on all members of the DP cell or
within all DP cells in case of a MOM environment. Refer to the Data Protector Installation Guide how
to change the default Inet communication port on the Cell Manager.
Verify that port number 7112, 7113, 7116 and 9999 are free on the Cell Manager
For the IDB services, ports 7112, 7113, 7116, 9999 and 5555 should be available.
For verification run: (check includes the 5555 port)
LINUX:
netstat -anp --inet |grep -e :7112 -e :7113 -e :7116 –e :9999 -e :5555
netstat -anp --inet6 |grep -e :7112 -e :7113 -e :7116 –e :9999 -e :5555
HPUX:
netstat -an -f inet |grep -e .7112 -e .7113 -e .7116 –e .9999 -e .5555
netstat -an -f inet6 |grep -e .7112 -e .7113 -e .7116 –e .9999 -e .5555
If none of these ports is occupied, both commands will return no output, otherwise output will
shown that ports are occupied and cannot be used by DP. In case you need to change the ports you
need to create a DP.dat file as mentioned on the next slide (4-17)

Data Protector heavily relies on a proper network configuration. The DP Cell Manager connects to a
client, but clients connect back and client connects directly to other clients during backup

Module 4
Installation
operations, so you need to have a consistent hostname resolution in your environment. Therefore
it is highly recommended to use DNS in your environment.
Create an OS user hpdp in an OS group hpdp (no root permission required

Execute grep command to check whether hpdp user exists already:
HPUX: $ grep -e hpdp /etc/passwd
hpdp:x:1001:1000:HP Data Protector:/home/hpdp:/bin/bash
If the user hpdp doenot defined, then specify it accordingly. Ensure that a home directory exist for
the hpdp user and add it to the password file (here: /home/hpdp)
Execute grep command to check whether group hpdp exists and user hpdp is part of it.:
HPUX: $ grep -e hpdp /etc/group
hpdp:!:1000:hpdp
If the entry doesn't show up then add it as needed.

If hpdp user already exist, but should not be used by Data Protector it is possible to configure
another user and communicate that new user to DP during installation. See again slide 4-17 for
details.
In case of problems, check if JAVA Runtime (JRE) version 1.7 (or newer) for 64-bit Environment is
installed:
LINUX: $ /bin/rpm -qa | grep jre

jre-1.7.0_11-fcs.x86_64
HPUX: $ /usr/sbin/swlist -l product | grep JRE
Jre70 1.7.0.01.00 Java 7.0 JRE
Installed java version is checked during Cell Manager installation and if no java version found
automatically installed under /opt/omni/jre. So no action need to be taken here.
On DP IDB partition get prepared for future IDB grow (DCBF)

The Data Protector IDB stores all information about backed data and their attributes. Depending on
your environment the IDB might grow very fast to several GB in size. The IDB limit is your available
disk space, so monitor carefully the IDB directories and ensure you have enough disk space
available for grow. The fastest growing part is the DCBF part. It is possible to configure new DCBF
directories on different disks or partitions. Check the IDB chapter for more information
Note: Check the latest information about the prerequisites for DP 9.00 installation and upgrade.
Refer to the release versions of these manuals:
HP Data Protector Product Announcements, Software Notes, and References, and Installation and
Licensing Guide, Chapter 2: "Installing Data Protector on your network", Section: "Installing a UNIX
Cell Manager".

Module 4
Installation
4–17. SLIDE: DP 9.00 Cell Manager Installation on UNIX Systems
DP 9.00 Cell Manager Installation on UNIX Systems

Installation on Linux and HP-UX
• Insert and mount the appropriate UNIX installation DVD on /<dvdrom>
• Run the omnisetup.sh command from the LOCAL_INSTALL directory to install the Cell
Manager (CS) and Installation Server (IS):
./omnisetup.sh -CM –IS
• Alternatively, copy the installation directories from /<dvdrom>/platform_dir to your
local disk, change to the LOCAL_INSTALL directory on the disk and execute
omnisetup.sh from the disk copy
• Run ./omnisetup.sh without any option to see the full usage synopsis
Changing the default Data Protector Default entries for DP.dat file
PGPORT=7112
IDB ports and user accounts: PGCPPORT=7113
• Create the file /tmp/omni_tmp/DP.dat
APPSSPORT=7116
• Add the parameter with value you need to change
APPSNATIVEMGTPORT=9999
• Default entries are shown in the example
PGOSUSER=hpdp
DP 9.00 Cell Manager Installation on UNIX Systems
The procedure to start DP 9.00 installation of the Cell Manager (and Installation Server) is the same
on HP-UX and Linux:
Insert and mount the appropriate UNIX installation DVD and run the following command
from the LOCAL_INSTALL directory:
./omnisetup.sh -CM -IS
Alternatively, copy the following directories from /<dvdrom>/<platform_dir>

to your local disk:
DP_DEPOT
LOCAL_INSTALL
Where platform_dir is:
hpux -- HP-UX systems
linux_x86_64 -- Linux systems on AMD64/Intel EM64T
Afterwards change to the LOCAL_INSTALL folder and execute:

./omnisetup.sh -CM -IS

Module 4
Installation
On UNIX it is not possible to change the IDB ports and IDB user directly by omnisetup.sh.
Instead create a new file on the Cell Manager before installation:
/tmp/omni_tmp/DP.dat
and add the new settings line by line into this file.
The following port entries correspond to the IDB services:
HP Data Protector IDB (hpdp-idb) service port: PGPORT

Default: 7112
HP Data Protector IDB Connection Pooler (hpdp-idb-cp) port: PGCPORT

Default: 7113
HP Data Protector Application Server (hpdp-as) service port: APPSSPORT

Default: 7116
HP Data Protector Application Server (hpdp-as) management port: APPSNATIVEMGTPORT

Default: 9999
In addition you can change the default IDB user account: PGOSUSER
Default: hpdp
Example DP.dat file with changed Application Server (hpdp-as) management port:
PGPORT=7112
PGCPPORT=7113
APPSSPORT=7116
APPSNATIVEMGTPORT=7200
PGOSUSER=hpdp

Module 4
Installation
4–18. SLIDE: DP 9.00 Cell Manager processes
DP 9.00 CM Processes
Since DP 8.00: RDS
DP Processes on the Cell Manager : uiproxy
• Windows : running as Services
• Unix : running as Daemons Windows Services
Name Description
The Cell Request Server (CRS) service starts and
crs controls backup & restore sessions in the cell
The Media Management Daemon (MMD) service

mmd manages the device and media management
operations
The Data Protector Key Management Server (KMS)
kms service provides key management for the DP
encryption functionality.
UNIX daemons
hpdp-idb The service starts and controls the internal db
The Internal Database Connection Pool service

hpdp-idb-cp controls connections to the internal database
The Application Server service provides web
hpdb-as services for components used by DP
The DP client service that enables the CM to start

inet agents on other systems
Check the status of the DP processes with: omnisv -status

DP 9.00 Cell Manager Processes
When the installation is finished, the processes listed in the table above are running on the Cell
Manager.
Data Protector configures during the installation the required files in order to ensure that these
processes are started, whenever the system is booted.
The Data Protector processes are running as services on WINDOWS and as daemons on UNIX OS.
You can manage the Data Protector processes by the omnisv command:
omnisv –start Starting DP

omnisv –stop Stopping DP
omnisv –status Query the status
Note: The processes rds and uiproxy, part of the DP Cell Manager processes before version 8.00,
are no longer available in DP 8.X. In case you run customized monitoring scripts you need to update
these scripts to reflect the changes in DP 8.00 and higher.

Module 4
Installation
4–19. SLIDE: Client installation overview
Client installation - Overview

Data Protector Clients can be installed via:
• Local installation
• Remote installation using an Installation Server
Support:
• Local installation available for: All supported client platforms
• Remote installation available for: All supported client platforms beside
OpenVMS and Netware
Remote installation to a Unix system

• requires at least one Installation Server either on HP-UX or Linux
• methods: secure shell (recommended), rsh and rexec
Remote installation to a Windows system
• requires at least one Installation Server on Windows
• requires certain firewall configuration on the client
(see slide Windows firewall - Push Installation)
Client installation overview
After the Cell Manager and Installation Server are installed, it is time to install the Data Protector
agent software on all systems that should be backed up. Those systems become then DP clients
belonging to this cell. The installation can be performed via two mechanisms:
Local installation:
With a local installation it is required to log into the system and start the installation on the
corresponding system. A local installation is available for all supported platforms.
Remote installation:
The Installation Server offers the possibility to push the software to the corresponding
systems. There are two different Installation Servers, one for Windows and one for UNIX. That
means that if the software has to be pushed to Windows and UNIX clients, both Installation
Servers must be installed.
The remote installation is available for the most platforms, but some have to be installed
locally, e.g. HP OpenVMS.

Module 4
Installation
4–20. SLIDE: Remote push installation 1/3
Remote push installation 1/3
1.
2.
define which Installation
Server platform should
be used
3.
• select Add Clients
1.
• select the target
2. platform
• select the
4.
3. Installation Server
• press Next
4.
If a new Data Protector client should be added to the cell, Data Protector agents software must be
installed for the first time on that system. This can be achieved via local installation or via a remote
pushing mechanism offered by the Installation Server. This and the following slides show how the
remote push mechanism works.
1. Start the Data Protector GUI (on any system) and right mouse click Clients within the
Clients context
2. Select the correct platform of the remote system (either Windows or Unix)
3. Select the Installation Server that should be used for the installation. Note, that only
those Installation Servers are listed that belong to the platform as selected during step
2.
4. Select Next.

Module 4
Installation
5. 6.
when pressing Add

DP checks whether the
name can be resolved
• specify system
5. name
7.
• press Add
6.
Nearly 40
components • select all required
are selectable 7. components
8. • press Finish
8.
5. Enter the remote system on which the Data Protector

component should be installed. It is also possible to
browse or search for the client system:

Module 4
Installation
6. Press the Add button.

Data Protector checks whether the name can be resolved, hence Data Protector detects
typos. In case of resolve issues DP pops the window:
7. Select which Data Protector component or agent software should be installed. For
some dedicated components, like MS SharePoint Granular Recovery Extension, it is
required to specify dedicated user credentials. If more than one client is selected and it
is required to install different components on each client, select the option I want to
customize these options for client systems independently.
Example:
8. Press Finish to start the installation.

Module 4
Installation
• Installation session
starts
9.
• if required, DP asks
for user credentials
10.
9.
• installation
11. finishes
10. 11.
The session starts and lists all important operation in the session output window.
9. Data Protector tries to connect to the system and requests for user credentials if
required.
10. The installation continues and installs all selected components on the system.
The client is also imported automatically into the Cell:

Module 4
Installation
4–23. SLIDE: Windows Firewall push installation
Windows Firewall - push installation

Push installation requires certain firewall configurations
• port 5555 must be enabled
outbound connections are allowed 
For local installation no manual firewall configuration is necessary

• DP is doing necessary changes on its own
− see slides Local Client installation – Windows later in this module
Windows Firewall push installation
Windows Firewall
If the firewall is enabled on the remote system the firewall must be configured such as
• port 5555 is enabled
• Outbound connections are allowed
Enabling Data Protector port 5555

The port 5555 must be opened for incoming
connections:
Within the Firewall with Advanced Security utility

right mouse click Inbound Rules and select New
Rule …

Module 4
Installation
Within the next window specify Port,

press Next
Check TCP, UDP is not required.
Specify 5555, press Next

Module 4
Installation
Specify Allow the connection,

press Next
and continue and save the rule.
Check that outbound connections are allowed

Run firewall properties (right click on Windows Firewall with Advanced Security on the left) and
verify that Inbound connections are blocked (default) and Outbound connections are allowed
(default):

Module 4
Installation
If the firewall configuration is not configured correctly the push installation might fail with the
following messages:
[Critical] [110:1022] Cannot connect to the SCM (Service Control

Manager) on client vm1.dpdom.com:
[5] Access is denied.
or:
[Normal] Starting installation on client vm1.dpdom.com at Tuesday,

November 15, 2014, 11:50:10 AM...
[Critical] [110:1025] Cannot connect the Data Protector bootstrap

service on client vm1.dpdom.com:
IPC Cannot Connect
System error: [10060] Connection timed out
[Normal] Installation session finished on Tuesday, November 15, 2014,

11:52:20 AM.
In case the Cell Manager is Windows 2003 and the clients are running Windows 2008 the user that
starts remote installation must have Administrator privileges on remote host and the Remote
Administration (NP-In) inbound rule must be enabled on the remote system.
Inbound rules created by Data Protector

Note that the rule for port 5555 is only required for the push installation. The installation will
create for all required Data Protector binaries a corresponding inbound rule: Hence after the
installation the rule for port 5555 can be removed again.

Module 4
Installation
4–24. SLIDE: Push installation with secure shell
Push installation with secure shell
Push installation on Unix can be performed using secure shell (SSH)

• omnirc variable OB2_SSH_ENABLED must be set on the Installation Server
• if secure shell is not available the legacy Unix tools rsh and rexec are used
• secure shell protocol ensures that data including password/passphrase is send
encrypted over the network
• based on public-private keys
• If configured correctly no password must be specified
Note: Secure shell installation is supported on Unix systems only
Push installation with secure shell
For security reasons, it is recommended to use secure shell for the Data Protector remote
installation. If secure shell is not available, the legacy UNIX tools rsh and rexec are automatically
used by the Data Protector remote installation.
To use secure shell, install and set up openssh on both, the client and installation Server.
Secure shell installation helps you to protect your client and Installation Server by installing Data
Protector components in a secure way. High level of protection is achieved by:
• Authenticating the Installation Server user to the client in a secure way through the public-
private key pair mechanism.
• Sending encrypted installation packages over the network.
NOTE: Secure shell installation is supported on UNIX systems only and requires the
omnirc variable OB2_SSH_ENABLED set on the Installation Server.
# OB2_SSH_ENABLED=0|1
# Default: 0
# Allows SSH protocol to be used for remote installation of DP agents. This
# secures the remote connections while distributing the agents. Set this variable
# on Installation Server host. It is applicable only on UNIX platforms.

Module 4
Installation
4–25. SLIDE: Local client installation - Windows
Local client installation - Windows

1. • Installation starts similar
1. to the CM installation
• Provide CM system name

2. (or leave empty)
• Check installation status

2. 3.
3.
Local client installation – Windows
Data Protector client installation started pretty similar to a Cell Manager installation.
While default installation on Windows is always a remote installation it might be required to run
a local installation.
1. In the wizard window select Client instead of Cell Manager

2. Provide, if available, the name of the Cell Manager. If specified the client will be imported
into the named Cell Manager. If you leave it empty you need to run a manual Client Import
as explained on slide 4-28.
3. Check the Data Protector Client Installation status in the summary window
Note: For a cluster node installation, please check the HP Data Protector Installation and
Licensing Guide

Module 4
Installation
4–26. SLIDE: Local Client Installation - Unix
Local client installation - UNIX and others
The omnisetup.sh command can be used to install DP clients locally on

HP-UX, Solaris, Linux, AIX, Tru64, SCO clients locally
omnisetup.sh [-source directory][-server name][-install component-list] [-IS] [-CM]
[-autopass] [-noautopass]
Beside omnisetup.sh native OS installation tools can be used instead

• HP-UX swinstall
• Linux rpm
• Solaris pkgadd
(Note: This requires several additional manual steps)
Local client platforms that cannot be installed with omnisetup.sh:

• OpenVMS
• Novell Netware (out of support)
Local Client Installation – Unix
The default installation type for UNIX client is the remote installation. Similar to a Cell Manager
installation omnisetup.sh has to be used in case of a local DP client installation.
CLI: omnisetup.sh [-source directory] [-server name]

[-install component-list]\ [-IS] [-CM] [-autopass]
[-noautopass]
Examples
Install the component Disk Agent (DA), Media Agent (MA), User Interface (CC), and English
Documentation (docs)
CLI: omnisetup.sh –server ita030.dpdom.com –install DA,MA,CC,Docs
Native OS installation tools can be used instead. These are:
• HP-UX swinstall;
• Linux rpm;
• Solaris pkgadd,
Details are explained in the HP Data Protector Installation and Licensing Guide.

Module 4
Installation
4–27. SLIDE: Export of clients
Export of clients
1.
• select Clients context
2. 1.
• right mouse click the client

2.
• select Delete
3.
• select Yes for Export with DP
4. Uninstall or No for Export only
3.
4.
Rules:
 A DP client always belongs to one DP Cell only
 A DP client can be exported from its cell and then imported into another Cell
 Optional: Export can be performed together with client software uninstall
 After Client export all backed up data of that client stays protected until protection expired
Export of clients
Exporting a client from a Data Protector cell means removing its references from the Internal
Database on the Cell Manager with or without uninstalling the Data Protector client software from
the client. This can be done using the Data Protector GUI using the procedure as shown above.
The following rules apply for a Data Protector client in a cell:
 A DP client always belongs to one DP Cell only

 A DP client can be exported from its cell and then imported into another Cell
 Optional: Export can be performed together with client software uninstall
 After Client export all backed up data of that client stays protected until protection expired

Module 4
Installation
4–28. SLIDE: Import of clients
Import of clients 1.
1. • right click on Clients

2. • select Import Clients
2.
• specify system name and select
3. Type Data Protector Client
• select Finish
4.
3.
4.
Note: DP client always belongs to one DP Cell only, so Import will fail if client still belong to another cell
Import of clients
This slide describes how to import clients. If this client still belongs to another cell, an error
message occurs and the import fails:

Module 4
Installation
4–29. SLIDE: Adding components to clients
Adding components to clients

1.
1.
• select Add Component
2.
2.
• add more clients if required
3.
• select the component
4. • Select Finish
4.
3.
Adding components to clients
Adding components to existing Data Protector client(s) systems is done by the following tasks:
1. In the Scoping Pane, click Clients, right-click the appropriate client,
2. click Add Components.
3. This wizard allows you to add additional clients, on which the components should be
installed. This allows adding several components on several client systems within one
operation.
4. Select the component(s) that should be added; press Finish.

Module 4
Installation

Module 5 —Upgrade and Migration
Objectives
• The prerequisites for a DP 9.0X Cell Manager migration
• The update and migration paths
• The IDB migration procedure
Contents
Module 5 —Upgrade and Migration 1
5–3. SLIDE: Upgrade and Migration Scenarios .................................................................. 2
5–4. SLIDE: Upgrade and Migration Scenarios cont. .......................................................... 3
5–5. SLIDE: Upgrade & Migration Windows ...................................................................... 4
5–6. SLIDE: Upgrade & Migration paths HP-UX, Linux and Solaris ........................................ 5
5–7. SLIDE: Upgrading devices with default block size ....................................................... 7
5–8. SLIDE: Upgrade of a Windows Cell Manager 1/4 ......................................................... 8
5-9. SLIDE: Upgrade of a Windows Cell Manager 2/4 ........................................................ 10
5-10. SLIDE: Upgrade of a Windows Cell Manager 3/4....................................................... 11
5-11. SLIDE: Upgrade of a Windows Cell Manager 4/4....................................................... 12
5-12. SLIDE: IDB Migration Concept............................................................................... 13
5-13. SLIDE: IDB Core Migration ................................................................................... 15
5-14. SLIDE: After Core Migration ................................................................................. 17
5-15. SLIDE: Manually Catalog Migration ....................................................................... 19
5-16. SLIDE: The omnimigrate command ....................................................................... 21
5-17. SLIDE: Report old Catalog ................................................................................... 24
5-18. SLIDE: IDB Size and Update Duration ..................................................................... 26
5-19. SLIDE: Upgrade of a UNIX Cell Manager .................................................................. 27
5-20. SLIDE: Upgrade of a MoM Environment .................................................................. 31
Module 5
Upgrade and Migration
5–3. SLIDE: Upgrade and Migration Scenarios

Upgrade and Migration Scenarios
Supported Upgrade Paths
Direct Upgrade
• Upgrade from DP 6.2X, DP 7.0X and DP 8.x directly to DP 9.0X
Indirect Upgrade
• DP 6.1X and older needs to be upgraded to DP 6.2X, DP 7.0X
or DP 8.x first, before upgrading to DP 9.0X
Upgrade Scenarios
The following upgrade paths are supported:
Direct Upgrade
The one-step-upgrade from DP 6.2X or DP 7.0X or DP 8.x to DP 9.0X.
Indirect Upgrade
DP 6.1X and older versions need to be upgraded to DP 6.2x or higher before upgrading to DP 9.0X

Module 5
5–4. SLIDE: Upgrade and Migration Scenarios cont.

Upgrade and Migration Scenarios cont.
Migration
Important:
DP 8.00 and higher supports 64-bit Cell Managers only
Migration Task:
Existing 32 bit based CMs must be transitioned to 64 bit first
• applies to both, HP-UX and Windows

• must be done on the old DP version 6.x / 7.x
• using old omnimigrate or winomnimigrate command
• Afterwards the upgrade to DP 9.00 can be performed
(includes the IDB core part migration)
Migration Scenarios
Beginning with DP 8.00 only 64-bit platforms are supported for the Cell Manger.
A Cell Manager installation on a 32 bit OS must be migrated to 64 bit first. This applies to both, HP-
UX and Windows. A Data Protector Cell Manager was never supported on 32-bit Linux, so such
issues does not apply for Linux.
Data Protector 9.0X does not support a Cell Manager on Windows 2003 (32 or 64-bit), so you need
to migrate the current used DP version to a DP9.0X and current used DP version supported
Windows first, before starting the DP 9.0X upgrade, e.g. migrate to Windows 2008 64bit.
HP-UX PA-RISC systems has been obsoleted as a CM platform. Therefore, CM Systems with HP-UX
PA RISC must be migrated to HP-UX IA 64 first (Itanium HP-UX 11.31).

Module 5
5–5. SLIDE: Upgrade & Migration Windows

Upgrade/Migration paths on Windows
Only 64-bit systems are DP Cell Manager DP Cell Manager
9.00 9.00
supported as 9.00 CM!
Upgr.
A Migration to 64-bit platforms
Upgrade DP Cell Manager
has to happen on earlier versions 8.x
Upgr.
Windows 32-bit Windows 64-bit Windows 64-bit

DP Cell Manager Migration DP Cell Manager DP Cell Manager
6.2x or 7.x 6.2x or 7.x 6.2x or 7.x
Upgrade Upgrade
Windows 32-bit Windows 64-bit

DP Cell Manager DP Cell Manager
pre-6.2x pre-6.2x
Upgrade & Migration paths on Windows
The possible upgrade paths and migration paths in a graphical representation.
In grey everything what has to be done before DP 8.00

In light blue and with the broader fringes, the DP 8.00 update step.
The term Migration is used for the steps from

a 32-bit OS to a 64-bit OS migration or for
a PA-RISC to an Itanium migration system.
The term Upgrade is used for the upgrade from a DP version to a newer one.
Migrating from 32-bit/64-bit Windows to 64-bit Windows/Windows Server 2008

For the migration procedure, see the HP Data Protector Installation and Licensing Guide from the
appropriate product version.

Module 5
5–6. SLIDE: Upgrade & Migration paths HP-UX, Linux and Solaris
Upgrade/Migration paths on HP-UX
Only Itanium systems are DP Cell Manager DP Cell Manager
9.00 9.00
supported as 9.00 CM!
upgr.
A Migration to Itanium has to

Upgrade DP Cell Manager
happen on earlier versions 8.x
Upgr.
HP-UX PA-RISC HP-UX Itanium HP-UX Itanium

DP Cell Manager Migration DP Cell Manager DP Cell Manager
6.2x or 7.x 6.2x or 7.x 6.2x or 7.x
Upgrade Upgrade
HP-UX PA-RISC HP-UX Itanium

pre-
DP Cell Manager DP Cell Manager
pre-6.2x pre-6.2x
Upgrade & Migration paths on HP-UX, Linux and Solaris
HPUX:
The possible upgrade paths and migration paths for HP-UX on PA-RISC and Itanium in a graphical
representation.
Light grey boxes contain everything what has to be done before upgrading to DP 9.00
Blue/Dark grey boxes contain the DP 9.00 upgrade step.
The term Migration is used for the steps from

a 32-bit OS to a 64-bit OS migration or for
a PA-RISC to an Itanium migration system.
The term Upgrade is used for the upgrade from a DP version to a newer one.
Migration from PARISC HP-UX systems to Itanium HP-UX systems

Data Protector 9.00 no longer supports PA-RISC architecture based HP-UX 11.11/11.23 systems as
a Cell Manager platform. Therefore, you must migrate Cell Manager from a PA-RISC architecture
based HP-UX 11.11/11.23 system to an HP-UX 11.23/11.31 system for the Itanium architecture
before the upgrade.
For the migration procedure, see the HP Data Protector Installation Guide of the appropriate Data
Protector version.

Module 5
Linux:
Linux Cell Manager was always supported on 64-bit Linux OS only.
Migrating from Solaris to Linux

Starting with Data Protector 7.00 Solaris OS is no longer supported as a Cell Manager platform.
Therefore, you must migrate the Cell Manager to a new platform before you start the upgrade
procedure to Data Protector 9.0X, using the installed Data Protector version.
See HP Data Protector 9.00 Installation Guide for detailed instructions on how to perform this
migration.

Module 5
5–7. SLIDE: Upgrading devices with default block size

Upgrading devices configured with default block size
Important:
With DP 8.00 default block size of logical devices was changed from 64kB to 256kB.
In DP 9.00 existing logical devices with block size setting “Default (64)” still are still
using 64kB after upgrade. New logical devices will use 256kB (“Default (256)”), if no
block size is specified during configuration.
Device configured with setting Upgrade Device configured with 64kB

“64”
Device configured with setting

“256” Upgrade Device configured with 256kB
Device configured with Upgrade to Device now configured with 256kB

setting “Default (64)” DP 8.00 “Default (256)”
Device configured with 64kB

Device configured with Upgrade to
DP 8.1X/9.00 Setting “Default (64)”
setting “Default (64)
is replaced by : 64
Upgrading devices with default block size
Starting with Data Protector 8.00 the default value for the used block size of Data Protector logical
devices has been increased from 64KB to 256KB for a better performance.
Devices with a user defined block size, e.g. 64KB or 512KB, retain their setting after upgrade.
Devices configured with Block size setting “Default (64)” were accidently reconfigured to “Default
(256)” after upgrade to DP 8.00. This cause problems during tape overwrite or append operations
after upgrade, because 256KB data blocks cannot be written/appended to a 64KB formatted
medium.
The problem is resolved in DP 8.10 and higher by retaining the old 64KB Block size setting.
Important: All newly configured devices in DP 8.x and higher will now get a default block size
of 256KB configured. If you still use media/devices with 64KB configured, either
switch back to a block size of 64KB for new devices or create different pool for
256KB formatted media and use “speaking names/descriptions” for your backup
devices and pools for separation.

Module 5
5–8. SLIDE: Upgrade of a Windows Cell Manager 1/4
Upgrade of a Windows Cell Manager 1/4 IDB Migration not

required for upgrades
… from a pre 8.x version from DP 8.x to 9.00
• Make sure the Cell Manager system fulfills the DP 9.00 Prerequisites
 64bit OS used
 See “DP 9.00 Platform and Integration Support Matrix” for supported Windows
versions and configurations”
• Existing DP must be up & running

 Do NOT de-install DP before the upgrade
 Run setup.exe from the DP 9.00 installation medium
• The CM Upgrade Process covers these Steps:

 Export of the existing IDB data to flat files (pre 8.x only)
 Deletion of old DP binaries
 Installation of new DP 9.00 product files
 Installation of the new PostgreSQL based DP IDB (pre 8.x only)
 Import of the old IDB from flat files into the new PostgreSQL IDB (pre 8.x only)
Upgrade of a Windows Cell Manager 1/4
For upgrading an earlier version to DP 9.00, the same prerequisites must be met as for a plain DP
new installation. (Check the HP DP Product Announcements, and HP DP Installation Guide for details
about the prerequisites.)
Important: The existing Data Protector must NOT be de-installed before the upgrade.
The upgrade is supported only on a fully operational IDB DP version.
For the export of the existing IDB, all DP services need to be up and running.
The IDB-migration is the major task during the upgrade to DP 9.00 and consists of the following
steps:
- Export of the existing IDB data to flat files
- Deletion of the old DP product files
- Installation of the new DP 9.00 binary files
- Creation of a new DP IDB using PostgreSQL
- Import of the IDB from flat files into the new PostgreSQL IDB

Module 5
Important: Before upgrade ensure to have a good backup of the DP IDB.

Apply IDB Maintenance (Filename Purge/IDB Export & Import) and run an IDB
Consistency check to ensure having a vital IDB and prevent IDB problems during
the upgrade.
Upgrade
• Log in as the DP CM Administrator.
• Ensure that no backup, restore or IDB maintenance session is running.
• Insert the Windows Installation DVD and wait for the autorun to bring up the DP Product
splash screen or
• run the setup.exe command from the folder \Windows_other\x8664\.
As shown on Slide 5-10 the DP installation wizard finds automatically the earlier DP version and
shows the information on the Welcome screen. This is the same as with upgrades to new versions
in the past:
Click Next to start the upgrade.
On the then following 'Component Selection' window you can choose to install the same or more or
less components than those that the wizard finds from the existing DP installation.
Click Next

Module 5
5-9. SLIDE: Upgrade of a Windows Cell Manager 2/4

… from a pre 8.x version
3
1
2 4
After the welcome screen Data Protector detects the current DP version. In the example above, the
DP version 6.20 is shown.
As usual, the Component Selection Windows allows choosing components for installing on the CM.
All components, already installed with the current version, are automatically selected.
Hitting the Space button DP shows the size of available disks with its free space. Last column
shows the required space for the DP 9.00 CM and the selected components.

Module 5

5
Check the port numbers for
– IDB service,
– IDB Connection Pool (CP) service
– Application Server service
– Application Server management port
default settings: 7112, 7113, 7116 and 9999
New CM components are installed
6 7
After the Welcome and the Component Selection window, the next screen “Internal Database and
Application Server options” prompts for user name/password of the IDB Service and Application
Server account. As a default CRS service account is listed.
The port numbers 7112, 7113 and 7116 are the default ports for the IDB Service, the IDB
Connection Pool (CP) service, and the Application Server (AS) service and should only be changed if
these ports are already used for other purposes on the system.
The installed JBOSS Application Server can also be managed directly in a Browser Window, outside
of Data Protector. This used Management Port (default: 9999) can be customized as well in this
window.
The next screen asks for permission to perform all required Firewall configuration changes to
ensure a proper Data Protector operation.
The last shows a summary of the configured upgrade operation. Hit Install to start the installation.
Note: Together with the new PostgreSQL IDB, a JBOSS Application Server Technology Stack,
a Job Control Engine and a Java Runtime Environment is installed.

Module 5

Importing …
8
Exporting …
10
Installing new DP binaries … 11

Status …
In the first upgrade step it exports the old IDB – mainly the directories cdb and mmdb to a
temporary location: DP_VAR\tmp\export
Ensure to have enough free space available on that volume for the ASCII dump of that RAIMA IDB.
The export is done using CLI commands of the installed old DP version. That’s one of the main
reasons why the old DP version should not be removed before DP 9.00 is deployed. If you do, the
upgrade will fail.
After exporting the old IDB, the wizard removes the old DP binaries and installs the new DP 9.00
product binaries. The wizard creates an empty PostgreSQL based IDB under
DP_VAR\server\db80
and imports the old IDB data from the DP_CONFIG\tmp\export directory.
DP then continues the installation as usual and finally comes with the “Installation Status” Window.
Click Next to finalize the upgrade.
The Installation log files are kept in folder:

DP_VAR\server\db80\log

Module 5
5-12. SLIDE: IDB Migration Concept

IDB Migration Concept
Core Migration (mandatory)

• Migrates the SQL database part of the IDB
• MMDB and critical parts of the CDB
• Automatically during the upgrade of CM to DP 9.00
• Requires a certain downtime of DP environment
• Keeps old DCBF and filenames files
• DP 9.00 is functional after Core Migration
Catalog Migration (optional)

• Migrates filenames & DCBF files to new DCBF 2.0 format
• Manually migration is needed if permanently protected media exist
• Also needed by customers who reach limits of the old IDB
Important: IDB Migration is only required for DP upgrade from pre-DP 8.x to DP 9.00
IDB Migration Concept
The migration from an existing IDB on a DP 6.x or 7.x Cell Manager to the new PostgreSQL IDB has
two parts, the Core migration and the Catalog migration.
Core Migration (mandatory)

The Core Migration is mandatory and happens automatically during upgrade of an existing Cell
Manager to the DP 9.00 product version. The Core migration requires Data Protector downtime and
expected to complete within 2 hours.
After the core migration, the DP 9.00 Cell Manager is fully functional. Media, Pools and Device
related information was migrated and are now accessible in the DP GUI/CLI. The biggest part of the
IDB, the Catalog Database (CDB) was only partly migrated to shorten the overall required IDB
downtime and quickly allow new backups to run.
A special wrapper was installed that allows the new IDB to access the not migrated part of the IDB,
which was set in Read-Only status after Core migration. All new backups start creating new Catalog
files under DP_VAR\server\db80. Media overwrite and append operations will create new DCBF
format 2.0 files and the trigger the deletion of the belonging old DCBF files.

Module 5
Catalog migration (optional)

The Catalog migration is an optional migration task. After Core migration the IDB is fully functional,
so DP 9.00 is able to read the old DCBF files. If there are no backups with permanent protection all
media that were used in the old DP version, will be overwritten in a few weeks/month, so the
associated old DCBFs will be automatically deleted.
But it is possible to migrate all old DCBFs into the new DCBF 2.0 format. This step is called Catalog
migration and depending on the amount and size of old DCBF it might run from several hours to
several days. The Catalog migration does not require downtime and is able to run in the
background.
The Catalog migration might be required in environments with a high number of media with long
retention times or even permanent protected media.

Module 5
5-13. SLIDE: IDB Core Migration
IDB Core Migration
Automatically started & controlled by the omnimigrate Perl script

• Exports old RAIMA IDB to temporary flat files (uses omnidbutil –writedb)
–Exports the contents from entire MMDB
–Exports sessions, objects, object versions, media positions from CDB
• Location of the exported IDB: DP_VAR\tmp\export
• New PostgreSQL IDB files are located in:

DP_VAR\server\db80\idb\PG_9.1_201105231
• Old DCBF and fnames.*, dirs.*, fn*.* are not migrated and kept in their old locations:
DP_VAR\db40\dcbf (1,2,3..)
DP_VAR\db40\datafiles\cdb
(Default Path for DP_VAR: C:\ProgramData\Omniback)
IDB Core Migration
The IDB Core migration upgrades all the critical information such as entire MMDB and the vital part
of the CDB (sessions, objects, object versions, media positions) into the new PostgreSQL based IDB.
The new PostgreSQL based IDB data files are located under:
Windows: DP_VAR\server\db80\idb\PG_9.1_201105231
Unix: DP_VAR/server/db80/idb/PG_9.1_201105231
The Core Migration is started and controlled implicitly by the omnimigrate command.
The usage of the omnimigrate command is the same on Windows, HP-UX and Linux.
It is a Perl script and located in DP_HOME\bin.
The Core Migration happens in three steps:
1.) Exporting the RAIMA part of the old IDB into temporary flat files
By executing omnidbutil –writedb –cdb <location> -mmdb <location> the old RAIMA Part
of the IDB is exported to a temporary location. The location is hardcoded set to
DP_VAR\tmp\export
and cannot be changed. In case of a default installation this will point to:
C:\ProgramData\Omniback\tmp\export

Module 5
So ensure to have enough space available on your DP Installation drive.
Note: The biggest RAIMA datafiles, fnames.*., fn*.* and dirs.* are excluded from the
export operation and remain in Read-Only mode in the original folder:
DP_VAR\db40\datafiles\cdb
2.) Preparing these files for usage with PostgreSQL

This is an DP internal step that is used to modify the ascii file for the PostgreSQL import.
3.) Importing the ASCII data into the new PostgreSQL IDB
Within this step the prepared data is loaded into an empty PostgreSQL database. The location is
listed on the previous page. The size of the new PostgreSQL database is less than the old
RAIMA database because the biggest part, the filename and path information of the backed up
data is now stored within the DCBF.
In addition, the Session Messages Binary Files (SMBF), stored outside of the RAIMA IDB part, are
moved from the old db40 folder into the new location
DP_VAR\server\db80\msg
Important: Data Protector IDB Core Migration automatically starts as part of the DP9.00
installation process. There is no option to run a DP9.00 installation on a DP
Cell Manager system with an older DP version installed without starting the
Core migration. So ensure that your existing IDB is prepared for this upgrade
and you have enough space available.

Module 5
5-14. SLIDE: After Core Migration
After Core Migration UNIX:

/var/opt/omni/server/db80/dcbf
After Core Migration the DP 9.00 CM is fully functional

Old filenames (fnames tablespaces & DCBF files are kept read-only
Allow restores from backups done in old DP version
New backups create new DCBF 2.0 format files
If a medium is ‘Appendable’, then this medium
gets a new DCBF 2.0 file
Over the time the old catalogs get expired, except permanent protected objects
Obsolete old DCBF files are deleted by daily maintenance
5 new DCBF directories
Time consuming Catalog Migration can be started at convenient time have been created
Important:
After the upgrade configure and perform a full IDB
backup! Old IDB backups cannot be used in Data
Protector 9.00
After Core Migration
After the core migration the DP 9.00 Cell Manager is fully functional.
The migration keeps the old Raima filenames and DCBF files and changes them to read-only mode.
The files are still located in their original folders under: DP_VAR\db40\datafiles\cdb
This way all objects, whose catalogs are still protected and were backed up prior to the migration,
have their filenames and backup versions info available in the old format. DP 9.00 is able to
understand the old format and can start restore sessions from it.
Over time the catalogs get expired. When there is no more data-protected file on the medium that
a DCBF belongs to, the old DCBFs get automatically deleted via daily maintenance the same way as
this was done in DP 6.x / 7.x.
New DCBF files are created when new backups are performed in DP9.00. The backup catalog
information is written into new DCBF files. The new DCBF 2.0 format files are kept in new folder:
Windows: DP_VAR\server\db80\dcbf
UNIX: DP_VAR/server/db80/dcbf

Module 5
When an old medium is to be appended, also a new DCBF 2.0 file will be created. The advantage of
this approach is that for the upgrade of an existing DP setup only the core part of the IDB needs be
migrated during installation of DP 9.00 software.
The time consuming migration of the DCBF files can be done at a more convenient time, or can
possibly be avoided completely.
As the slide shows, after the successful migration, 5 new DCBF directories are created under the
above mentioned directory.
Within Data Protector the 5 new DCBF 2.0 folders and the old DCBF folders are listed in the DP GUI
IDB context.

Module 5
5-15. SLIDE: Manually Catalog Migration
Manual Catalog Migration

Manually started with omnimigrate.pl
perl omnimigrate.pl –start_catalog_migration
• Migrates (remaining) DCBF files into new DCBF 2.0 format files
• DCBF files are transferred sequentially one by one - permanently protected media first
• Migration process can last very long time, but can be stopped & continued as needed
• New DCBF 2.0 files located in: DP_VAR\server\db80\dcbf
After catalog migration space consuming DCBF are deleted automatically during the daily maintenance.
Note:
The new DCBF 2.0 format contains backup versions and filenames. It
need approximately three times more space as the old DCBF file
Manual Catalog Migration
The Catalog Migration can be triggered manually after the upgrade by starting:
omnimigrate.pl -start_catalog_migration
It’s a perl script, so on Windows add perl to this script:

perl omnimigrate.pl -start_catalog_migration
The Catalog migration is an optional process.
It converts the old DCBF files to the new DCBF 2.0 format and stores them according the configured
DCBF allocation policies in one of the created 5 DCBF folders under:
DP_VAR\server\db80\dcbf
During this process the names of backed up files are taken from the Raima data files and stored
within the new DCBF files. Therefore the average size of the new DCBF files is three times larger as
before. The user has to take care that there is enough space on the new DCBF location.
After all DCBFs are migrated, fnames.dat, dirs.dat, fn*.ext and their respective .key files are no
longer needed and can be deleted via omnimigrate.pl -remove_old_catalog

Module 5
The catalog migration process can last for a very long time, because migrates the media one by
one. It can however always be paused and continued at a more convenient time. Some older media
can be expected to expire by themselves during the migration process.
If there are no permanently protected objects and media in a DP cell and if the retention period is
short, then the manual catalog migration is not needed at all, as the old DCBF files will be deleted
automatically once there is no more protected file on the respective media.
On the other hand, the old Raima files - in particular the space consuming fnames.dat - cannot be
deleted as long as there is a single filename which is protected and continue to occupy disk space.
Ideally the DP administrator should wait until most of the old media have expired and then trigger
the migration for the remaining permanently protected media.
To help making this decision, a short report about "Space consumption of remaining old DCBFs and
filenames files" is generated as an alarm once per week in the event log (displayed in the GUI
Reporting context).

Module 5
5-16. SLIDE: The omnimigrate command
The omnimigrate command

• Start the migration
• Stop the migration

omnimigrate.pl -stop_catalog_migration
• Shows the ID of the media that is currently migrated

omnimigrate.pl -report_catalog_migration_progress
> perl omnimigrate.pl -report_catalog_migration_progress
Migrating catalog of the medium 6b026cc2:51922a23:02c8:002e (13 of 51).
• Show the amount of space still occupied by old DCBF & filenames data files
omnimigrate.pl -report_old_catalog [media | sessions | objects]
• Delete all output & control files from the DP_VAR\tmp directory
Allow a restart of the migration after unexpected termination or system crash
omnimigrate.pl –cleanup
• Deletes all old DCBF files and the old Raima data files
Irreversibly ends the migration process
omnimigrate.pl -remove_old_catalog
The omnimigrate.pl command
The omnimigrate.pl command supports various options and is used for Core and Catalog migration.
The most important options for the user triggered Catalog migration are listed above, such as how
to start and stop of the Catalog migration and how to get reports about the process.
Once Catalog migration is completed the old RAIMA datafiles and remaining DCBFs can be deleted
Be careful with the remove_old_catalog option, as it deletes all of the old DCBF files and the old
Raima data files, which means it irreversibly ends the migration process.
With this command the catalog migration is started. The migration progress is written to standard
output:
Example:
perl omnimigrate.pl –start_catalog_migration
Migrating catalog of medium 5e04110a:49a7a338:0a0c:0003 (1 of 698).

Migrating catalog of medium 5e04110a:49c0a0ba:0724:0005 (2 of 698).
Migrating catalog of medium 5e04110a:4a769e2f:0c5c:0005 (3 of 698).
Migrating catalog of medium 5e04110a:4997e6a7:0540:0001 (4 of 698).
Migrating catalog of medium 5e04110a:49e6e8bb:0830:0002 (5 of 698).

Module 5
Migrating catalog of medium 5e04110a:4a689c58:05f4:0001 (6 of 698).

Migrating catalog of medium 5e04110a:4b221828:0f2c:0001 (7 of 698).
Migrating catalog of medium 5e04110a:41fe8894:08a0:0001 (8 of 698).
...
Done!
When running the script, DP creates and follows a priority sequence list for the media which need to
be migrated:
- Permanently protected media are migrated first, as they will never expire
- Then the youngest media, as they are least likely to expire during the migration process
omnimigrate.pl -stop_catalog_migration
This command stops/pauses the catalog migration process. The current DCBF upgrade is finished
and logged. When running -start_catalog_migration’ again, the process continues where it
stopped before.
omnimigrate.pl --report_catalog_migration_progress
This command displays the progress of the catalog migration.
Example:
omnimigrate.pl -report_catalog_migration_progress
Migrating catalog of medium 5e04110a:4a8574a7:0f64:0002 (7 of 690)]
omnimigrate.pl -report_old_catalog
If no additional option is specified, the command lists the amount of space still occupied by old
DCBF files and filename data files:
Example
omnimigrate.pl -report_old_catalog
Old catalog binary files size:

Size of old DCBF’s (712 files): 23 MB
Old file names data files: 44 MB
Total: 67 MB
omnimigrate.pl -cleanup
With -cleanup option, the command is used to clean up the DP_VAR\tmp directory of all the
export/import files. This includes the migration's priority and control file. Thus, after a cleanup, the
migration will not continue with the next media, but restarts the migration by calculating which of
the remaining media should be migrated first now. The omnimigrate -cleanup command is useful
to restart the migration after a system crash.
If the option -output_dir <OutputDirectoryPath> is added, the files in the

<OutputDirectoryPath> are deleted instead of the default location.

Module 5
Example:
omnimigrate.pl -cleanup
Done!
Note: Instead of option -output_dir, also -shared_dir and even -input_dir can be used with the
same effect.
This command deletes all of the old DCBF files and the old Raima data files, which means it
irreversibly ends the migration process.
Example:
This will permanently remove all of the non migrated old catalog of the Data Protector Internal Database.
Are you sure you want to proceed (y/n)? y
Done.

Module 5
5-17. SLIDE: Report old Catalog

Report old Catalog
Space consumption of remaining old DCBFs and filenames data files is shown as an
alarm once per week in the event log
Report Old Catalog
This slide shows this -once a week generated- space consumption of remaining old DCBFs and
filenames data files report: It is shown as an alarm in the Event log.
omnitrig uses the command omnimigrate.pl -report_old_catalog to generate the weekly report
about the space consumption of the old catalog files. It is shown in the event log as an alarm.
omnimigrate.pl -report_old_catalog [media | sessions | objects]
When the media, sessions or objects option is specified, it will show the respective 'old' items and
their expiration dates individually.
Examples:
omnimigrate.pl -report_old_catalog media
List of media which require old catalog binary files:

Medium ID Label Pool Catalog protected until:
============================================================================
"5e04110a:404f64f6:0540:0001" HP-DLT_51 Default_file 12.3.2013
"5e04110a:40b3630a:0284:0001" HP-DLT_52 Default_file 12.5.2013
"5e04110a:40a4740d:046c:0002" HP-DLT_53 Default_file 7.6.2013
"5e04110a:407fa77b:075c:0001" HP-DLT_54 Default_file 13.8.2013
"5e04110a:41174321:0804:0004" HP-DLT_55 Default_file 22.9.2013

Module 5
omnimigrate.pl -report_old_catalog sessions
List of sessions which require old catalog binary files:

SessionID Status Catalog protected until:
============================================================================
2002/04/24 0022 COMPLETED 12.3.2022
2002/10/13 0002 COMPLETED 12.3.2022
2004/04/08 0019 COMPLETED 13.5.2022
2004/04/09 0031 COMPLETED ERRORS 12.3.2022
2004/04/11-11 COMPLETED 12.3.2012
...
2004/04/12-17 COMPLETED FAILURES 7.3.2022
2004/04/13-26 COMPLETED Permanently
2004/04/15-37 Failed Permanently
2004/04/15-58 Failed 12.3.2022
Total number of sessions: 299
omnimigrate.pl -report_old_catalog objects
List of sessions which require old catalog binary files:

Object Name Object Type Catalog protected until:
============================================================================
hudson.weyland .com:/E /E:' WinFS 12.12.2012
vasquez weyland .com:/E /E:' ' FileSystem 12.12.2012
ripley. weyland .com:/E /E:' ' FileSystem Permanent
...
Hicks. weyland .com:/E /E:' FileSystem 12.12.2012
bishop. weyland .com:/E /E:' WinFS 12.12.2012
Total number of objects: 198

Module 5
5-18. SLIDE: IDB Size and Update Duration
IDB Size & Upgrade Duration

Note that the given
The conversion duration depends on examples may differ
the size and complexity of the existing database in your environment.
on the performance of your hardware.
The new size can be roughly estimated

size of the old DCBF folder * 3.5
Minus the space consumption currently used for the CDB
Time estimates:
Old DCBF size 24MB 48MB 97MB
Upgrade duration (min:sec) 1:51 3:33 6:13
New DCBF size 91MB 181MB 417MB
Hint: 10GB DCBF requires about 1hour
IDB upgrade duration
Critical (Core) part duration

Export + preparation: 46 seconds
Import + post processing: 226 seconds
==========
Total: 272 seconds (4m 32s)
DCBF sizes
After the DCBF’s are upgraded, the size of the DCBF is increased by roughly factor
of 3.5. The duration of the upgrade is determined by the DCBF size:
New DB size
An empty PostgreSQL DB size is about 150MB

Module 5
5-19. SLIDE: Upgrade of a UNIX Cell Manager
Upgrade of a UNIX Cell Manager
Make sure the Cell Manager system fulfills the DP 9.00 Prerequisites
• Physical memory >= 4GB + Shared Memory (>= 2.5GB)
• Availability of ports 7112, 7113, 7116, 9999
• Group and User 'hpdp' created
Existing DP must be up & running

• Do NOT de-install DP before the upgrade
• Run omnisetup.sh from the DP 9.00 LOCAL_INSTALL directory
The CM upgrade process covers the same steps like Windows

• Core migration (part of omnisetup.sh run)
• Catalog migration (optional task)
Core Migration – Upgrade Steps on Unix
Check the Prerequisites

Similar to the upgrade on a Windows Cell manager, also for Linux and HP-UX the prerequisites must
be met. These are the same as for the Installation: Remember to possibly create the user & group
hpdb . There are no specific requirements for this user and group, it just need to exist on the Cell
Manager system.
Check physical memory >= 4GB
Check Shared Memory : >=2.5GB
Check the availability of ports 7112, 7113, 7116, 9999

DP 9.00 per default uses these port numbers for the PostgreSQL IDB services:
HP DP IDB service (hpdp-idb): PGPORT 7112

HP DP IDB connection pooler (hpdp-idb-cp): PGCPORT 7113
HP DP Application Service (hpdp-as): APPSSPORT 7116

Module 5
If one or more of these port numbers are already used for other products, you can change the ports
during installation by creating the file/tmp/omni_tmp/DP.dat before starting the installation.
Enter the appropriate values as follows:
PGPORT= PG port number

PGCPPORT= PGC port number
APPSSPORT= APPS port number
PGOSUSER= hpdp
For more details about the prerequisites, refer to the IDB Installation chapter of this DP 9.00
Update Training. Also look for the latest information in the “HP Data Protector Installation Guide”,
chapter 2 'Installing Data Protector on your network', section 'Installing a UNIX Cell Manager'.
The existing DP must NOT be de-installed before the upgrade. For the export of the existing IDB,
all DP services should be up and running.
Perform the Upgrade

The basic steps of the IDB migration are the same as on a Windows Cell Manager.
Export of the existing IDB data to flat files, deletion of old DP product files, installation of the new
DP 9.00 product files, creation of a new DP IDB using PostgreSQL, import of the IDB from flat files
into the new PostgreSQL IDB.
To perform the upgrade, you should be logged on as the DP Cell Administrator on that system.
Ensure that there are no running sessions before starting the upgrade.Then insert and mount the
DP 9.00 product medium.
Change directory to LOCAL_INSTALL and run the ./omnisetup.sh command from that directory.
The following list is the command line output of an upgrade on a Linux Cell Manager. Note that
many more client and integration packets will be installed if also an Installation Server is present
on the system:
$ cd DP900
$ ll
drwxrwxrwx. 3 root sys 4096 Feb 5 23:08 linux_x86_64
drwxr-xr-x. 2 root sys 4096 Feb 5 22:54 LOCAL_INSTALL
$ cd LOCAL_INSTALL
$
$ ./omnisetup.sh -CM
Data Protector version A.07.00 found
Cell Manager detected...
Client detected, installed components: cc da ma docs
Passed: The user account "hpdp" will be used for the IDB service.
Passed: Port number "7112" will be used for the "hpdp-idb" service.

Module 5
Passed: Port number "7113" will be used for the "hpdp-idb-cp" service.
Passed: Port number "7116" will be used for the "hpdp-as" service.
Passed: The kernel parameter value: SHMMAX = 68719476736.
The minimum required parameter value is "2 684 354 560".
Passed: There are "6166810624" bytes of available system memory.
4 GB of system memory are required.
Passed: Data Protector installation requires 2125824 kilobytes of free
storage space on the "/" filesystem.
The filesystem "/" has 34835268 kilobytes of free space.
Exporting Data Protector IDB

RDS service running.
Exporting HP Data Protector Internal Database.
This may take a few minutes.
Done!
Exporting DONE!
Removing product Data Protector from the system...

HP Data Protector services successfully stopped.
Removing OB2-CS OB2-DA OB2-DOCS OB2-JAVAGUI OB2-MA OB2-CC OB2-CORE
Removing OB2-CS
Removing OB2-DA
Removing OB2-DOCS
Removing OB2-JAVAGUI
Removing OB2-MA
Removing OB2-CC
Removing OB2-CORE
Data Protector software successfully uninstalled
Installing Data Protector X.34.01 Cell Manager...

Installing OB2-CORE packet
Preparing... ####################################### [100%]
NOTE: Data Protector database version A.07.00 found.
1:OB2-CORE ####################################### [100%]
Installing OB2-TS-CORE packet
Preparing... ####################################### [100%]
1:OB2-TS-CORE ####################################### [100%]
Installing OB2-CC packet
Preparing... ####################################### [100%]
1:OB2-CC ####################################### [100%]
Installing OB2-TS-CS packet
Preparing... ####################################### [100%]
1:OB2-TS-CS ####################################### [100%]
Installing OB2-TS-JRE packet
Preparing... ####################################### [100%]
1:OB2-TS-JRE ####################################### [100%]
Installing OB2-TS-AS packet
Preparing... ####################################### [100%]
1:OB2-TS-AS ####################################### [100%]
Installing OB2-WS packet
Preparing... ####################################### [100%]
1:OB2-WS ####################################### [100%]
Installing OB2-JCE-DISPATCHER packet
Preparing... ####################################### [100%]
1:OB2-JCE-DISPATCHER ####################################### [100%]
Installing OB2-JCE-SERVICEREGISTRY packet
Preparing... ####################################### [100%]
1:OB2-JCE-SERVICEREGISTRY####################################### [100%]
Installing OB2-CS packet
Preparing... ####################################### [100%]

Module 5
1:OB2-CS ####################################### [100%]

NOTE: Data Protector database version A.07.00 found.
DONE!
CRS started successfully.

NOTE: Checking licences.
Installing OB2-DA packet
Preparing... ####################################### [100%]
1:OB2-DA ####################################### [100%]
Installing OB2-MA packet
Preparing... ####################################### [100%]
1:OB2-MA ####################################### [100%]
Installing OB2-DOCS packet
Preparing... ####################################### [100%]
1:OB2-DOCS ####################################### [100%]
HP Data Protector services successfully stopped.
HP Data Protector services successfully started.
Installation/upgrade session finished.
$

Module 5
5-20. SLIDE: Upgrade of a MoM Environment
Upgrade of a MoM Environment
Upgrade MoM Important:

•No changes to older DP releases The DP 9.00 GUI cannot
be used for DP 8.x and
vice versa!
Sequence:
1. Upgrade MoM Manager
2. Upgrade all other Cell Manager(s)
3. Upgrade clients
Important:
During the upgrade (core migration) in a MoM environment, none of the
Cell Managers in the MoM environment is operational.
Upgrade of a MoM Environment
To upgrade your MoM environment to Data Protector 9.00, you need to upgrade the MoM Manager
system first. During the upgrade in a MoM environment, none of the Cell Managers in the MoM
environment should be operational.
After this is done, all Cell Managers of the previous versions, which have not been upgraded yet, are
able to access the Central MMDB and central licensing, perform backups, but other MoM
functionality is not available.
It is recommended to upgrade all CM within a MoM environment A.S.A.P.
Note that device sharing between the Data Protector 9.00 MoM cell and the cells with earlier
versions of the product installed is not supported.

Module 6 – Licensing and Product Structure
Objectives
• Understand the Data Protector licensing model
• Understand the Product structure of Data Protector
• Run the license and reporting tool
Contents
Module 6 – Licensing and Product Structure 1
6–3. SLIDE: Data Protector licensing................................................................................................ 2
6–4. SLIDE: Data Protector licensing schemes ................................................................................ 4
6–5. SLIDE: Data Protector product structure – traditional ............................................................ 6
6–6. SLIDE: New Capacity based license method ............................................................................ 9
6–7. SLIDE: License key validity ..................................................................................................... 11
6–8. SLIDE: License reporting and checking .................................................................................. 12
6–9. SLIDE: License reporting tool ................................................................................................. 13
6-10. SLIDE: General hints ............................................................................................................... 14
Module 6
Licensing
6–3. SLIDE: Data Protector licensing
Data Protector licensing

Entitlement Order
Instant-On
License
Number (EON)
Password types Permanent -60 Days- required to request a
License
• Instant-On permanent password
• Permanent Emergency
• Emergency License
-14 Days-
Obtaining permanent passwords

• Password Delivery Center
http://www.webware.hp.com
• My Updates – Software Update Portal
http://www.hp.com/software/updates
Install Licenses using

• DP GUI (Under Clients select Add License..)
• DP CLI (omnicc – install_license)
• Editing license file lic.dat
Data Protector licensing
Data Protector requires a valid license to operate. Licenses are checked and if there are missing
licenses found the operation will not be started.
After a fresh Data Protector installation, you can start using it for 60 days because of a built in
instant-on password. This 60-day period is granted for the customer to request and install
permanent passwords. The Data Protector products are shipped with Entitlement Order number
(EON) that entitle the customer to obtain permanent passwords.
Emergency passwords are available in case the currently installed passwords do not match the
current system configuration due to an emergency (e.g. a loss of the Cell Manager and subsequent
recovery using a new system). Active emergency passwords can be requested from HP Support and
will activate all Data Protector features on any system for two weeks.
To obtain the appropriate country support phone number to contact for emergency license
requests, please visit http://support.openview.hp.com/contact_list.jsp

Module 6
Licensing
Obtaining permanent passwords:

Order permanent passwords online from Password Delivery Center site at
http://www.webware.hp.com
In addition it is possible to request the password from the Software Update Portal:
http://www.hp.com/software/updates
For activation the Data Protector passwords need to be installed either:
• Using the DP GUI

Clients  Right-click Data Protector Cell  Select Add License
• Using the DP CLI:

omnicc -install_license <password>
• Edit the lic.dat file directly, located under:

Windows: DP_CONFIG\cell\lic.dat
Unix: DP_CONFIG/cell/lic.dat
Run omnicc without any option to force a reload of the lic.dat file
Note: Run omnicc –password_info to check your cell for active licenses

Module 6
Licensing
6–4. SLIDE: Data Protector licensing schemes
Data Protector licensing schemes
Traditional licensing
• based on required features and backup targets
• three main categories:
- Cell Manager Starter Packs
- Backup Targets such as drive extensions, Advanced Backup to disk and
ZDB licenses
- Functional Extensions such as Online Backup licenses for Integrations,
MOM licenses, Encryption, NDMP or GRE licenses
• OS depended licenses (UNIX licenses work on all platform, while Windows
licenses work only on Windows and Linux)
Capacity based licensing

• only volume of primary data protected by Data Protector is licensed by a capacity based (TB
based) license (measured as the largest full backup of that system)
• allows unlimited use of all Data Protector licensed product features (Cell Manager, MOM, ZDB, ..)
• only exception is AES Software Encryption that requires separate licensing
• Licensing is perpetual that covers all existing and new systems, arrays and applications
Data Protector licensing schemes
Data Protector supports two different licensing approaches:

• Traditional licensing
• Capacity based licensing
Traditional based licensing

This licensing was used in previous versions of Data Protector and can still be used in the most
current version. It is the based on required features and backup targets, which needs to be licensed
separately. There are three main categories:
• Cell Manager Starter Packs
• Backup Target licenses such as drive extensions, Advanced Backup to disk licenses and
ZDB/IR licenses
• Functional Extensions such as Online Backup licenses for Database and Application
Integrations, MoM licenses, Encryption licenses, NDMP or GRE licenses
Traditional based licenses are OS depended licenses. All UNIX based licenses work on all platform,
while Windows licenses work only on Windows and Linux)

Module 6
Licensing
Capacity based licensing

Newly introduced in Data Protector 7.01 Capacity based licensing provides an alternate approach
for licensing. Only the volume of primary data protected by Data Protector is licensed by the
capacity based (TB based) license. It is measured as the largest full backup of a client system. This
licensing method allows unlimited use of all Data Protector licensed product features, like Cell
Manager or MOM licenses, ZDB/IR licenses or licenses for Database and Application Integrations
Online Backup, Granular Recovery Extensions and so on.
Note: The only exception is the AES Software Encryption license that requires a separate
license.
Capacity based licensing is perpetual that covers all existing and new systems, arrays and
applications. It is based on a customer contract and includes all license purchases, even if they are
used in different cells and customer sites.
Important: It is not possible to mix both licensing methods and not possible to migrate from
one method to the other method.

Module 6
Licensing
6–5. SLIDE: Data Protector product structure – traditional
Data Protector product structure - traditional

Single Server Edition All platforms Windows HP-UX
LTU only / Migration to Starter Pack B7030BAE/B7031AAE B7020BAE/B7021AAE
DVD Set/Download TD586DAE
1. Starter Packs (required) All platforms Windows Linux HP-UX
LTU only 1x Cell B6961BAE B6961CAE B6951BAE
DVD Set/Download TD586DAE
Drive and library extensions All platforms Windows, NetWare, Linux SAN, UNIX, NAS
Drive LTU 1x drive B6963AAE B6953AAE
Library LTU 1x 61-250/unlimited slots B6957BAE/B6958BAE
1x upgrade to unlimited slots B6958CAE
2. Manager of Managers Windows & Linux UNIX
Manager of Mgrs. LTU 1x system B6966AAE B6956AAE
3. Backup to Disk All platforms
Adv. Backup to Disk LTU 1x TB/10x TB/100x TB B7038AAE/BAE/CAE
4. Application Protection All platforms Windows Linux UNIX
1x system B6965BAE B6955BAE
Zero Downtime BU LTU 1x TB /10x TB TD590AAE/ TD591AAE TD588AAE/ TD589AAE B7025CAE/B7025DAE
Instant Recovery LTU 1x TB /10x TB TD594AAE/ TD595AAE TD592AAE/ TD593AAE B7028AAE/B7028DAE
Granular Recovery Ext. 1x system TB737AAE

Encryption LTU 1x 1-server/1x10-servers BB618AAE/BB618BAE
NDMP LTU 1x TB / 10x TB /100x TB B7022BAE/B7022DAE/TD186AAE
Note: For a physical version (DVD or printed license certificate) always remove the “E” at the end
Data Protector product structure – traditional
This slide provides an overview about the Data Protector Product structure in case traditional
licensing is used. It lists the available Data Protector licenses with product numbers for the
different Data Protector functionalities.
This product structure table is divided in different sections, to ease or the ordering information for
a Data Protector solution. LTU stands for License–to-use.
It is recommended to go through the three categories:
• Starter Pack,
• Drive & Library extension
• Functional Extension
in the following way:
1. Select a Starter Pack. The appropriate product number depends on the operating system of
your Cell Manager system.
2. Determine the number of configured Backup drives together with and in the customers’
environment and the tape libraries involved.

Module 6
Licensing
3. Identify what other functionality is needed in which environment. The recommended

functionality can range from on-line database backup to instant recovery.
The required minimum is a Starter Pack license, which includes a DP Cell Manager license and one
Drive license.
Below you can find a brief description of a selection of Data Protector licenses.
It’s recommended to check always the latest version of the Data Protector QuickSpecs under:
http://www.hp.com/go/dataprotector
Select Resources  QuickSpecs  Select your area to access the latest version.
Starter Pack (required):

The Starter Pack license is the foundation of a Data Protector backup environment and is required
in all installations. It includes the license-to-use (LTU) for:
• one management server (cell manager) on the specified platform
• unlimited number of backup clients (Disk Agents) on any platform
• one drive license B6951xx contains 1xB6953AA, and
B6961xx contains 1xB6963AA
• libraries up to 60 slots
• System Disaster Recovery options
• sophisticated reporting (in Data Protector GUI and via the web)
• service-centric management through integrations into HP software.
All UNIX Starter Packs can also be used as a substitute for a Windows or Linux Starter Pack.
Drive and Library Extensions

Backup Drive
A drive can be a tape drive, a file device, or Magneto Optical drive.
You need as many licenses as there are drives in use at any point in time. This is typically the total
number of configured drives to allow all drives to be used simultaneously.
Backup Drive for SAN, UNIX, NAS:
Includes the license-to-use (LTU) for one drive, directly attached to a UNIX, OpenVMS
system, a NAS device or used in a SAN
Backup Drive for Windows, NetWare, Linux:
Includes the license-to-use (LTU) for one drive directly attached to a Windows, NetWare, or
Linux (Intel/AMD) system.
Library extension
Includes the license-to-use (LTU) for managing tape libraries with the number of physically
available slots within one Data Protector Cell. Required once per library.
Functional Extensions
On-line extension
Includes the license-to-use (LTU) to perform on-line backup of databases and applications running
on the specified platform. Required per server, it does not matter how many databases are running
on the system. Even if databases of different types are running on the same system, only one
license is required.
Available for UNIX and Windows

Module 6
Licensing
On-line extensions are also needed for

• backing up Virtual Environments (VMware and Hyper-V)
• backing up Microsoft SharePoint Environments
•
Granular Recovery Extension
Includes the license to restore single items from a backup done on a single server with a Data
Protector Online Backup extension (in this case the DP Online Backup LTU is required). GRE is
needed for:
• Granular Recovery Extension Licensing for Microsoft SharePoint
• Granular Recovery Extension Licensing for VMware
• Granular Recovery Extension Licensing for Exchange
Note: Installed GRE licenses are handled like pool licenses and locked for a particular Database or
Application server for 1year after performing the first Granular Recovery on that server.
After expiration the lock is removed and license can be used by other servers.
More details are shown via: omnicc -gre_license_info
Encryption extension
Includes the license-to-use (LTU) and media to encrypt all backup data of one HP Data Protector
client server or workstation with the HP Data Protector AES 256 bit encryption software. Required
once for each HP Data Protector client (Agent / Application Agent) with encryption configured. DP
using drive based encryption doesn’t need a license.
Manager-of-Managers extension
Includes the license-to-use (LTU) for each Data Protector management server (CM), running on the
specified platform, to be part of a Manager-of-Managers environment
Advanced Backup to Disk extension

Includes the license-to-use (LTU) for 1 TB of backup disk storage. Required once per terabyte (TB)
usable native capacity of backup disk storage.
- The "Advanced Backup to Disk" license is required to backup to a Data Protector file library and to
a Data Protector StoreOnce library, and can be used instead of drive licenses to backup to a Virtual
Tape Library.
- Usable native capacity of a HP Data Protector file library is the available size on disk for the file
library, as reported by the file system.
Zero Downtime Backup (ZDB) extension

Includes the license-to-use (LTU) for one terabyte (TB) of "used primary disk space capacity" of
UNIX, Linux, or Windows based backup, utilizing the snapshot capabilities of any disk array
supported by Data Protector
Instant Recovery extension

Includes the license-to-use (LTU) for one terabyte (TB) of "used primary disk space capacity" of
UNIX, Linux, or Windows based backup utilizing the snapshot capabilities of any disk array
supported by Data Protector.
Direct Backup using NDMP

Used disk space capacity is the total capacity of all volumes of the file server being backed up via
NDMP.

Module 6
Licensing
6–6. SLIDE: New Capacity based license method
Data Protector product structure – capacity based
Capacity Based Licenses All platforms SKU

(all functionalities except AES SW Encryption)
Backing up 1-9 TB TF521AA(E)

Backing up 10 - 49TB TF542AA/E
Backing up 50 - 99TB LTU TF543AA/E
Backing up 500 -1000TB LTU TF561AA/E
Backing up more than 1000TB TF582AA/E
Separate licensed:
AES SW Encryption License 1x 1-server/1x10-servers BB618AAE/BB618BAE
New Capacity based license method
Capacity based Licensing includes the Cell Managers, MoM, Drives, Library Slot Extensions, Online
Backup, GRE, ZDB/IR, Advanced Backup to Disk and NDMP licenses. In other words, the Capacity
based Licensing includes almost all current licenses available. But be aware, that future DP
functionality may still require separate licenses. (It may not fall under the capacity licensing.)
At the moment the Software Encryption is the only exception to the global replacement, so this
license needs to be ordered separately.
Capacity License Concept

The Capacity License allows all actual DP functionality.
The license is per TB of "used space protected by backup"; this is the amount of TB of backup
without considering features like: Frequency of backups (e.g. of the incremental backups), backup
retention period, DP de-duplication, compression, replication at disk arrays, virtual machine (only
the TBs that virtual clients are using count), database availability group, multiple names of the
same object, backup logs or transition logs, over allocation, etc.
Just the simple capacity size needs to be considered by the administrator.
The calculation of the “full backup” capacity uses the following rules:
• For a full & incremental backup concept, only full are considered
• For an incremental forever, a “synthetic” full is taken as base

Module 6
Licensing
Granularity of 1TB
The License is available per TB of “full backup” capacity. If the customer wants to protect 5 TB, he
needs 5 licenses of one TB (TF521AA/E)
The capacity purchase tier is based on the number of TBs of capacity licenses that the customer
owns (ordered for the same customer contract ID) plus the capacity the customer wants to order.
See the purchase examples below.
Currently there is no migration from the traditional to the new license model available.
Officially announced Dec 1st 2012, Capacity based licensing requires DP 7.01 (DP 7.00 + patch
bundle BDL701) or a higher version of Data Protector.
The different licensing models cannot be mixed within a Cell or in a MoM environment.
Why support must be purchased (additional charge)

In case of additional orders, all previous purchases of a customer will be considered when
determining the tier price for a new purchase. For that, a proof of purchase or support contract is
required.
Capacity Calculations:
• Example 1: If a customer has 200 TB of data to protect and backs up all 200 TB to a de-
duplication store that only uses 20 TB, he would still need 200 one TB capacity licenses.
• Example 2: If a customer has 100 TB of data but only protects 10 TB of this data, he would
only need 10 one TB capacity licenses.
• Example 3: If a customer backs up the same 10 TB multiple times, only 10 TB capacity

licenses are needed.
Purchase Examples:
• Example 1: One group in a company purchases 5 TB of DP capacity licenses. Later, another

group at a different location of the same company purchases 8 more TB of DP capacity
licenses.
The first purchase would be 5 one TB licenses at the 1 to 9 TB tier: TF521AAE
The second purchase would be all 8 one TB licenses at the 10 to 49 TB tier: TF542AAE
• Example 2: A customer makes three DP capacity license purchases over the course of
multiple years.
4 TB in year 1, 20 TB in year 2 and 40 TB in year 3
Year 1 = 4 x TF521AAE (01 to 09 TB tier)

Module 6
Licensing
6–7. SLIDE: License key validity
License key validity
Note: Upgrading from DP 8.1X to DP 9.0X does not require new license keys.
License key validity
The Data Protector licensing is using the Cell Manager IP as a base for the license key creation.
Up to Data Protector 7.X the Cell Manager need to have a static IPv4 IP address configured to use
the build-in OVkey3 mechanism for licenses keys management. The Cell Manager system might
have IPv4 and IPv6 based IP addresses configured, but only IPv4 addresses can be used for
licensing. A pure IPv6 based Cell Manager was not supported up to version 7.X
In Data Protector 8.0X it is now possible to create license keys for IPv6 based Cell manager IP
addresses. A newer OVkey version, OVkey4, is used to support IPv4 and IPv6 based Cell Manager
IPs for license key creation. In addition it is possible to use existing OVkey3 licenses from older DP
versions together with newer OVkey4 licenses, so no license migration was required.
Data Protector 8.1X/9.0X and higher supports only OVKey4 licenses. The Cell Manager IP can be
still of any format, so IPv4 and IPv6 based Cell Manager IP addresses can be used for license key
creation. New in Data Protector 8.1X is the need for a license migration, if an upgrade from an older
Data Protector version is performed. None of the older Data Protector licenses can be used in this
version, regardless if existing license keys are OVkey3 or OVkey4 based. So even an upgrade from
Data Protector 8.0X to 8.1X requires this license migration. During the Data Protector upgrade to
version 8.1X a new Instant-On license for 60 days is created to prevent license issues.
Note: Upgrading from DP 8.1X to DP 9.0X does not require new license keys.

Module 6
Licensing
6–8. SLIDE: License reporting and checking
License reporting and checking
Licenses are checked & if missing, reported during various DP operations:

• As a part of the Data Protector checking & maintenance mechanism
• Starting the Data Protector User Interface
• Starting a Data Protector session
Licenses are checked with regard to their characteristics:

Cell Manager related licenses
• Starter packs
• MoM Extension
• Single Server Edition
Entity based licenses
• Drive and library slot extensions
• Online Backup for one specified platform
• Data Protector encryption extension for one client system
• Granular Recovery extension for one database server
Capacity based licenses
• ZDB/IR for different platforms for 1 TB and 10 TB
• Direct Backup using NDMP for 1 TB and 10 TB
• Advanced backup to disk for 1 TB, 10 TB, and 100 TB
License reporting and checking
Data Protector passwords and therewith licenses are checked and if missing, reported during
various Data Protector operations, for example:
• As a part of the Data Protector checking and maintenance mechanism, the licenses are
checked and, if missing, reported in the Data Protector Event Log.
• When the Data Protector User Interface is started, if there are any missing licenses
reported in the Data Protector Event Log, an Event Log notification is displayed.
• When a Data Protector session is started, the licenses are checked and, if missing, reported.
Data Protector licenses are checked with regard to their characteristics as:
Cell Manager related licenses – like Starter packs, Manager-of-Managers Extension and Single
Server Edition. When a certain DP component, such as the Cell Manager (included in the Starter
Pack) or the MoM is present in the DP Cell, only the presence of the required basic or special license
is checked. Licenses are installed on the Cell Manager and are specific to its IP address.
Entity based licenses – like Drive extensions for certain platforms and library extensions for an
amount of slots are checked at session start time. The session will not start if licenses are not
covered.
Capacity based licenses – like ZDB/IR licenses are also checked at session start and will prevent
backup or Instant Recovery session from start if license is not covered.

Module 6
Licensing
6–9. SLIDE: License reporting tool
License Reporting Tool
License report on demand

• Command to produce report:
omnicc -check_licenses [-detail]
• Determines whether DP licensing
is covered or not, cell-wide
• Insufficient licenses are reported as warnings to Event Log
• Option -detail reports license name, licenses installed, used, & additional licenses required
Capacity based license reporting is implemented:

• licenses are reported in number of terabytes, NOT in number of licenses
• the required capacity-based licenses are:
- determined by approximating the number of terabytes used to the nearest multiple of terabytes
- 1.5 Terabytes used = 2 Terabyte licenses needed
• If number of terabytes used exceeds the number of terabytes license capacity installed,
a warning will be issued
License reporting tool
The license reporting tool traditionally referred to as license checker, reports if the correct
product licenses are in place. It will not report anything if there are adequate licenses present. On
the other hand, it will issue warnings through the Event Log if there are not sufficient licenses. The
license checker is not a license enforcement tool, just a reporting tool.
License reporting is implemented through the omnicc command with the option check_licenses. It
can be used to report license status on demand. To produce a report about licensing related
information from the cell, run:
CLI: omnicc -check_licenses [-detail]
With the –detail option, for every license in the cell is returned license name, licenses installed,
licenses used, and additional licenses (capacity) required (plus possibly drive info in case of Drive
Ext. LTUs).
For more information on used capacity calculation, please refer to the

HP Data Protector Installation and Licensing Guide

Module 6
Licensing
6-10. SLIDE: General hints
General hints
License Passwords are

The Instant-on License All licenses are enforced,
bound to the IP address of
must be replaced with the beside Restore and
the Cell Manager and are
Permanent License within Disaster recovery
valid for the entire Data
60 days after installation operations
Protector cell
All UNIX LTU can be used Manager of Managers

for Microsoft Windows Disk Agents installation is (MOM) offers centralized
and Linux, but not vice always free of charge licensing for Client
versa Data Protector Cells
General hints
All UNIX Licenses-To-Use (LTU) can be used for Microsoft Windows and Linux systems if applicable.
Or in other words: The UNIX product licenses operate on all platforms, providing the functionality
regardless of the platform, while the Windows product licenses operate on the Windows and Linux
platforms only.
The Manager of Manager allows you to configure centralized licensing for the whole environment.
Then all licenses are generated for the IP address of the single MoM server system, installed and
kept on there. (In case of converting an existing environment from separate cells to centralized
licensing a complete “License Move” must be performed.) The instant-on evaluation license does
not permit MoM license configuration.
The Instant-on License must be replaced with the Permanent License within 60 days after
installation. Data Protector leverages the product numbers of previous Data Protector versions.
Existing Data Protector licenses remain valid after the migration until DP8.0X In DP8.1X a license
migration needs to be performed.
License Passwords are bound to the IP address of the Cell Manager (CM) and are valid for the
entire Data Protector cell. (If you change the IP address of the CM, you need to transfer the license.)
DP Clients do not require any license for file system or disk image backups

Module 6
Licensing
License Enforcement: Backup drive licenses are required for all operations, including restores. To
ease the restore in case of a full disaster recovery, all restore operations can run without any
license installed. Please notice that during a Data Protector Object Copy session a restore agent is
used to read the data and forward it to the copy agent. This Data Protector Object copy internal
restore requires a license for the used reading devices (as well as for the target devices), so only
during a pure restore session licensing is not enforced.
Using the “Automating Disaster Recovery module” does not require any license.
Disk Agents are always for free.

Installing a Disk Agent onto a Data Protector client is free of charge.

Module 7 — Backup Devices
Objectives: Upon completion of this module, you will be able to
• Describe configurable backup devices in Data Protector
• Describe the concepts of Logical Devices in HP Data Protector
• Configure Tape and Disk based Backup devices
• Use Data Protector commands to check devices
Contents
Module 7 — Backup Devices 1
7–3. SLIDE: DP Device types ............................................................................................................. 2
7–4. SLIDE: The logical device .......................................................................................................... 5
7–5. SLIDE: Physical to logical device mapping ............................................................................... 6
7–6. SLIDE: Data Protector tape format .......................................................................................... 7
7–7. SLIDE: Tape based Storage Devices ......................................................................................... 9
7–8. SLIDE: HP Tape drive portfolio ............................................................................................... 10
7–9. SLIDE: Tape drive performance considerations ..................................................................... 11
7-10. SLIDE: Tape library terminology ............................................................................................ 13
7-11. SLIDE: SAN connected SCSI Library – example configuration ............................................... 15
7-12. SLIDE: Multiple devices........................................................................................................... 16
7-13. SLIDE: Multipath devices ........................................................................................................ 18
7-14. SLIDE: SCSI library – Autoconfiguration ................................................................................. 20
7-15. SLIDE: SCSI Library – Properties 1/4 ...................................................................................... 22
7-19. SLIDE: SCSI Library – Drive Properties 1/4 ............................................................................. 28
7-23. SLIDE: Device preparation on Windows ................................................................................. 35
7-24. SLIDE: Automatically discover changed SCSI address ........................................................... 38
7-25. SLIDE: Disk based Backup Devices ......................................................................................... 40
7-26. SLIDE: Virtual Tape Library - Overview .................................................................................. 41
7-27. SLIDE: Configure a VTL in Data Protector .............................................................................. 43
7-28. SLIDE: Backup to Disk device (B2D) - Overview ..................................................................... 44
7-29. SLIDE: File Library - Overview ................................................................................................ 45
7-30. SLIDE: File Library – Configuration 1/3 .................................................................................. 49
7-31. SLIDE: File Library – Configuration 2/3 .................................................................................. 50
7-32 SLIDE: File Library – Configuration 3/3 .................................................................................. 52
7-33. SLIDE: Disk Staging................................................................................................................. 53
7-34. SLIDE: Device tools: Devbra, uma .......................................................................................... 55
7-35. SLIDE: Device tools cont.: SANConf, LTT ................................................................................ 58
Module 7
Backup Devices
7–3. SLIDE: DP Device types
Physical Devices in Data Protector
Data Protector Physical

device type medium
Standalone Disk Tape
Backup To Disk Disk
Stacker Tape
SCSI Library Disk Tape
Jukebox Disk MO
1) Right click on File Library Disk
devices opens the
External control Tape
device configuration
wizard GRAU DAS Library Tape
StorageTek ACS Library Tape
2) Choose a
device from the Disk based appliances (Virtual Tape
device types list
libraries) are emulating tape libraries
MO… Magneto Optical Disk

Jukebox can be use MOs or disks
DP Device types
Tapes or disks, what should I use for backup? This is a valid question.
The answer is: “It depends on . . .”
Years ago; the magnetic tape was the only medium which was used to store data for backup. Until
mid of the eighties of the last century a tape stored 135MB of data, compared with disks available
at this time 6 times more and 8 times cheaper. Today a tape and disk have roughly the same
capacity and are available for the same money.
Both media technologies have advantages and disadvantages. If we compare access time, power
consumption, reliability, read/write speed, IOs/s, RAID, vaulting and others, it becomes more
complex to choose the right backup media. Data Protector supports all important devices sold by
HP and other vendors. The DP Device Support Matrix lists tape based devices from HP, IBM,
Quantum, Sony, Exabyte, Tandberg, ADIC and others.
This module shows you what kind tape-based devices or disks-based devices can be configured by
Data Protector.
7- 2 Data Protector Essentials

Module 7
Backup Devices
Standalone
A standalone device can be a tape, file or null device.
Tape:
A standalone tape device is a simple device with one drive that reads from or writes to one medium
at a time, examples of a standalone device are:
These devices are normally connected to one system and are used for small-scale backups. There
is no robotic, there are no repository slots. As soon as the medium is full, an operator must
manually replace it with a new medium for the backup to proceed.
Disk:
The standalone file device is the simplest disk-based device. It is a file in a specified directory to
which data is backed up instead of writing to a tape. This device saves data in the form of files. The
file can be located on a local or external hard drive (as long as Data Protector knows its path). The
path is specified when configuring the file device.
Null:
The null device is an operating system specific special file (/dev/null on UNIX, NUL on Windows) that
can be configured in Data Protector as a File device to help test backup performance. The null
device discards all data written to it, but reports all successful writes. Therefore, the null device is a
useful test tool that can be used to gauge the performance of the backup up until the point where it
is written to a real device.
B2D Device
Backup-To-Disk device is a relatively new device. It consists of two parts, the ‘gateway’ and the
‘Store’. It can be based on a physical box, the HP StoreOnce appliance or it can be completely
configured on a DP client similar to a file library. The main feature is the very efficient de-
duplication engine, either running on the HP StoreOnce or on the DP client appliance. The B2D
device, de-duplication and the different ways to configure it, is described in the module “De-
duplication” in detail.
Stacker
A stacker is a single device that usually has only one drive. It loads media in a sequential order. A
stacker takes a medium from a "stack" (its repository) and inserts the medium into its drive. This
exchange is always limited to ejecting the medium already in the drive and inserting the next
medium from the stack. The load is done automatically, except the first medium has to be loaded
manually. When a tape is full, it is ejected and the next tape is loaded automatically. When all the
tapes are used in a stacker magazine, the magazine has to be dismounted manually and the next
one has to be inserted. Again the first tape has to be loaded manually into the drive.

Module 7
Backup Devices
SCSI Library
SCSI library devices are large backup devices. This can be an ‘Autoloader’ with ~40 cartridges and 2
or 4 drives or a ‘Tape library’ with several hundred media. A robotic loads and unloads the 40
drives.
A typical library device has a SCSI ID (Windows) or a device file (UNIX) for each drive in the device
and one for the library's robotic mechanism. For example, a library with four drives has five SCSI
IDs, four for the drives and one for the robotic mechanism). Many library devices use media with
barcodes which Data Protector can use for media labeling, quick scanning of a library’s repository
and identify cleaning media.
Jukebox
The jukebox is a library device which was created for magneto optical jukeboxes e.g. HP
StorageWorks 2200mx. It is manly used for archiving data. The optical jukebox device is configured
as a set of disks representing each side of the optical platters in the jukebox.
If the device is used to contain file media it is known as a 'file jukebox device'. It contains slots
whose size is defined by the user during the initial device configuration. If used to contain file media
the device writes to disk instead of tape. The file jukebox device saves data in the form of files;
each of these files is the equivalent of a slot in a tape device.
For further information on the file Jukebox device see Jukebox (File) on page Error! Bookmark not
defined..
File Library
A file library device is a device which resides in a directory on an internal or external hard disk drive
and consists of a set of directories. When a backup is made to the device, files are automatically
created in these directories. The files contained in the file library directories are called file depots.
The file library device can be located on a local hard drive or on a network share, as long as Data
Protector knows its path. The directory path is defined when configuring the file library device.
The File Library can be used for disk staging what is explained later in this module.
External Control
External control is a means to control libraries not known to Data Protector. If Data Protector does
not support a particular device, a user can write a script/program that will run the robotic control to
load a medium from a particular slot into the specified drive.
ADIC/GRAU DAS Library

An ADIC/GRAU DAS library is a very large library (silo). It is used in environments where the amount
of backed up data is exceptionally large and so is the amount of media needed to store the data.
ACSLS Library
Using Oracle StorageTek Automated Cartridge System Library Software (ACSLS) it is possible to
manage several libraries from one single point. The software is used to manage large library silos
like the Oracle StorageTek Powderhorn model.

Module 7
Backup Devices
7–4. SLIDE: The logical device
The logical device

• A logical representation of a physical device
• Each physical device must be configured as at least one logical device
• Contains physical and logical properties
• Definition stored in MMDB
• Used when accessing a device (scan, initialise, format, backup, etc.)
Logical Device Definition

Logical Properties:
Device Name, Device Type, Device Options
Physcial Properties:
Device File, SCSI Path, Serial ID, Control Host, Data
Host, Repository Slots, Mail Slot, Cleaning Slot
MMDB
Usage: Scan, Initialise,

Format, Backup, Restore,
Copy, Scan, Verfiy.
The logical device
Data Protector does not reference physical devices; instead Data Protector uses a logical
representation of the physical device known as a logical device. This logical representation allows
for easier, flexible configuration and easier management of devices.
In order to use a physical device with Data Protector a logical device must be configured. Therefore,
for each physical device to be used by Data Protector, at least one logical device must be
configured against it.
The logical device is made up of physical properties (taken from the physical device; such as the
device path, SCSI ID, Serial ID) and logical properties (automatically set by Data Protector or
manually configured; such as device name, device type, device options). The logical device
definition is stored in the Data Protector Media Management Database (MMDB).
Logical devices are used for operations involving access to devices (such as scanning media, media
initialization, formatting media, backup and restore).

Module 7
Backup Devices
7–5. SLIDE: Physical to logical device mapping
Physical to logical device mapping

The logical device provides flexibility when configuring physical devices.
One physical device must be configured as at least one logical device;
can be configured as many logical devices.
many-to-one:
drive 1
drive 2
drive 3
many-to-many:
HP LTO 6
library 1
drive 1
drive 2
one-to-one:
library 2 library 1
drive 3 drive 1
drive 4 drive 2
one-to-many:
library 1
HP ESL E-Series HP MSL 4048 drive 1
drive 2
Physical to logical device mapping
As Data Protector uses logical representations of the physical device, known as a logical device, it
provides flexibility as to how devices can be configured. The physical device must be configured
and mapped to at least one logical device however, it can be configured as many logical devices.
There are numerous ways in which a device can be configured in Data Protector. With a logical
device it is possible to:
• Configure SAN based device as one logical device to use multiple paths (one-to-one)
• Configure a single physical device as multiple logical devices, with each logical device
having a different name and set of properties (one-to-many)
• Configure a physical device to have many device files, with a separate logical device
configured for each device file (one-to-many)
• Configure many single physical devices into one single logical device, known as a device
chain (many-to-one)
• Configure a single physical library into multiple logical devices, with each logical device
configured with a subset of the physical library’s available drives and slots. This is known
as library partitioning (many-to-many)

Module 7
Backup Devices
7–6. SLIDE: Data Protector tape format
HP Data Protector tape format
Tape Image
Header Data Segment
2000 MB
(default)
EOD
End of
Segment Data
Data Block Size: Fast Catalog Fast

Blocks 8K -1024K Search Information Search
Mark Mark
Block Size and Data Segment Tuning via: Tuning via omnirc: OMNIMAXCATALOG
DP GUI - Device Settings – Advanced - Sizes (default =12 MB, 60MB=max)
Data Protector tape format
The Data Protector tape format supports the following features:

• Fast Tape Positioning
• Variable Block Sizes
• Data Multiplexing
• Appendable Backups
• Media Label/Medium ID
• Catalog Information
• Verification of Tape Contents
Tape Sections
The Data Protector tape is comprised of the following sections:

• Tape Header — Data Protector writes a 10k header that contains the Data Protector Medium
ID, a unique identifier, and the Media Label/Description, given by the user.
• Segments — Data to be backed up is written to a segment. The size of the segment can be
configured in the Logical Device configuration window as advanced option. If device
concurrency is used, the data within one segment will be from more than one disk agent. Larger
tape segments can improve the performance of the backup in many cases.

Module 7
Backup Devices
•
• Dynamic Segment Size --- Segment size is not fixed, but rather variable. The segment size
parameter is used to specify the maximum size of the segment on tape. The segment size used
is determined by the segment size parameter, or a system specific parameter named
OMNIMAXCATALOG_<device_name>. By specifying a catalog size per device on a particular
system, you can limit how large the catalog segment will be on the tape. The default segment
size is 12 MB, and can range from 1 to 60 MB. Data Protector may adjust the size of the
segment if the catalog reaches the defined limit. The catalog size takes precedence over the
specified segment size. The parameter to define the catalog limit must be in the omnirc file on
the system where the device is connected.
• Data Blocks ---- Data stored within the segments are written in blocks. The block size for all
Data Protector devices is 256 KB by default. This default is now used for both Unix as well as
Windows devices. You should set the block size to equal values if you want to exchange tapes
between different devices. In many cases, when backing up a large data set, a larger block size
may improve performance.
• Catalog Information — Catalog information is stored after each segment is written and
records what data (file names, etc. ...) was backed up in that segment. When the data is written
to tape, the catalog information is kept in memory and then written to the tape at the end of
each segment. The larger the segment, the more memory is required to keep the backup
information. The catalog information is also stored within the Data Protector database. This
information is later used during the restore process. Catalog information may be read from the
tape into the database by performing a media import. (Media Import is covered in the next
module). The size of the catalog per segment by default is 12 MB, but can range from 1 to 60
MB.
• Block Size — You can change the block size for a device for better performance or
compatibility, be mindful of the following when doing so:
• Each Logical Device has a default block size that can be customized
• The default block size is set based upon the type of device
• Data Protector adjusts the block size automatically during the restore
• Data Protector backup cannot append to a tape originally written with a different block
size than the one for the current device
• Some versions of Omniback (pre- Data Protector) do not support the same block size
features as the current release. Consult with your device/interface documentation to
verify support for larger block sizes.
.

Module 7
Backup Devices
7–7. SLIDE: Tape based Storage Devices
Tape based Backup Devices

• Scalability: From Standalone drive to Enterprise Tape Libraries
Easy drive extension, possible to mix drive technologies within a library
• Economic: 2.5 cents / GB and 90% lower TCO than disk
Low cost and extreme energy efficiency for archival
• Reliable: 30-year shelf life
HP Tape Assure and advanced features for extreme durability
• Secure: Encryption and offline threat protection
Hardware-based security plus WORM support for archival
For Data Protector tape backup device support refer to the latest version of the
Device Support Matrix (available on the HP SSO portal)
Tape based Storage Devices
In the past a backup was the process of dumping the critical data to a local attached tape device.
Of course this way of performing server backups changed over the years, but tape based backups
were the only reliable backup solution for a very long time. In the last few years with the
development of high capacity, fast access disk devices their role got changed, so you typically find
a mixture of disk and tape based backup in today’s backup concepts. High available systems,
replicated data in hot or standby mode reduces the need for backup and therefore the need for
tape backups. But tape backup technology made incredible progress, so today’s tape media are
able to keep several TB of data, the data can be encrypted, protected against overwrites and are
easy to transport.
On the following pages we will explain how Tape based Storage Devices are handled in Data
Protector.

Module 7
Backup Devices
7–8. SLIDE: HP Tape drive portfolio
HP Tape drive portfolio

Capacity
Feature Transfer rate Interface WORM Encryption
(native)
6.9MB.s Ultra160 SCSI
DAT 160 80 GB SAS 1.1 Yes No
(native – sustained) USB 2.0
12MB/s SAS
DAT 320 160GB Yes No
(native - sustained) USB 2.0
27 - 80MB/s 2 & 4GB nFC
HP LTO-3 400 GB Yes No
(280 GB/h)* Ultra 320 pSCSI
4GB nFC
40 - 120MB/s
HP LTO-4 800 GB Ultra 320 pSCSI Yes Yes**
(420 GB/h)*
3GB SAS
6Gbps SAS
(dual port)
HP LTO-5 1500GB 47 – 140MB/s Yes Yes
8Gbps FC
(library version only)
6Gbps SAS
(dual port)
HP LTO-6 2500GB 54 – 160MB/s Yes Yes
8Gbps FC
(library version only)
* To help keep the LTO Ultrium drive streaming, the HP Adaptive Tape Speed (ATS) adjusts to the data rate from the source
** Provides Encryption only with an LTO-4 medium only
HP Tape drive portfolio
The slide above provides an overview of the various tape drives which are supported by HP
Libraries. The first column lists the maximum capacity of the drive specific media, the next column
list the maximum native transfer rate. Next is the supported interface type, information if WORM
(write once read many) is supported and whether drive-based data encryption is supported.
Often, transfer rate is listed for compressed data assuming a compression ratio of 2:1. However,
the compression ratio is varying with the data and the likelihood of an average compression ratio
of 2:1 is very small. With Database file backups a higher compression ratio maybe seen, with other
data (e.g. MS Office documents, PDFs, binaries) the compression ratio is usually much smaller.
Therefore, the table above lists the native speed. If the data is highly compressible, the throughput
might be much higher. If the data cannot be compressed the maximum throughput will be the
native rate.

Module 7
Backup Devices
7–9. SLIDE: Tape drive performance considerations
Tape drive performance considerations

Backup Performance:
Between the source (disk) and the target (media) are several HW and SW components.
Every component in the chain need to deliver the required performance.
Example calculation:
Backup device: LTO-5 (140 MB/s)
Average Data compression ratio:
• SAP R/3 data: 3.5:1
• FS data: 1.5:1
 Resulting Read Performance:
• 3.5 x 140 MB/s = 490 MB/s (for SAP R/3 data)
• 1.5 x 140 MB/s = 210 MB/s (for FS data)
Technical Challenge:
Can the data be provided fast enough from disk, over the SAN/LAN via the interfaces to the system and
from there via other interfaces over SAN/SCSI to the backup device? How many processes are running
in parallel to access: disks, interfaces, libraries?
Note:
Use native tools such as HP Library &Tape Tools (LTT) to determine possible disk and tape performance.
Tape drive performance considerations
The capabilities and limits of the tape device and system infrastructure (file size, directory depth
and data compressibility has an impact on system performance). Actual transfer rates depend upon
the type of drive, number of drives, and the number of drives connected to the SCSI bus or Fibre
Channel. The library robotics imposes minimal loading on the bus. Tape drives also support a burst
rate which is higher than the sustained rate, but limited based upon the bus/channel speed.
Assumptions:
• LTO-5 native maximum throughput: 140 MB/s

• SAP R/3 average data compression ratio (file backup): 3.5:1
• Filesystem data average compression ratio: 1.5:1
The compression ratio describes an average, which implies that a considerable amount of data
might have much higher or lower compression. However, it is recommended to provide the data to
the drive at the speed calculated against the compression rate to sustain the drive.

Module 7
Backup Devices
To sustain maximum drive speed (LTO-5) for SAP R/3 file system data with an average compression
rate of 3.5:1, data needs to be provided to the drive at a rate of:
• 140 MB/s x 3.5 = 490 MB/s
To sustain maximum drive speed (LTO-5) for file system data with an average compression rate of
1.5:1 data needs to be provided to the drive at a rate of:
• 140 MB/s x 1.5 = 210 MB/s
Therefore, the HBA (SCSI & Fibre Channel) should be able to transfer data at maximum tape speeds.
As best practice, it is recommend to use a separate HBA for each tape drive. It is important to check
that the Storage Area Network (SAN) has enough bandwidth. SAN switches, for example, have tools
for measuring performance. These tools can be used to ensure that the SAN has the needed
bandwidth. In addition, tools such as HP L&TT can be used to check performance of disk and tape
(read and write) speeds.
Types of Connection
The type of connection between the servers and clients to be backed up and the secondary storage
system affects the backup performance. This connection is typically one of the following:
• Directly connected tape device: Devices connected directly to the server through a SCSI or
USB connection.
• Network connection between client and backup server: The LAN bandwidth affects the
speed at which data can be transmitted between the client devices and the backup server
• Fibre Channel connection between backup server and tape device: Data transmitted over a
Fibre Channel connection to the tape device is very fast, 4Gbs = 400MB/s and 8Gbs
/800MB/s these are theoretical values. ~80% can be reached in real.

Module 7
Backup Devices
7-10. SLIDE: Tape library terminology
Tape Library terminology

Tape drive(s)
• Data transfer element
Repository slots
• Cartridge/magazine slot
• Storage element
Media exchanger
• Robotics
• Transport element
Mail slot(s)
• Import/export slot
• Eject element
Barcode reader
Management interface card
Tape library terminology
The tape library is a complex system used for near-line or off-line storage of data. Data is typically
written onto high capacity tape cartridges by utilizing multiple tape drives simultaneously. The
tape library system differs from a standalone tape drive in many ways, not least is the automated
handling (load and unload) of media to and from the embedded tape drives. Most tape library
systems contain the following components:
• Tape drive(s)
• Repository slots
• Media transport/exchanger/robotic
• Mail slot(s)
• Barcode scanner
• Management interface
The SCSI interface within the library presents the various components to all attached host systems
as objects. There are usually four objects, commonly referred to as elements that are presented:
• Drive
− Tape drives such as DLT, SDLT, LTO which are used to write data to and from media
− In SCSI terms, “Data Transfer Element”

Module 7
Backup Devices
• Slot
− Repository of tape cartridges, stored in magazines in the library, where the physical
media is located and held in a library
− In SCSI terms, “Storage Element”
• Transport
− The robotic that moves tape cartridges between slots and drives
− In SCSI terms, “Medium Transport Element”
• Ports
− Commonly referred to as import/export slot or mail slot, a means to move media into
and out of the library
− In SCSI terms, “Import/Export Element”
In addition the library may have a barcode scanner for media identification using the media barcode
and a management interface to allow for easier management of the library.

Module 7
Backup Devices
7-11. SLIDE: SAN connected SCSI Library – example configuration
SAN connected SCSI Library – example configuration

• SAN is a network dedicated to storage and enables storage devices sharing with multiple hosts, allowing
multiple-system to multiple-device connectivity, so device can be accessed through several paths
• Data Protector has two possibilities for SAN based device configuration; multiple devices or multipath
system 1 system 2
drive #1: HP LTO-6 drive #2: HP LTO-6

Ultrium 6250 FC Ultrium 6250 FC
library 1: HP MSL4048
SAN connected SCSI Library – example configuration
A Storage Area Network (SAN) is a network dedicated to data storage. The SAN provides off-loading
storage operations from application servers to a separate network. Data Protector supports this
technology by enabling multiple hosts to share storage devices connected over a SAN, which allows
multiple-system to multiple-device connectivity. Therefore, each device in the SAN can be accessed
through several paths.
The slide above provides an example of a small SAN environment. In this example, we have
multiple systems connected to a SAN through multiple HBAs. In addition, the tape library
containing two drives is also connected with multiple fabrics. Therefore, we have the possibility for
each system to access the library and drives through multiple paths
(multiple-system to multiple-device connectivity).
There are two possibilities when configuring SAN attached device with Data Protector:
• Multiple Devices configuration
• Multipath Device configuration

Module 7
Backup Devices
7-12. SLIDE: Multiple devices
Multiple devices
• One logical device is configured for each physical path available between a system and a device
• A Lock Name is used to avoid conflicts where Data Protector tries to use two or more logical devices
that point to the same physical device
• One control path for robotics is configured, to allow other systems to control robotics in the event
of a failover direct access can be configured using libtab
• Multiple devices is no longer the recomended way to configure SAN attached devices in Data
Protector
Configuration as seen in Data Protector GUI
system 1 system 2
drive 1 drive 2
library 1
Multiple devices
Multiple Device configurations require a separate logical device to be created for each host
connected to each physical device. One logical device is configured for each physical path available
between a system and a device. Therefore one physical device is configured as multiple logical
devices, each one corresponding to a physical path that exists between a drive and a system. This
approach also covers multiple HBAs on one system. To eliminate potential conflicts arising due to
Data Protector attempting to use two or more logical devices that point to one physical device, a
lock name is deployed.
The lock name is identical for all logical device definitions which use the same physical device. It is
assigned during the device configuration. It can be subsequently changed manually if needed. The
lock name consists of an alphanumeric string. The default lock name configured when the device
has been configured though auto configuration consists of the device name, vendor, model and
serial number separated by a colon:
Device name:<vendor >:<model>:<serial ID>
The following being an example of a device lock name:
Drive1:HP:DAT160:HU171200LU

Module 7
Backup Devices
In the slide above, we have an example of a Multiple Device configuration. Both system 1 and
system 2 are configured with drive 1 and drive 2. A logical device created for each path between the
system and the physical drive. Therefore, four logical devices have been created for the two
physical drives in the library:
• System 1 to Drive 1
The path to be used would be selected when configuring the backup specification. For failover,
another drive would be included in the backup specification and load balancing configured.
For the library robotics, only one control path can be configured. To allow other systems to control
the robotics in the event of a failover, direct library access can be configured on each system
requiring access to the robotic using the Data Protector libtab file. The libtab file must be created
manually at the following locations on all systems where direct library access is needed for this
functionally to work:
Windows: DP_HOME\libtab
UNIX: DP_HOME/.libtab
The libtab entry consists of the system name, the address of the robotic and the name of the
library.
Example:
libtab file on Windows system ‘zala’
zala.company.com scsi:2:0:0:0 SAN_LIB_1_zala
Example:
libtab file on HP-UX system ‘fiat’
fiat.company.com /dev/spt/lib SAN_LIB_1_fiat
The Multiple Device approach continues to be supported however; to configure multiple devices,
lock names and libtab it is insufficient for large environments considering the number of logical
devices that need to be configured and managed. For example, if there were 10 systems which
were connected to a single device, 10 devices with the same lock name need to be configured.
Therefore, the recommended method for configuring devices within a SAN in Data Protector is
Multipath.

Module 7
Backup Devices
7-13. SLIDE: Multipath devices
Multipath devices
• Assign multiple paths (host name and SCSI address/device file) to a single physical device
• Simplifies device configuration
• Easier management of devices
• Increases system resilience
Configuration as seen in Data Protector GUI
system 1 system 2
drive 1 drive 2
library 1
Multipath devices
With the Multipath device configuration approach, only one device is created per physical device
and the physical paths between the system and device are stored as attributes of the logical
device. Multipath allows multiple paths (for example, system plus SCSI address) to physical devices
to be defined in one logical device.
Both drives and the robotic are supported with Multipath and can include mixed platforms. During
auto configuration, for each device, the various paths from the systems to the device that are
identified by Data Protector are stored as part of the device definition. A priority can then be
assigned to each of these paths. This priority can be changed at any time. When Data Protector
uses a Multipath device, it will use the paths according to the priority set in the device definition.
In the slide above we have an example of a Multipath configuration. Both system 1 and system 2
are configured with drive 1 and drive 2. One logical device has been created for the two drives and
for the robotic. For each logical device created, the available paths from the systems to the device
are included the logical device definition. Here you can see that drive 2 has two paths configured,
one to each system in the example given:
Client tpc004.deu.hp.com, SCSI address Tape4:0:1:0C

Client tpc122.deu.hp.com, SCSI address Tape2:0:2:0C

Module 7
Backup Devices
Therefore, device configuration and management is simplified by configuring a single Multipath

device for all paths. For example, if there were 10 systems which were connected to a single device,
1 device with 10 paths is configured.
In addition, as each device is configured with multiple paths, system resilience is increased. The list
of configured paths in the device definition provides a failover mechanism. If the path on the first
system is unavailable and fails then Data Protector will try the next configured path in the list
continuing until a path is available. This failover mechanism is for both drives and robotic.

Module 7
Backup Devices
7-14. SLIDE: SCSI library – Autoconfiguration
SCSI library - Autoconfiguration

• Select ‘Autoconfigure Devices…’
1
• Select the client systems on which
1 devices are to be configured
2
2 • Select client systems to have access

3 to the device
• MultiPath selected by default  Click

4 Next
• Configure ‘Automatically discover

5 changed SCSI address‘  Click Finish
SCSI library – Autoconfiguration
To automatically configure a SCSI library, select Devices & Media in the Context List. In the Scoping
Pane, right click on Devices:
1. Select Autoconfigure Devices In the results pane, all client systems in the cell that
support auto device configuration will be listed. In the example both client systems
configuration are listed.
2. Select the client systems on which devices are to be configured

Both client systems in the example configuration are selected. Click Next.
The device discovery utility devbra will then scan and discover the devices accessible to
all the client systems selected.
Once the device discovery utility devbra has completed the scan, the results pane will contain a list
of the devices discovered and available to be configured. Each discovered library has its robotic
path and all associated drives listed.
Listed under each client system is the available path. Two robotics paths are listed because
MultiPath is selected by default and in the example environment, we have two client systems.

Module 7
Backup Devices
In the example configuration; the two client systems, the library and its two drives are listed. In the
results pane:
3. Select each client system to be configured with the library robotic path and drives. In
the example configuration, both systems are to be configured with the library robotics
and the two drives and so all available paths are selected to be configured.
4. The option Automatically discovers MultiPath devices is selected by default. If

unselected, the library robotic can only be configured on one client system and each
physical drive would need to be configured as multiple logical devices for each
available path. In the example configuration Automatically discovers MultiPath devices
will remain selected.
5. The option to select the Automatically discover changed SCSI address feature is
available. The feature is not selected by default. In the example configuration this
option is selected.
Those paths selected will now be configured and the configuration completed. The
logical device is now ready to be used with Data Protector.
Once the auto configuration is completed, the

devices and paths configured can be viewed in the
scoping pane. The configured devices are listed
under Devices. Detailed information on each device
can be displayed by selecting the device in the
scoping pain. The details for that specific device will
then be displayed in the results pane. The
information displayed in the results pane is
dependent on the device type.
In the example configuration, the library is listed

under Devices under which is listed the robotic
paths, drives and slots. Each of these can be
selected in the scoping pane to display information
in results pane. Depending on what is selected,
either a list listing the properties of the item(s) will
be displayed or the properties of the individual item
(which can then be changed). For example, when
selecting robotic paths in the scoping pane, a list of
all configured robotic paths will be displayed. When
selecting a specific drive however, the properties
will be displayed

Module 7
Backup Devices
7-15. SLIDE: SCSI Library – Properties 1/4
SCSI Library – Properties 1/4
Management console
URL for library
For virtual tape libraries

enable capacity based
licensing
Enter estimated virtual library

capacity consumption
The auto device configuration process may produce the desired device settings but in many cases
you may wish to change the default device properties. Once the auto device configuration is
completed, all the library and drive properties can be viewed and changed as needed in the Data
Protector GUI. Starting with the library, in the Library Properties General tab:
• The Device Name and Description can be modified as needed
• When configuring a virtual device with capacity based licensing, the Virtual tape library – TB
based licensing (Advanced backup to disk) must be selected after the auto configuration is
complete. This is because Data Protector cannot determine whether it is it to be a real tape
device or emulated device during the auto configuration and so is not automatically
configured.
• The Management Console URL (web access) to the tape library is not discovered
automatically and must be entered manually. This allows users to open the library
management console quickly and conveniently from the Data Protector GUI

Module 7
Backup Devices
1
• Select library and switch to the
2 1. ‘Control‘ tab
3 4
• Select client
5 2.
• Discover path
3.
• Add path
4
• Prioritise configured paths

5
The auto device configuration process associates the library (robotics and drives) to the configured
paths (client systems and SCSI address). All the configured paths can be viewed in the library
properties Control tab. In the list of configured paths, Data Protector allows the selection of the
preferred path for each robotic and drive. The set of available paths constitute the failover
mechanism. The first path in the list is the preferred path. If the preferred path fails, the Media
Agent attempts to use the next configured path until a path is available, if none of the listed paths
are usable, the session will abort. This failover/preferred path mechanism is used for non-local
Disk Agent access to the devices via the Media Agents. The arrow buttons can be used to move the
selected path up or down the list or to move it to the first or last position. The Apply button must be
selected after any changes in order to save the path priority in the Media Management Database
(MMDB).
In addition to managing the preferred paths already configured; paths can be deleted, added and
further prioritized. To add a new path to the device configuration:
1. First select the library where the properties are to be changed; right click on the library
in the scoping pane and select Properties and then select the Control tab.
2. Select the client system on which the path is to be configured.

Module 7
Backup Devices
3. Press the arrow at the right hand side of the field labeled SCSI address of library
robotic. This starts the path discovery on the selected client system. The paths
available will then be listed. Select the path to be configured.
4. Click Add. The selected path will then be added to the list of Configured paths below.
5. To prioritize the configured paths for failover; use the arrow buttons to move the
selected path up or down the list, or to move it to the first or last position. Use the
Apply button if any changes to the device configuration are to be saved in the MMDB.
To delete a configured path, simply select the path and use the Delete button.

Module 7
Backup Devices
Busy drive handling
Barcode option
Changed SCSI address
discovery
SCSI reserve and

release
Other options in the device properties that can be configured from the Control tab are busy drive
handling, barcode reader support, changed SCSI address discovery and SCSI reserve and release.
The Busy drive handling options determines what Data Protector should do if it encounters an
unexpected media in a drive. For example, the media maybe left in a drive through an operation
outside of Data Protector or because of a Data Protector session that was unable to complete
successfully. There are three available options that can be selected:
• Abort: Data Protector will abort the session.

• Eject medium: The media in the drive will be ejected and placed into a repository slot. The
medium will be moved to its original slot (if known) or to the first available slot (if its
original slot is unknown).
• Eject medium to maillot: The media in the drive will be ejected and placed into the library
mail slot.
For the backup to continue automatically then one of the eject options should be selected. As the
ejected media maybe moved to an unknown slot, the library should be scanned before the next
backup.

Module 7
Backup Devices
Many libraries and media support barcode readers and in order to enable Data Protector to use this
feature; the Barcode reader support option must be selected. There is also the option to select Use
barcode as medium label on initialization; with this option selected the barcode will be written as a
medium label to the medium header on the tape each time a medium is initialized. If this option is
not selected, Data Protector will generate medium labels based on media pool names.
The Changed SCSI address discovery feature detects and manages device replacements and SCSI
path changes caused by SAN modifications and system reboots. This option is by default not
selected.
The option SCSI Reserve/Release (robotic control) prevents the SCSI robotic control from being
used by any other process or application, reserving the robotic control only for Data Protector
operations. This option should only be selected when the device is shared between Data Protector
and another application or if the device is shared between two Data Protector cells that do not have
a Centralized Media Management Database (CMMDB). If the device is to be used by Data Protector
only within one Data Protector cell or in multiple Data Protector cells employing a CMMDB, do not
select this option.

Module 7
Backup Devices
Enter range of slots
Media type: cannot be

modified once library is
configured
Configure cleaning slot
The configuration of the Repository allows for all or some of the available slots to be selected and
allocated to a particular library. The slots can be specified in a range or as individual slot numbers.
The slots do not need to be sequential although this is most common. It is possible for a physical
library to be configured as more than one logical device; each logical device allocated a different
set of physical slots. This is particularly useful when the library contains more than one device type
(for example, LTO and DLT).
The Cleaning slot options allows a specific which (if any) of the repository slots contain a cleaning
tape(s). If configured, Data Protector will use this slot with any logical device that has Detect dirty
drive option enabled. At the time of a backup, if the drive issues a ‘cleanme’ request, Data Protector
will load the cleaning tape from the cleaning slot and return it once the drive has been cleaned. The
option Detect dirty drive is configured in the drive properties.
The Settings tab is where the Media Type used in the library is displayed and cannot be modified
once the library is configured.

Module 7
Backup Devices
7-19. SLIDE: SCSI Library – Drive Properties 1/4
SCSI Library – Drive Properties 1/4
Multipath device
configured as default
Drive Properties 1/4
As with the library and the robotic, all the drive properties can be modified once the auto
configuration has completed. Select the drive in the scoping pane and then in the General tab:
• The Device Name and Description can be modified as needed.

• The Data Format can be selected (this should only be changed from Data Protector when
configuring an NDMP device).
• Multipath device for the drive can be configured. By default, this is enabled.

Module 7
Backup Devices
2
1 • Select drive
4 1
3
5 • Select client system

2
Hardware
compression • Discover path
3
• Add path
4
Automatically • Prioritise configured paths

Drive Index 5
discover changed
SCSI address
With Multipath configured, in the Drive tab all the configured paths to the drive will be listed. This is
identical to the path configuration for the library robotic. The set of available paths constitute the
failover mechanism. The first path in the list is the preferred path. If the preferred path fails, the
Media Agent attempts to use the next configured path until a path is available, if none of the listed
paths are usable, the session will abort. The arrow buttons can be used to move the selected path
up or down the list or to move it to the first or last position. The Apply button must be selected
after any changes in order to save the path priority in the Media Management Database (MMDB).
In addition to managing the preferred paths already configured; paths can be deleted, added and
further prioritized.
To add a new path to the device configuration:
1. First select the drive where the properties are to be changed; right click on the library in
the scoping pane and select Properties and then select the Drive tab.
2. Select the client system on which the path is to be configured.
3. Press the arrow at the right hand side of the field labeled SCSI address of data drive.
This starts the path discovery on the selected client system. The paths available will
then be listed. Select the path to be configured.
4. Click Add. The selected path will then be added to the list of Configured paths below.

Module 7
Backup Devices
5. To prioritize the configured paths for failover; use the arrow buttons to move the
selected path up or down the list, or to move it to the first or last position. Use the Set
and Apply buttons if any changes to the device configuration are to be saved in the
MMDB.
To delete a configured path, simply select the path and use the Delete button.
Additional options configurable on the Drive tab are hardware compression, automatically discover
changed SCSI address and drive index.
Most modern backup devices provide built-in hardware compression. To enable this in Data
Protector the option Hardware Compression can be selected. If this option is set, Data Protector
sends the device an instruction to use hardware compression. A device receives the original data
from the Media Agent client and writes it to the tape in compressed mode. Hardware compression
increases the speed at which a tape drive can receive data, because less data is written to the tape.
For multipath devices, this option is set for each path separately.
The Changed SCSI address discovery feature detects and manages device replacements and SCSI
path changes caused by SAN modifications and system reboots. This option is by default not
selected.
The Drive index is the number that identifies the mechanical position of a drive inside a library
device. This number is used by the robotic control to access a drive.

Module 7
Backup Devices

Configure sizes: block,
segment and disk agent
buffer
Default Media
Pool
Mount request
options
Configure
concurrency
Lock name is
automatically
Select additional configured
options
The Settings tab displays the media type and cannot be modified once the library is configured. The
Default Media Pool allows a specific media pool (for that media type) to be used by the drive. When
initializing or importing media; the drive will add the media to this default pool. When the drive is
used for backup, media from this default pool will be used. An existing pool can be selected from
the drop-down list or a new media pool can be created by entering its name in the available box..
In addition, on the Settings tab is the Advanced button, click this button in order to configure
advanced drive properties. Once selected, an Advanced Options window is opened with three tabs;
Settings, Sizes and Other.
On Advanced Settings tab, the following options are available to be configured:
• Concurrency: This defines the maximum number of concurrent data streams (from disk
agents or application specific agent) that the device will receive. Setting this to an optimum
value for a particular device type allows the device to stream. The default configured is
dependent on the drive type.
• Eject after session: Only needs to be considered when using a standalone drive, this option
specifies whether the tape should be ejected after the operation accessing it has been
completed. By default, this option is not selected

Module 7
Backup Devices
• CRC Check: The CRC check is an enhanced checksum function. When this option is selected,
cyclic redundancy check sums (CRC) are written to the media during backup. The CRC check
allows the media to be verified after a backup. Data Protector re-calculates the CRC during
a restore and compares it to the CRC on the medium. It is also used while verifying and
copying media or verifying objects
• Rescan: This option is only available for drives in a library. This option instructs Data
Protector to rescan the device repository before a backup starts. This is useful if manual
media changes were performed since the last media scan. This rescan synchronizes the
Data Protector media database with the media that is currently present within the library
repository. For devices that support barcode readers, this is a barcode scan; otherwise the
scan requires each tape to be loaded into a drive to scan the header. By default, this option
is not selected
• Detect dirty drive: When selected Data Protector will detect when a drive is in need of
cleaning. When the drive sends a ‘cleanme’ request, Data Protector will either
automatically insert the cleaning tape into the drive itself or issue a mount request for a
cleaning tape to be loaded. By default, this option is not selected
• Drive-based encryption: This option enables hardware encryption of backups, which

prevents unauthorized access to your data during media storage and transportation. By
default, this option is not selected
• Use direct library access: Only needs to be configured for non-Multipath devices. When
configuring devices with Multipath, this option does not need to be selected. By default,
when configuring Multiple Devices, the library robotics is configured as belonging to only
one host. This option enables every system to send control commands directly to library
robotics. In the case of multiple systems operating the same library, this communication
has to be synchronized. The libtab file must be created on the Media Agent client for this
functionality to work. If direct access is enabled for multipath libraries, local paths (paths
on the destination client) are used to control library robotics first, regardless of the
configured path order
On Advanced Sizes tab, the following values are available to be configured:
• Block size: The device hardware processes data it receives using a device type specific
block size. Data Protector allows the adjustment of the size of blocks it sends to the device.
The default for all devices is now 256 KB (introduced with DP 8.0) . For Data Protector to
use tapes for backup in different devices, the block size must be set the same for all
devices.
• Segment size: Use this drop-down list to enter the size of the data segments on the media.
The segment size affects the speed of restore and of the import of media. A smaller
segment size requires additional space on the media because each segment has a fast-
search mark. The additional fast-search marks result in faster restores because the Media
Agent can quickly locate the segment containing the restore data. However, with smaller
segments there are more catalog segments, which makes the importing of media slower.

Module 7
Backup Devices
An optimal segment size depends on the media type used in the device and the kind of data
backed up. The default segment size depends on the media type. The minimum value you
can specify is 10.
• Disk agent buffers: The Data Protector Media Agent and Disk Agent use memory buffers
during data transfer. This memory is divided into a number of buffer areas. The buffer size
is the number of Disk Agent blocks that a Media Agent can hold in its buffer. Values from 1-
32 can be specified. The default number of Disk Agent blocks is 8. There are two basic
reasons to change this setting; shortage of memory or lack of streaming. The shared
memory required for a Media Agent can be calculated as follows:
DAConcurrency*NumberOfBuffers*BlockSize
Reducing the number of buffers from 8 to 4, for instance, results in a 50% reduction in
memory consumption, what could result to performance implications. If the available
network bandwidth varies significantly during backup, then it becomes more important
that a Media Agent has enough data ready for writing to keep the device in the streaming
mode. In this case, increase the number of buffers
On Advanced Other tab, the following can be configured:
• Mount request (Delay & Script): The script to be executed after a mount prompt request
has been outstanding for the number of minutes configured as the Mount Prompt Delay.
The default script sends an alert notification containing the relevant details. The delay is
the time in minutes that must of elapsed since a mount prompt was issued before the
script is executed. The default value for the delay is 30 minutes.
• Device Lock Name: The device lock name prevents Data Protector from using the same
physical device which has been configured as two separate logical devices. When selected,
the ‘Use Lock Name’ option will lock the device during backup and restore sessions. For
example, if you configure two logical devices using one physical device, you must use the
same lock name for both logical devices. By default, when a device is configured
automatically this option is enabled and the lock name is generated automatically by Data
Protector. When configured manually, this option is not enabled and lock names must be
entered manually.

Module 7
Backup Devices
Device Policies
Device Tag
On the Policies tab device policies can be selected. These options are only available for drives in a
library and by default not enabled. A device with this option checked may replace any device of the
same Device Tag (see Device Tag below for details):
Device may be used for restore: If the original device is not available for a restore session, Data
Protector automatically selects an alternative device with the same Device Tag located in the same
library.
Device may be used as source device for object copy: If the original device is not available as
source device for an object copy session, Data Protector automatically selects an alternative device
with the same Device Tag located in the same library.
Device Tag: Specify a name for the Device Tag. Devices with the same Device Tag name can replace
each other if needed. Ensure that such devices are of the same media type and from the same
library. Otherwise, the automatic replacement cannot be successful. The name can consist of
maximum 80 characters, including spaces.

Module 7
Backup Devices
7-23. SLIDE: Device preparation on Windows
Device preparation on Windows
• Plug and play
• Devices are discovered and

configured automatically
• Microsoft native Windows

operating system class drivers or
device vendor class drivers
supported
• Microsoft Windows Multipath I/O

(MPIO) should be installed with
multiple paths between the
system and the device
Device preparation on Windows
Windows operating system facilitates the scanning, discover and configuration of the device.
Once the device is connected, the Windows Operating System will scan and discover the device
(either at the time of booting the system or requested to scan for hardware changes in the system
Device Manager) and configure the device in the operating system Device Manager.
To configure a device on Windows:
1. Connect the device to the system

2. Open Computer Management and then select Device Manager
3. Right click on the system name and select Scan for hardware changes
4. The Windows operating system will then scan for plug and play compliant devices
5. Once discovered, the device will then be listed in the Device Manager (there will be separate
entries for the robotic and each drive)
The information listed in the Device Manager for each robotic and drive will depend on the class
drivers installed and configured. In the example below, there are no vendor specific class drivers
installed and available on the system. Therefore, the Microsoft drivers for both the robotic and the
tape drives have been used to configure the device.

Module 7
Backup Devices
With the device configured with the Microsoft class drivers, the library robotics is listed under Media
Changer devices as Unknown Medium Changer, the drives are listed under Other devices as HP
Ultrium 4-SCSISequential Device:
With the device vendor class

drivers available to the system
however, the output differs, as
shown below. With the Hewlett
Packard class drivers installed
and available for the library and
tape drives we now see the
library robotics is listed under
Media Changer devices as
Hewlett Packard MSL G§ Series
library the drives are listed
under Tape drives as Hewlett
Packard LTO Ultrium 4-SCSI
drive.
Data Protector supports both

scenarios shown (using the vendor class drivers and the native OS Microsoft class drivers).
However, on some occasions the devices maybe not are visible in Data Protector even though they
are shown in the Windows Device Manager. In this case, it is recommended to move from one
scenario to the other and try the configuration again in Data Protector.
Therefore, if you have the device vendor drivers installed and Data Protector is unable to see the
device then disable the drivers and
move to the Microsoft class drivers. If
the device vendor drivers are not
installed and Data Protector is unable
to see the device then install the
device vendor driver and check again
whether the device is visible to Data
Protector.
To check whether the device is visible

to Data Protector, use the Data
Protector devbra command. More
details on devbra are shown at the
end of this module under ‘Device
Tools’. Online Help.

Module 7
Backup Devices
If the device is connected to the Windows system through multiple paths then it is recommended
to enable Microsoft Multipath I/O (MPIO).
To enable MPIO:
1. Click Start, select Administrative Tools, and then click Server Manager
2. Click Features
3. Click Add Features
4. In Add Features, on the Select Features page, select the Multipath I/O check box, and
then click Next
5. On the Confirm Installation Selections page, click Install
6. Once the installation has completed, select Close
7. After restarting the system, MPIO installation will be completed.
8. Click Close
Once added, MPIO will check the system and automatically identify and manage multiple path
devices.
Once the device is visible in the Windows Device Manager and listed with Data Protector devbra
device is now available and ready to be configured in Data Protector.

Module 7
Backup Devices
7-24. SLIDE: Automatically discover changed SCSI address
Automatically discover changed SCSI address
• SCSI addresses can change dynamically and can result in failed backup
sessions
• Data Protector stores the SCSI address and Device Serial ID in the
MMDB part of the Data Protector Internal Database (IDB)
• Data Protector verifies SCSI adress and Device Serial ID each time it is used.
If it does not match a device path discovery is started
• If a new path is discovered for the Device Serial ID the stored configuration
is updated in the IDB and session will start using the updated settings
• In case a SCSI tape drive has been replaced, the new Serial ID of the
replaced drive needs to be updated in the DP Logical Device configuration
Automatically discover changed SCSI address
The SCSI address of a device can change dynamically in some SAN environments. Some operating
systems assign LUNs based upon the order, in which targets are presented to the operating
system. This assignment is a characteristic feature that can occur during the boot up process. On
every boot cycle, the LUNs may shift depending on the presence or absence of targets.
Bridges can also modify SCSI and I/O addresses if rebooted for the following reasons:
• One of the devices connected to the bridge fails to respond due to a malfunction or a turn-
off. During bridge reboot all the devices, connected to the bridge with their pre-assigned
addresses, following the failed device are accorded new addresses
• A new device has been connected and configured online. In this case, the new device is
assigned the first free address available. During bridge reboot, the sequence in which the
addresses are assigned may vary: the new device may be become the first device to be
assigned a new address, which in turn causes the remaining devices to acquire new
addresses
Therefore, during a bridge reboot, all the devices connected to the bridge may be assigned a new
address.

Module 7
Backup Devices
The Automatically discover changed SCSI address feature provides a robust and tolerant solution
to dynamic SCSI address changes enabling Data Protector to counter and adapt accordingly. Thus
removing the need to reconfigure all the effected logical devices where the SCSI address has
changed.
Data Protector stores the device serial number in the IDB. When enabled, the Media Agent retrieves
the corresponding serial number during the first media operation and saves it to the IDB. From then
on, the serial number forms the basis for device identification. Automatically discover changed SCSI
address is enabled only after the serial number is stored in the IDB.
Thereafter, every time a device is used, Data Protector compares the device serial number against
the serial number stored in the IDB. If the serial numbers do not match then the following action is
taken:
• The media agent invokes devbra, which will discover the device path at the new address, if
found, it is updated to the IDB
• The updated device serial number in the IDB will then be used for all subsequent sessions.
If the automatically discover changed SCSI address option is not selected, the backup session may
fail as, if the SCSI address of the device has changed, the device will no longer be available to Data
Protector. Therefore, in SAN environments it is recommended to use this option.
It is not recommended however, to use dynamic addressing in large UNIX SAN environments
because an ioscan execute can be very time-consuming before it returns the output. For large SAN
environments, it is advised to activate dynamic addressing only in Windows and not in large UNIX
environments.
By default, the automatically discover changed SCSI address option is disabled.
The Reload button and serial number field will be enabled only if automatically discover changed
SCSI address option is selected. The serial number field is not editable and is always grayed out. On
clicking ‘Reload’, the device serial number will be replaced with the text reading “Reload on next
operation”.
On selecting ‘Reload’, the serial number stored in the IDB is deleted. This then allows a faulty device
to be replaced with a new device without having to configure a new logical device in Data Protector.
The first media operation on the new device will store the device serial number in the IDB to be
used for all subsequent sessions.

Module 7
Backup Devices
7-25. SLIDE: Disk based Backup Devices
Disk based Backup Devices

Disk based Backup Devices can be of any type of storage for
the following Data Protector device types:
• Standalone (media type: file)
• Jukebox (media type: file)
• File Library (media type: file)
• Backup to Disk device (StoreOnce Software Deduplication,
Smart Cache)
Any hardware or software based backup appliance (VTL, D2D,
StoreOnce) needs to be listed in the Device Support Matrix to
be used as the following Disk based Backup Devices:
• SCSI Library (Virtual tape library)
• Backup to Disk device (StoreOnce Backup System,
Data Domain Boost)
Disk based Backup Devices
Now let’s put the focus on Disk based Backup Devices
Out of the box Data Protector is able to perform Disk based Backups to a directory or Network
share. The following Data Protector Disk based Backup Devices can be used to perform disk
backups to any type of storage:
• Standalone (media type: file)
• Jukebox (media type: file)
• File Library (media type: file)
• Backup to Disk device (used for StoreOnce Software Deduplication and the Non-Staging
GRE feature of the DP/VMware integration)
As the only requirement for such backups the storage/disk/LUN needs to be supported on the
mounted/presented OS
In addition a lot of vendors offer hardware or software based backup appliance (Virtual Tape
Libraries (VTL), Disk-to-Disk (D2D) Appliances, StoreOnce Backup systems). These appliances
needs to be listed in the Device Support Matrix before they can be used as the following Disk based
Backup Devices in Data Protector:
• SCSI Library (Check option: Virtual tape library)
• Backup to Disk device (in case a StoreOnce Backup System or Data Domain System is used)

Module 7
Backup Devices
7-26. SLIDE: Virtual Tape Library - Overview
Virtual Tape Library (VTL) - Overview

A VTL is:
• A special optimized disk appliance that emulates different types of tape libraries
• The Tape Library emulation includes tape drives, robotic, slot and media
• Data Protector cannot distinguish between a physical tape lib and a VTL emulated library
• Requires an Advanced Backup to Disk (AB2D) License in Data Protector (TB based)
The benefits of the VTL include:

• Optimizes the bandwidth utilisation of the backup environment.
• Number of libraries and drives can be configured as needed.
• Integrates seamlessly into existing backup applications and processes.
Problems addressed by VTL’s:

• Not consistently streaming to the tape drives, no minimum data throughput required.
• Faster restore of smaller objects (archive logs), because no robotics and no tape positioning is needed.
Virtual Tape Library - Overview
The Virtual Tape Library (VTL) is a disk appliance that has special software to emulate tape libraries
including tape drives and media inside the library to the backup system. Backup software cannot
distinguish between a physical tape library and an emulated library.
Problems addressed by virtual tape libraries:
• Not meeting backup windows due to slow servers

− Easy to create multiple VTL to increase the number of tape libraries
• Not consistently streaming your tape drives
− VTL requires no minimum data throughput
• Performing many restores (such as single file)
− Faster than physical tape drives
− Just an access to disk
− Robotic not required
• No tape positioning

Module 7
Backup Devices
VTL benefits include:
• Optimizes bandwidth utilization of the backup environment

• Removes tape errors from the critical backup window
• Less expensive than buying more fiber channel arrays
• Can require fewer tape drives than other solutions and get better utilization of the tape
drives/libraries you have
• Fast single-file restore and recovery
− Recent backups are kept on disk for restore and recovery
− Fast single-file restore without the need for media loading or positioning
• Integrates seamlessly into existing backup applications and processes
• Easy to manage
• As storage requirements grow, the VLS can match customers’ environments by scaling both
capacity and performance

Module 7
Backup Devices
7-27. SLIDE: Configure a VTL in Data Protector
Configure a VTL in Data Protector

Data Protector is unable to discover a VTL as it appears like a normal SCSI Tape Library on the client.
To configure a VTL the configuration flag Virtual tape library has to be set during the configuration.
• Device Type SCSI Library

1
• Check option Virtual tape library
2 1
• Add VTL capacity used for DP backups
3
Configure a VTL in Data Protector
The configuration of a VTL is very similar to the configuration of a SCSI Library. Because Data
Protector cannot separate between a physical and virtual Tape Library the administrator need to
inform Data Protector to handle a manual configured or autoconfigured tape library as a Virtual
Tape Library.
There is an option at the bottom on the

initial Device Configuration Wizard that
becomes active, if Interface Type SCSI
Library is selected: Virtual tape library
There is a difference in the licensing of a VTL compared to a SCSI Library. A normal SCSI Library
requires licenses for each configured Drive and a Slot Extension Library in case of more than 60
configured slots. A VTL with the same configuration is licensed on the native disk capacity of the
VTL only(in case the VTL is exclusively used by DP – click on License details to see more information
about the licensing), the number of devices and number of slots are not licensed in this case.
Therefore the estimated library capacity consumption in TB is required after the Virtual tape
library option is checked.
You need to ensure to have an Advanced Backup to Disk License (TB based) with the same value like
the entered capacity or higher available on your Cell Manager.

Module 7
Backup Devices
7-28. SLIDE: Backup to Disk device (B2D) - Overview
Backup-to-Disk device (B2D) - Overview

A B2D:
• backs up data to physical or virtual disk storage
• supports multi-host (Gateway) configurations
• mainly used by StoreOnce Deduplication backups
• supports HW and SW based Deduplication
• requires Advanced Backup to Disk (AB2D) license
SW based Deduplication:
 StoreOnce software Deduplication
HW based Deduplication:
 StoreOnce Backup system
Data Domain Boost and Smart Cache

support newly introduced in DP 9.0X
Backup to Disk device (B2D) – Overview
A Backup to Disk (B2D) device is a device that backs up data to physical disk storage and with the
introduction of the Virtual Storage Appliance (VSA) also to a virtual storage. The B2D device
supports multi-host configurations. This means that a single physical storage can be accessed
through multiple hosts called gateways. B2D devices are mainly used by StoreOnce Deduplication
backups within DP. The B2D device supports Hardware based Deduplication (B6200, B6500
StoreOnce backup systems) and Software based Deduplication using the Data Protector Software
Store.
In case of a Data Protector Software Store
you need to install a StoreOnce Software
Deduplication Agent only on the system
that keeps the Data Protector Software
store.
Note: There is no need to install a StoreOnce Software Deduplication Agent on a Data Protector
client, if no Data Protector Software Store is required. Deduplication functionality for
StoreOnce and Data Domain Boost is part of the regular Data Protector Media Agent
Deduplication requires Advanced Backup to Disk (AB2D) TB based license.
For more details about Deduplication and the B2D device refer to Module 15 “Deduplication”

Module 7
Backup Devices
7-29. SLIDE: File Library - Overview
File Library - Overview

A File Library:
• Pure disk based backup device
• Is fast and easy to configured on any local or external type of storage that is
accessible on a Data Protector client system
• Allow configuration of up to 255 writer (equivalent to a Tape device)
• Supports only one Gateway system
• requires Advanced Backup to Disk (AB2D) license
File Library – Overview
The File Library is basically a group of files in one or more configured directories to which data is
backed up to instead of to a tape.
The File Library is the most sophisticated disk based device available in Data protector and as a
result, has a number of benefits over the jukebox file device. Indeed, the jukebox file device was
originally introduced to Data Protector for testing purposes and therefore is not sophisticated or as
powerful as the File Library. Therefore, when using backup up to disk with Data Protector, it is
highly recommended to use the File Library device.
A file to which data is backed up to in a File Library is called a ‘file depot’. A file depot is created
each time a backup or copy session is made to the File Library. If the amount of data being backed
up is larger than the maximum file depot size, Data Protector creates more file depots as required
for the backup session. Therefore, the backed up object can span over two or more file depots. A
file depot is equivalent to a tape media in a slot, whereas the directories represent the repository
(slots) part of a library. This means many media operations can be applied, e.g. scan, format,
recycle, export, etc. However, some operations are not available, e.g. import, eject.

Module 7
Backup Devices
The name of each file depot is a unique identifier which is automatically generated by the system. It
looks similar to the Data Protector media ID however; this is not actually a media ID but just a
unique file name. An example file depot name (including path) is:
C: \data\backup\0100007f54106d9295058c50008.fd
Since each file depot contains backed up or copied data, a corresponding Detail Catalog Binary File
(DCBF) keeps the detail catalog information for it in the Data Protector Internal Database (IDB).
Thus for each file depot a corresponding DCBF file exists.
The global file variable DCDirAllocation determines the algorithm used for selected the DCBF
directory for a new detail catalog file and the following options are available:
• Fill in sequence (default)

• Balance size
• Balance number
It is recommended to change the allocation policy from fill in sequence (default) to balance size.
The global file is located under:
Windows: DP_CONFIG\Options
UNIX: DP_CONFIG/options
There is no maximum capacity for the File Library depot that is set by Data Protector. The only limit
on the size of the depot is determined by the maximum file size that can be saved on the file
system (on the operating system on which the device is being run). For example, the maximum size
of the File Library depot running on LINUX would be the maximum size of a file you can saved on
this operating system. The capacity of a file depot is specified when the media is first configured. It
is possible to re-set the sizing properties of the File Library at any time during use of the device in
the Data Protector GUI.
The File Library drives are called ‘writers’. The number of writers configured defaults to the number
of directories added to the File Library.
There are a number of benefits gained from using the File Library compared to the File Jukebox:
• Configuration: The first benefit comes in the configuration of the File Library. This is easier
and quicker than configuring a jukebox file device. In the configuration of a File Library, you
only need select the number of writers to be configured which are then configured
automatically by Data Protector. In the jukebox file device configuration, each drive must
be configured manually. When configuring a file jukebox device, each slot must be
configured manually. However, with a newly created File Library no slots or file depots will
be created. You only need to configure the directory. Each slot or file depot for the File
Library will then be automatically created.

Module 7
Backup Devices
• Efficient disk space management: By default all file depots will be non-appendable. This is
very useful for the efficient disk space management. Only one session will be stored in one
(or more) file depot. As soon the protection of the session expires, the file depot can be re-
used. Only where sessions have a small amount of data, backup of logical and archive logs,
the media usage policy of the media pool should be changed to appendable. In addition,
other space management options available with the File Library allow for the configuration
of the minimum free disk size to create a new file depot, the amount of free disk space
which should remain free on the disk and to trigger a Data Protector event if the free disk
space drops below a certain percentage
• Improved disk full handling: In order to determine that there is enough disk space
available to complete the backup of the current data segment; Data Protector pre-allocates
the amount of disk space needed to complete the write task, in particular to complete the
write of the catalog segment. This avoids failed backup sessions when there is insufficient
space available to complete the current write task
• Support for Data Protector Synthetic backup and Virtual Full backup: Synthetic backup is
an advanced backup solution that eliminates the need to run regular full backups.
The File Library is disk array independent so the File Library can be deployed on a multitude of
different storage devices from a single disk, low cost JBOD, to the higher end storage arrays. The
File Library device can be located on a local hard drive, or even on a network share, as long as Data
Protector knows its path. The directory path is defined at configuration of the File Library device.
However, it is recommended to use a local disk or a FC connected disk. Disks connected via
NFS/CIFS links provide only a slow connection which also is not reliable.
There are now a number of Virtual Tape Library (VTL) devices that provide both VTL and NAS
targets. This means that the File Library device can be configured on the VTL NAS partition. Such
VTL devices can therefore accommodate the initial full, incremental and Synthetic Full backups.
The full backup is written to the VTL target device and the incremental backups are written to the
File Library device configured on the NAS partition. With this approach; the VTL provides one single
device where full, incremental and Synthetic Full jobs can be run providing easy management of
‘incremental forever’ backups.
File Depot Export & Import

One limitation of the File Library concerns the importing of media (File Depot) once the slot has
been deleted. Whilst the File Library and the respective slot are available in Data Protector, the File
Depot can be recycled, exported and imported. For example, as seen below, the slot is available
and media recycle, export and import can be performed with the File Depot available in the
following slot:
C:\File_Library\44d1914454e8d9cc850d2050013.fd

Module 7
Backup Devices
If however, the slot has been

deleted (the File Depot file itself has
not been deleted) as shown below;
then before the File Depot can be
imported, the slot must first be
added the File Library using the
Command Line Interface (CLI).
Therefore, to add the slot to the File Library, use the omnimm CLI command located in
DP_HOME\bin.
Example:
omnimm –add_slots File_Library C:\File_Library\44d1914454e8d9cc850d2050013.fd
On successfully adding the slot, it

will be listed within the File Library
slots. The slot can then be selected
and imported. This is also supported
with Distributed File Media Format
(DFMF) and using this method a File
Depot can also be added to another
File Library device (other than the
original File Library from which the
File Depot was created).

Module 7
Backup Devices
7-30. SLIDE: File Library – Configuration 1/3
File library  Configuration 1/3
• Select ‘Add Device...‘

1 1
2 • Enter ‘Device Name‘ and
3
2 ‘Description‘
4
• Select Device Type ‘File Library‘
3
• Select client on which File
4 Library is to be configured
• Click ‘Next‘ to continue

5 configuration
5
File Library – Configuration 1/3
The File Library can be easily created by using the Data Protector GUI. Within the Data Protector
GUI, select the Devices & Media context:
1. Right click Devices in the scoping pane and select Add Device....
2. Enter the Device Name and Description.
3. Using the Device Type pull down list, select File Library.
4. Using the Client pull-down list, select the associated client system on which the File
Library is to be configured.
5. Click Next to continue the configuration.

Module 7
Backup Devices
7-31. SLIDE: File Library – Configuration 2/3
• Specify and ‘Add‘ the directories for the file

6 library
8
• Select number of virtual drives, ‘writers‘
7
• Configure general properties of the
8 selected directory
Double Click open the

7 configuration window
The next configuration step is to define the directories, their properties and define the number of
writers:
6. Specify a directory or a set of directories where the File Library should reside. Manually
add the directory or use a browser (click on the Browse button) to select a directory to
be used as the container for the file depots. Multiple selections are not possible using
the browser.
If the directory is on a network share (Windows), then it must be entered manually
since browsing is not possible. The directories to be added must be on different file
systems and must exist on the disk as Data Protector will not create them. The disk on
which the File Library will reside must be visible in the filesystem.
It is recommended that the disk on which the file library resides should be local to the
Media Agent; otherwise there could be an impact on performance. It is critical that the
directory created for the file library is not deleted from the disk. If it is deleted, any
data within the file library device will be lost. At the time the file library is created it will
not contain any file depots. The file depots will be created as needed when a backup is
made to the device.

Module 7
Backup Devices
7. Specify the Number of writers to be configured with the File Library. A writer is the
equivalent of a drive. For each writer used to write data during a backup, a separate
Backup Media Agent (BMA) is started. Increasing the number of writers may improve
performance but will also consume more system resources, e.g. memory. The default
number of writers is the number of configured directories. The naming convention for
writers (drives) is <FileLibraryName>_Writer<Number>. The name cannot be changed
during the creation of the File Library. However, the name (as well as other writer
properties) can be modified once the creation of the File Library is completed.
8. The properties of each directory can be configured:

Select the directory and click the Properties button. The properties must be set for each
created directory separately. The properties can be changed any time during device
usage. Properties that can be configured are:
Maximum size of a file depot: This is equivalent to the media capacity of tapes (format size). If the
amount of data backed up in one session is bigger than this value, a new file depot will be used to
continue the backup. The default value is 50 GB.
Minimum free disk space to create new file depot: The default value is 2 MB.
Amount of disk space which should stay free on disk: The default value is 0 MB
Even if the free disk space drops below (%): An event will be triggered if the free disk space drops
below this value. The default is 10%.

Module 7
Backup Devices
7-32 SLIDE: File Library – Configuration 3/3
• Media Type default to File

9
• (Optional) Select DFMF for Virtual Full
Backup support
10 Click Next
• Check and confirm the configuration
9 using summary
11 • Click Finish
10
11
9. The Media Type can only be File when configuring a File Library.
10. Select the Distributed file media format’ (DFMF) option to enable the File Library for
Virtual Full Backup. If virtual full backup is not to be used, don’t select this option. .
11. Check and confirm the configuration. Click Finish
In the results pane, a summary of the File Library configuration is displayed. It includes the
following information:
• Directory Name: The full path to the File Library

• Total Size: The total amount of space allocated to the entire File Library device
• Used: the amount of space that is already allocated to the File Library device
• Maximum Available Disk Space for Backup: The total amount of space available to save
data in the File Library device
• Maximum File Depot Size: The maximum size of a single file depot
After the File Library configuration check and confirm the File Library properties using the summary
provided. The configured File Library will be listed in the scoping pane under ‘Devices’. The
properties of each directory and the writer can be viewed and modified in the results pane.

Module 7
Backup Devices
7-33. SLIDE: Disk Staging

License capacity per TB
Backup Concept - Disk Staging Unlimited writers (logical drives)
Backup:
• store on disk
• scheduled copy to disk or tape
• expire backup on disk after copy to tape
DA
MA
MA File
Depot
1
DA
Restore:
(1) fast restore from disk if data is still available there
(2) restore directly from tape
DA 2
MA File MA
Depot
DA Stream to tape
Disk Staging
The concept of disk staging is based on backing up data in several stages to improve the
performance of backups and restores, reduce costs of storing the backed up data and increase the
data availability and accessibility for restore.
The backup stages consist of backing up data to media of one type and later moving it to secondary
media. The data is backed up to media with high performance and accessibility but limited capacity
such as system disks. These backups are usually kept accessible for restore for a period of time
when a restore is the most probable. Single file restores are executed with an excellent
performance by disk technologies. This is very helpful for selective file restores (particularly
multiple times) where time is an important issue. No tape must be loaded and positioned, which is a
major advantage against tape. After a certain period of time, the data is moved to media with lower
performance and accessibility but high capacity for storage such as tape.

Module 7
Backup Devices
Therefore, disk staging acts as a buffer allowing media drives to operate at maximum speeds and
provide the option to do automatic data replication during off-peak hours. This technique is highly
recommended when backing up numerous small files to prevent poor transfer rates to tape drive.
The continuous backup of transaction log files for example, would not result in overhead through
media load and unload, for tape drives there is no issues with start/stop mode.
Other user cases where disk staging can provide benefits is the backup of slow clients without
multiplexing and tape-less backup of branch offices.
In the example above; we have File Library devices configured for the first stage backup and tape
devices configured for the second stage backup. The File Library writer block size must be the same
as the tape device used for the second stage backup. The data is streamed in the first stage to the
File Library and stored with a data protection period that will not expire before the objects are
copied to the tape. The data will then remain in the File Library for the period of time where a
restore is most probable. Once this period of time has passed the data is scheduled to be streamed
from the File Library to the tape device using the object copy functionality. Once the object copy is
completed the data can be removed from the File Library and the data can be restored directly from
the tape.

Module 7
Backup Devices
7-34. SLIDE: Device tools: Devbra, uma
Device tools
Devbra
uma
devbra -device uma –ioctl scsi3:0:1:0
Device tools: Devbra, uma
Data Protector provides tools that can be used to determine that a device is connected, visible and
configured correctly with the operating system. Three tools that can be used to determine a device
is ready to be configured in Data Protector:
• Device Browser (devbra)
• Utility Media Agent (uma)
• SANConf
Note: It is recommended to use these tools before configuring the devices in

Data Protector to determine that device is accessible and operating correctly.
Device Browser (devbra)

The Device Browser (devbra) is a program that is available on all Data Protector Media Agent
systems and is located in the following directory:
Windows: DP_HOME\bin
UNIX: DP_HOME/lbin
To start it from CLI run:

CLI: devbra –dev

Module 7
Backup Devices
When executed, devbra will scan and discover all the devices that are connected and visible to the
local Media Agent system. The result of the scan is then displayed.
Devbra reports details on both robotics (listed as Exch) and drives (listed as Tape). The SCSI path of
the discovered devices is included in the output. Once the device paths are known, the robotic paths
can be tested using the Data Protector Utility Media Agent (uma) to determine operational status.
Utility Media Agent (uma)

The Utility Media Agent (uma) is also a program available on all Data Protector Media Agent
systems and is located in the following directory:
UNIX: DP_HOME/lbin
The Utility Media Agent (uma) is used for tape library management and can also be used as a tool
for testing library robotic operations (such as moving media between drives and slots within a
library). The output from devbra can be used for identifying the device path to use with the uma ‘–
ioctl’ parameter as shown in the following example.
Note: The Utility Media Agent (uma) only works with the library robotic and will only
work with a robotic (listed as Exch/Changer in devbra)
You cannot use uma in combination with a tape SCSI path.
Using uma to manipulate the library robotic provides confirmation that the SCSI path is correct,
available and the library can be configured with Data Protector. Once testing with uma is completed

Module 7
Backup Devices
it is recommended to return all the media used to test the robotic back to the library repository,
there should be no media left within the library’s tape drives.
Locate the device path for the tape library robotics (media changer) via devbra.
Invoke the utility media agent to interact with the tape library (load/unload tapes, status inquiry,
etc.):
CLI: uma –ioctl <robotic device>
Execute uma commands to test library operations
help list all commands

stat SCSI element status (Transport, Export, Drives, Slots)
inq SCSI inquiry
move <from> <to> move media from element to element

Module 7
Backup Devices
7-35. SLIDE: Device tools cont.: SANConf, LTT
Device tools (cont)

Library & Tape Tools (LTT)
• Verify that the library is healthy,

installed and connected correctly
• Verify robotic and tape drive
sanconf –list_devices operations
• Device identification
• Troubleshoot library, drive and media
problems
• Performance Testing
• Firmware Management
SANConf
• Discover all connected tape devices in

a DP cell (and whole MoM)
• Internally used by DP for Device
Autoconfigure
LTT GUI
Device tools cont.: SANConf, LTT
SANConf
The sanconf tool is a command line utility that is available on the Data Protector Cell manager
system that can be used to scan, discover and configure all the devices within the Data Protector in
SAN environments in single Data Protector cells as well as in Manager of Manager (MoM) multi cell
environments using the Centralized Media Management Database (CMMDB). It can automatically
configure a library within a SAN environment by gathering information on drives from multiple
clients and configuring them into a single library.
The sanconf command can be run on the Data Protector Cell Manager or on Data Protector clients.
It resides in the following directories:
UNIX: DP_HOME/lbin
The following tasks can be performed using the sanconf command:

• Scan the specified Data Protector clients, gathering the information on SCSI addresses of
drives and robotic controls connected to the clients in the SAN environment.
• Configure or modify settings of a library or drive for given clients using the information
gathered during the scan of Data Protector clients.
• Remove drives on all or the specified clients from a library.

Module 7
Backup Devices
The example on the slide shows the output of the sanconf –list_devices command executed from
the Cell Manager. The output provides a summary of all available local and SAN attached devices
within the Data Protector cell. This information can then be used to verify that Media Agents
systems have the correct access to the desired devices prior to device configuration.
Library & Tape Tools (L&TT)
HP Library and Tape Tools is a tool for managing HP libraries and tape drives. L&TT is a collection of
storage hardware management and diagnostic tools for tape, tape automation, and archival
products. L&TT assembles these tools into a single, convenient program. It is available to download
for no charge from the following URL:
http://www.hp.com/support/tapetools
In addition, further information regarding L&TT and the L&TT User Guide can be found at the above
URL.

Module 8 — Media Management
Objectives
• describe the concepts of Media Management in HP Data Protector
• configure Media Pools and assign Media to it
• exchange Media with different Data Protector cells via Media Export/Import
• implement Vaulting using multiple Media Pools
Contents
Module 8 — Media Management 1
8–3. SLIDE: The Media Pool ............................................................................................................... 2
8–4. SLIDE: Media pool properties - General .................................................................................... 5
8–5. SLIDE: Media pool properties - Allocation 1/2 .......................................................................... 7
8–6. SLIDE: Media pool properties - Allocation 2/2 .......................................................................... 9
8–7. SLIDE: Media pool properties - Condition factors ................................................................... 11
8–8. SLIDE: Media pool properties – Media pool usage .................................................................. 13
8–9. SLIDE: Media pool properties – Media pool quality ................................................................ 14
8-10. SLIDE: Creating a Media pool 1/4 ........................................................................................... 15
8-14. SLIDE: Free pool concept ........................................................................................................ 19
8-15. SLIDE: Multiple free pools ...................................................................................................... 21
8-16. SLIDE: Free pool properties .................................................................................................... 22
8-17. SLIDE: Create a Free Pool ....................................................................................................... 24
8-18. SLIDE: Medium Properties ...................................................................................................... 25
8-19. SLIDE: Location Tracking and Priority .................................................................................... 27
8-20. SLIDE: Media Management actions ........................................................................................ 28
8-21. SLIDE: Formatting Tape Media ............................................................................................... 30
8-22. SLIDE: Media Export & Import 1/2.......................................................................................... 33
8-23. SLIDE: Media Export & Import 2/2.......................................................................................... 34
8-24. SLIDE: Vaulting with Media Pools ........................................................................................... 36
Module 8
Media Management
8–3. SLIDE: The Media Pool
Media pools
library features protection features

• logical organization of media • media labelling
• online catalog • media duplication
• location tracking • media condition monitoring
• barcode labelling
media - named group of media

pool
- media allocation policies
- stored in the MMDB
- is a device property (default)
- may be assigned per backup
The Media Pool
Data Protector offers more than just a mechanism for backing up data, it provides the user with a
powerful mechanism to manage the backed up data through a set of Media Management function
and stores the all media management related information in the Media Management Database
(MMDB), an important part of Data Protectors Internal Database.
Media Pool
Data Protector organizes backup media into Media Pools. The Media Pool is simply a logical
collection or grouping of media within the Media Management Database (MMDB).
Media pools organize media that are of the same physical type (LTO-Ultrium, T9940, Exabyte, etc.)
or media that are related in some way and share similar usage requirements.
Media Pool Examples

The use of pools depends entirely on your preferences. For example, pools can be defined using
criteria such as:
• Weekly Full Backups (protected for 8 weeks)
• Daily Incremental Backups (protected for 4 weeks)
• Daily Database Backups (protected for 6 weeks)
• Vault (for organizing tapes that are in the fire safe storage location)
• System platform (one pool for UNIX systems, and another one for Windows systems)

Module 8
Media Management
• Per system (every system has its own pool)

• Organizational structure (all systems in department Alpha have a pool, and systems in
department Bravo have another pool)
• Database backups pools such as an PROD01 pool for Oracle Database backups
• Archive Log backup pools for SAP or Oracle archive log backups
• IDB pool (used exclusively for backup of the Data Protector Internal Database)
• Disaster Recovery (must be non-appendable for some DR types)
• Create a “bad tape pool” for moving tapes into if they become poor in quality. The pool would
be read-only, and the poor tapes would be exported when data was copied to a good tape to
replace the bad one.
• Combinations of the above criteria, and more.
Note: A simplified way to think about media pools is to view them as a destination for
backup, while considering the devices to be the transfer mechanism between the
data and the media pools.
It is also possible to have all backups share the same single media pool. This approach has certain
disadvantages. The quantity of media in the pool may be too large, and managing the pool may be
difficult. It would be difficult to verify that you have sufficient media in the pool to complete all the
backups that utilize it (as each backup has a different requirement).
Grouping media used for similar kinds of backup into a Media Pool allows you to apply common
media handling policies on a group level. In this case, you will not have to bother with each medium
individually. All media in a pool are tracked as one set and have the same media allocation and
usage policies.
Library Features
Media residing within the tape libraries managed by Data Protector are tracked in the MMDB. Data
Protector offers several features for library media management.
• Logical Organization of Media

Media within the tape library are utilized evenly according to age. Data Protector sorts the media
according to usage and assigns allocation numbers to each usable tape. Media are then used
according to the allocation number that is assigned.
• Online Catalog
Data Protector maintains a database record of all the data that has been backed up along with the
media used to perform the backup. When it is necessary to restore data, the on-line catalog can be
browsed to locate the file to be restored and to find the candidate backups that could be used. The
media database stores tape location as well as file position on tape.
• Location Tracking
Once a backup has been performed, the media usually is moved physically from one location to
another, for example to offsite storage or a fire-safe. Data Protector can keep track of the physical
location of the media by use of predefined vaulting locations.

Module 8
Media Management
In addition to tracking external changes to the media locations, Data Protector stores the current
physical location of media. When a tape is inserted into a Logical Device, and then accessed by Data
Protector, the device repository is stored in the database. This media tracking provides for quick
access to known tapes. This device repository feature is available for tape library as well as
standalone devices.
Barcode Labeling
Media, located in a virtual or physical Tape Library are using Barcodes as labels for faster
identification. It is possible to use the assigned barcode of a medium as name/label of the same
medium in Data Protector to simplify the media management work.
Protection Features
Beside protecting the data that is stored on the media from overwrite Data Protector offers also
Media Protection features. The most important ones are listed below:
• Media Labeling
Data Protector media contains header information that enables the media usage to be tracked and
controlled. Each new medium to must be initialized with the Data Protector header which will
contain a unique medium id. Whenever a medium is used, it is first verified (by the header) to be the
correct medium for the designated session, whether for backup, restore, or copy. After a session
completes the header information is again verified.
• Media Duplication
For extra security, it may be necessary to have multiple copies of a particular backup. For example,
if the data were being changed in some way, or removed after the backup has taken place, the only
place that the original data would reside is on the backup media.
In this situation, it is desirable to have multiple copies of the backup available in case there is a
fault with the original copy or it is somehow lost. Data Protector provides several methods for
media and object level duplication. See the “Media Management and Replication” and “Object
Consolidation” modules for more details.
• Media Condition Monitoring

The key to performing successful backups is to use good quality media. Data Protector assists with
this by tracking the condition of the media, based on three criteria:
• The number of times the media has been used
• The age of media
• I/O errors that have occurred while accessing the media
A Medium that has exceeded the thresholds for one of the above listed criteria is not allocated for
backup.
Note: Data Protector Media Management was initially developed for the daily work with physical
media. In environments with mainly disk based backup devices some features make no
sense anymore (Number of overwrites, Medium export/import). In order to provide an easy
and consistent Media management, disk and tape based media are handled in the same
way, but tape media related settings are safe to ignore for disk based media.

Module 8
Media Management
8–4. SLIDE: Media pool properties - General
Media pool properties - General

Max 32
characters
Max 64
characters
properties
Supported Media Types
Media allocation
Media conditions
Usage
Quality
Media pool properties - General
Media Pool properties are defined at the time when a media pool is created and can be partly
modified any time later. The name for the pool can contain up to 32 characters, spaces are allowed
but not suggested (complicates scripting, etc). The description field is optional, limited to 64
characters and may be used to convey a purpose or usage characteristics for the pool.
The media type is selected when the pool is created and is not modifiable. To change the media
type of a pool you must first delete the pool and then re-create it.
The Allocation Policy as well as the Usage Policies may be altered for new or existing pools. The life
expectancy and number of overwrites should be set according the media manufacturer's
recommendations. Data Protector simply provides a default value based upon the media type.
In addition to being a logical container for your media, a Media Pool is configured so that the media
within the pool exhibit particular characteristics. These characteristics depend on the properties
and policies that you have set for the Media Pool.

Module 8
Media Management
Media Type
This defines what type of media the pool may contain; a pool may contain only one type of media.
The currently supported media types are:
• AIT • SAIT
• CSF-R • SD-3
• DDS • SuperDLT
• DLT • T10000
• DTF • T3480/T4890/T9490
• ExaByte • T3590
• File • T3592
• LTO-Ultrium • T9840
• Optical • T9940
• QIC • Tape
NOTE During Data Protector installation default pools for all media types were created
(Default DDS, Default DLT, ..). It is safe to delete those default pools and create
customized pools for the Media types that are available in your backup
environment.
Pool Name and Description can be changed afterwards, but changing Media type is not possible. In
order to change the Media type you need to delete and recreate the pool.
Fixed Media Type

Module 8
Media Management
8–5. SLIDE: Media pool properties - Allocation 1/2
Media pool properties – Allocation 1/2
1. Media usage policy
how new backups are added to already

used media and influences which media
are selected for backup
appendable
• multiple backups can be appended to the same medium
• very useful when backing up small amounts of data very often
properties
• media that are most full, but still has spare capacity will be used
non-appendable
• Medium is used for just one backup Media conditions
• Medium that has been used the least number of time is chosen
Usage
appendable on incrementals only
• same as appendable, except only incremental backups can be Quality
appended to existing backups
Media pool properties - Allocation 1/2
Data Protector picks up media from a pool in a certain order, which is determined by the defined
Media usage policy and the Media allocation policy. Those policies need to be configured for each
pool and depend on used Media type and purpose of the pool
The Media usage policy defines how new backups are added to already used media and influences,
which media are selected for backup. There are three media usage policies available to choose
from:
• appendable
• Non-appendable
• Appendable on incrementals only
Appendable
This enables Data Protector to append multiple backups to the same piece of media. This can be
very useful when backing up small amounts of data throughout the day, for example Database
Archive Logs.
When using this policy, Data Protector will request a medium that has the most data on it but is not
full and by checking the Media allocation policy (See Media Allocation Policy).

Module 8
Media Management
When a backup is performed, it is directed to a specific media pool via the Logical Device selection,
ether using the default pool from the specified Logical device or using a dedicated media pool that
was assigned to the Logical device for a particular backup job.
Data Protector will choose the particular media to be used from this pool based on certain factors.
If the media pool allocation policy is appendable, the media that is the most full, but still has spare
capacity is used. Ideally, Data Protector wants to fill up existing media before going on to use
empty media. This policy will save generally be less expensive in terms of media cost, but will not
allow for easy tape rotations. Data Protector will continue to request the medium until it is filled.
Note If the media pool allocation policy is appendable and the backup requires more
than one medium, only the first medium used can contain backed up data from a
previous session. Subsequently, Data Protector will use empty or unprotected
media only.
Non-Appendable
If the media pool is non-appendable Data Protector will always write to a media from the
beginning. Data Protector will request a media with none or expired protection that has been used
the least amount of times (See Media Allocation Policy).
In this way, Data Protector ensures even wear across all media, rather than the same tape being
used each time. This may make media more reliable due to less wear as a result of fewer loadings.
To make the selection visible to the user Data Protector assigns an allocation number, also called
an Order number to a media. The allocation/order number is viewable from the Media Management
GUI; select the Device & Media context, right click on a media pool, select properties. Data Protector
will pick up the media with the lowest Order number (1)
Appendable on Incremental Only

This is the same as non-Appendable except that only incremental backups can be appended to
existing backups. For example, you could perform a full backup to a new media and append only an
incremental backup to it but not another full backup. Full backup will always begin on an empty or
non-protected medium.

Module 8
Media Management
8–6. SLIDE: Media pool properties - Allocation 2/2
Media pool properties – Allocation 2/2
2. Media allocation policy
defines the order in which media are

allocated within a media pool
strict
• allocation order enforced
properties
• even media usage enforced
• could result in more mount requests
Media conditions
loose
• allocation order not enforced Usage
• even media usage not enforced
Quality
• fewer mount requests
Media pool properties - Allocation 2/2
Media allocation policy defines the order in which media are allocated within a media pool. There
are two different options in Data Protector:
• Loose allocation
• Strict allocation
The loose policy defines that even while Data Protector will request a particular medium; it still
accepts an alternative that is available for use, so the overall number of mount requests is reduced.
The strict policy determines that the medium Data Protector requests must be used. Allocation
order is “strictly enforced”, which might result in more mount requests. In addition the media needs
to be formatted, unformatted media are not used.
Using a media pool with strict policy

allows the configuration of a Pre-
Allocation list for selected backup
specifications to have full control over
which media are used in which order
during a backup job.

Module 8
Media Management
The most commonly used setting is loose because it is more forgiving. Loose is also required when
you want the ability to use a new, unformatted medium.
Allocate Unformatted Media First

Before Data Protector can write a backup to a tape, it must be formatted. Media can be pre-
formatted or Data Protector can initialize it on demand at backup time. This feature is designed to
work with tape libraries, and has no applicability to standalone devices. File media for file libraries
are always initialized on demand.
The setting of this feature causes Data Protector to initialize and use blank media in preference to
media that is already initialized (less number of overwrites). Tape libraries loaded with new media
must be scanned (barcode scan) prior to using this feature to allow Data Protector to identify where
the un-formatted (media are located.
There are prerequisites to using this feature:
• the allocation policy set to loose

• the media type is File (requires no global option changes)
• the InitOnLoosePolicy option is enabled within the DP_CONFIG/options/global file
# InitOnLoosePolicy=0 or 1
# default: 0
# This option is used by Backup Session Manager. When using
# loose policy media checking this option is checked if the
# Session Manager should automatically initialize new media. initialize new
media
Use the Free Pool – Move Free Media to the Free Pool
The free pools are special media pools that are automatically created by Data Protector and
contain free unprotected media that can be used for backups by all the media pools that share the
same free pool. Once the option Use the Free Pool is selected select a free pool from the list or
type in a new name for a free pool that will be created.
If the option Move Free Media to the Free Pool is selected, all free media from the pool are moved
out to the specified free pool after clicking on OK
See the “Free Pool” topic later in this module for more details.

Module 8
Media Management
8–7. SLIDE: Media pool properties - Condition factors
Media pool properties - Condition factors
Condition factors
define how long media are reliable for

backup and is tracked in two different
ways:
• Time in months (36)
• maximum medium overwrites (250)
properties
Based on defined settings
tape are graded as :
Media conditions
Usage
Quality
Media pool properties - Condition factors
Media Condition factors define how long media are considered as reliable for backups. There are
two Media Condition factors in Data Protector:
• Valid for # Month

• Maximum overwrites
Check the recommendations from the media vendor on how to set these condition factors.
Valid For # Months

When media is first initialized for Data Protector usage, the length of time that the medium is
considered “good quality” is set. The maximum age of the media is expressed in the number of
months. When the media reaches this age, it is marked in the Media Pool as Poor and will not be
used again for further backups. Tapes reaching 80% of the number of months are marked as Fair.
Maximum # of Overwrites
In addition to the number of months that a medium is to be considered valid, the number of
overwrites can also be configured. Again, when this threshold is reached the media is marked Poor.
Tapes reaching 80% of this threshold are marked as Fair.

Module 8
Media Management
NOTE Both, the age and overwrite fair thresholds may be altered via the MMFairLimit
parameter in the DP_CONFIG/options/global file. Eighty percent is the
default threshold for fair quality marking.
# # MMFairLimit=PercentageOfPoor
# default: 80
# This limit is used for detecting "Fair" (almost "Poor") media.
# When a medium exceeds a specified percentage of limit
# specified for "Poor" media (this limit can be set for each
# pool), it is marked as "Fair". Data Protector Media Management
# uses such ("Fair") media only if there is no "Good" media
# available.
Media that are marked as Poor should not be reinitialized and registered as a new medium
unless the poor condition was as a result of a tape drive failure and the media was
accidentally set to poor. In this case the tape quality may be verified by scanning and/or
verifying the tape (see OLH for Object Verification).
Media Pool Inherits Free Pool’s Media Condition Factors

When a media pool is configured to use a free pool, it must relinquish its ability to configure its own
media condition factors. Instead, the media pool will automatically inherit the free pools’ media
condition factors.
In such a scenario the media pool’s media condition factors are simply greyed out and align with
that of the free pools, as shown below.
Media Condition settings inherited from associated Free Pool

Module 8
Media Management
8–8. SLIDE: Media pool properties – Media pool usage
Media pool properties - Media pool usage
Media pool usage
pie chart displays following estimated

space in the media pool
- free space
- used space
properties
Media conditions
Usage
Quality
Media pool properties – Media pool usage
The pie chart displays estimated free space and used space in the media pool.
This pie chart does not show the free disk space available for media pools created for file library
devices. To get this information, you need to use operating system tools on the system where the
file library device was defined. For example, bdf (HP-UX systems), df -k (other UNIX systems), and
Explorer -> Properties (Windows systems).
Data Protector’s File Library media pool by default has a Non-appendable media usage policy. The
media pool's free disk space will always be indicated as 0%, even if there is enough free space
available.

Module 8
Media Management
8–9. SLIDE: Media pool properties – Media pool quality
Media pool properties - Media pool quality
Media pool quality

pie chart displays quality of medias:
- good
- fair
- poor
of the entire pool
properties
Media conditions
Usage
Quality
Media pool properties – Media pool quality
The media quality in a media pool determines the overall quality of the media pool.
A Data Protector medium condition can be either of the following three:
1. Poor
Media errors (read/write errors) detected or media condition factor limits specified for the
media pool have been exceeded. Data Protector will not use media in poor condition for
backup.
2. Fair
Media which exceeds 80% (default), i.e., 81 to 100%, of the specified lifetime/usage limits.
The default percentage can be changed through the global variable MmFairLimit (see
previous chapter). Media in condition Fair are used in the same way as media in condition
Good
3. Good
All media, that is not in condition Poor or Fair.

Module 8
Media Management
8-10. SLIDE: Creating a Media pool 1/4
Creating a Media Pool 1/4
• go to Devices & Media

1 1. context
• expand Media
2.
• right click Pools

3.
2 • select Add Media Pool

4.
4
CLI:
omnimm –create_pool <name> <type> <policy> <age> <overwrites> <options> …
Creating a Media pool 1/4
Media Pools can be created via the GUI or via CLI by using the omnimm command. Data Protector
provides a set of default media pools, one for each media type. To create a media pool using the DP
GUI, follow the steps:
1. in the Context List, click Devices & Media
2. expand Media in the Scoping Pane
3. right-click Pools
4. select Add Media Pool to open the Media pool creation wizard
The following slides will further explain the Media pool creation wizard.
It is also possible to create a Media pool from the CLI. Using the CLI offers several possibilities for
automation. The following example creates a media pool called MSL04_DailyBkps of type LTO-
Ultrium as an appendable, loose pool with a media usage policy of 36 months and 250 overwrites
and free pool usage:
CLI: omnimm –create_pool <name> <type> <policy> <age> <overwrites> <options
Example:
omnimm -create_pool MSL04_DailyBkps LTO-Ultrium App+Loose 36 250 -free_pool
Pool MSL04_DailyBkps successfully created.

Module 8
Media Management
• enter a pool name in the

5. Pool Name field
5
6 • give a description in the
6. Description field
• select the Media Type

7. from the drop-down menu
7
• click Next
8 8.
On the first page of the wizard specify the Pool Name, an identifier with a maximum length of 32
characters. Enter a Description for easier identification of the pool, up to 80 characters in length.
Next select a Media Type from the list.
Beside other purposes this information is used to calculate the free space of a media and can be
used for capacity planning. The default capacity of supported media types is listed in the Data
Protector global file and can be overwritten or updated if required. See Media Class parameter
MC_x in the global file for details.
Note Free space calculation based on Media Type is used for reporting purposes only.
Data Protector is always writing to the end of a tape (EOT flag) and does not stop
writing at the specified capacity value.

Module 8
Media Management
• select a Media Usage Policy

9.
9 • select a Media Allocation Policy

10.
10 • Optional: If Loose allocation is used select option

11. Allocate unformatted media first
11
• Optional: Select Use Free Pool and type in a name for
12 12. a new free pool or pick up an exiting one
13
• Optional: Move free media to free pool gets
13. automatically checked if Use Free Pool is marked
14 • click Next
14.
On the next page of the wizard configure the Allocation Policies, such as Usage and Allocation.
• Available options for Usage are:

Appendable, Non-Appendable and Appendable on Incrementals only
• Available options for Allocation are:
Loose and Strict
For details see previous chapter 8–5. SLIDE: Media pool properties – Allocation 1/2
In case Loose allocation is picked up the grayed out option Allocate unformatted media first
becomes available for selection. If option is checked Data Protector prefers unformatted media like
new media that were added to the library repository before it will pick up any free Data Protector
media for planned backup, copy or consolidation operations. Data Protectors Media Management
supports the creation of a Free Pool, a special pool that collects all free Data Protector Media of the
same Media Type and serves free media to production pools on demand. Check the option Use free
pool if this pool should participate in that service. As an optional feature all media with expired
protection can be automatically moved to the specified free pool with option Move free media to
free pool.

Module 8
Media Management
• calibrate the length of time that the media

is considered to be usable by Data Protector
15.
• calibrate the number of overwrites, after

which the tape is marked to be Poor Quality
16.
15
• Optional: Click Set to Default to reset
values to the selected tape family defaults
17.
17
• click Finish
18.
If free pool was

selected (earlier),
then the media pool
will inherit the free
pool media condition
factors
On the last page of the wizard Media Condition Factors can be configured that define how long a
media is reliable for backup, copy or consolidation operations Parameter Valid for (Months) define
how long media should be used in production after media was formatted for Data Protector
If the protection of a media expires the media can be re-used for new backups, copy or
consolidation tasks. The existing data on the media will be overwritten. How often such media can
be re-used is defined by the Maximum overwrites parameter.
Within the global file DP maintains default settings for each media type – see MC_x entry.
Pressing the Set to Default button will overwrite the current settings with the entries from the
global file.
Example:
If only LTO4 technology is used and company policies allow only 120 overwrites and maximum media age
of 24 month the default global entries for LTO (Media Type 13) can be updated with the following line :
# MC_13=<Visible> <AgeLimit> <MaxOverwrites> <Capacity KB> <Concurrency>

MC_13=1 24 120 1677721600 5

Module 8
Media Management
8-14. SLIDE: Free pool concept
Free pool concept

Optional feature
Pool-1
Free Pool
de-allocate
allocate
Pool-2
de-allocate
allocate
Default: 1/day
(configurable via
global option parameter
FreePoolDeallocFreq)
Free pool concept
Data Protector supports the use of a shared Free Pool of unprotected media. These “free” tapes
may be newly formatted or have expired backups on them. Each media pool with the “Use the free
pool” option enabled and pool selected will allocate media from the designated free pool as
needed for backup operations. Media will move from the free pool to the pool associated with the
device used for backup.
Media Pool Properties

All media pools using the Free Pool feature will have condition factors that are inherited from the
free pool to ensure consistency. This implies that all pools that share a set of tapes will use the
same condition factors of age and overwrites; this is best for media pools of the same type
regardless of the use of the Free Pool.
The media pool allocation and usage policies will be established by properties of the regular media
pools, as free pools do not have such policies available. Tapes that exist in the free pools are not
used for backup until allocated and moved to a regular media pool.

Module 8
Media Management
Allocation and De-allocation

When additional tapes are needed for backup, Data Protector will move them from the free pool
into the media pool associated with the backup. This tape movement is called allocation.
When the protection of the data on a tape expires, Data Protector may automatically de-allocate
the tape and return it to the free pool. This feature is controlled by a second media pool property in
the GUI called “Move free media to free pool.” If this option is not enabled unprotected media may
be manually moved to the free pool.
Automatic De-allocation
The de-allocation process occurs periodically during the day. The frequency of the de-allocation is
controlled by the “FreePoolDeallocFreq” parameter in the global file. The default frequency is
once per day and occurs at 00:00 (midnight). The parameter “FreePoolDeallocFreq” is set to one
by default, but may be set as high as 96 to produce a 15-minute de-allocation frequency. When the
frequency is set greater than one, the first de-allocation occurs at 00:00, and then the day is
divided according to the frequency specified. As an example, a frequency of 3 causes de-allocation
at 00:00, 08:00 and 16:00.
Manual De-allocation
The de-allocation of expired (non-protected media) may be accomplished at any time by using the
command:
CLI: omnidbutil –free_pool_update
NOTE The omnidbutil command is available only on the Cell Manager as it is not part of
the command line part of the Cell Console. On the Unix Cell Manager the command
is in the DP_HOME/sbin directory; on the Windows Cell Manager the command is in
the DP_HOME\bin directory.

Module 8
Media Management
8-15. SLIDE: Multiple free pools
Multiple free pools

each media pool may have its own free pool
Free Pool – LTO4
Media Pool – LTO4
de-allocate
allocate
Media Pool – LTO5 Free Pool – LTO5

de-allocate
allocate
Media Pool – LTO5 de-allocate
allocate
Multiple free pools
Free pools are designed to allow media sharing between pools of the same media type.
It is recommended to put media of the same physical type into a sharing arrangement; such as LTO-
5 media shared between two pools that are associated with LTO-5 tape drives.
In addition it is recommended that each physical library got its own free pool configured to ensure
that all requests for free media from local production pools are served by local media that are
physical located in the same library.

Module 8
Media Management
8-16. SLIDE: Free pool properties
Free pool properties

Free pool
contains only • a free pool contains unprotected media;
Condition either newly formatted or expired tapes, but never unknown or
tab blank media
• free pool cannot be deleted if it is linked to a regular media pool or
if it is not empty
• free pools do not have media usage or media allocation policies,
but own media condition settings
• free pools enforce their media condition factors to all regular
media pools subscribing to its services to ensure consistency, so
those regular media pools that share a set of tapes will use
identical media condition factors, i.e., age and overwrites
Note:
A protected medium can never be part or moved to
a free pool; also not by a manual operation!
Free pool properties
A free pool possesses the following properties, it:

• contains only free Data Protector media (no unknown or blank media). Free media is media
in Good condition but with no currently protected objects. Also, it can contain newly
formatted media
• cannot be deleted if the free pool is linked with a regular media pool. If you tried to remove
a free pool that is still in use by other pools, Data Protector throws the following error:
To remove the free pool, determine which regular media pools of particular medium type
are still using this free pool. You will be able to delete the free pool after de-linking it from
each of the (compatible) regular media pools which it was servicing.

Module 8
Media Management
• cannot be deleted if the free pool is not empty. On trying to delete a free pool filled with (at
least one medium) media, DP throws the following error:
After moving out all media from the free pool, it can be deleted.
• is different from a regular pool as it cannot be used for allocation because it cannot hold
protected media. Consequently, allocation policy options (Strict / Loose, Appendable/Non-
Appendable) are superfluous and therefore not available.
Tapes that exist in the free pools are not used for backup until allocated and moved to a
regular media pool.
Free pool imposes its media condition factors on regular media pools
All media pools configured to use a particular free pool will have surrendered their individual media
condition factors in support of a uniform set of media condition factors imposed by the free pool.
This ensures consistency across all regular media pools from a media condition point of view. In
other words, all regular media pools that share a set of tapes will use the same condition factors of
age and overwrites; this is best for media pools of the same type regardless of the use of the free
pool.
If a free pool contains media with different data format types, Data Protector automatically
reformats allocated media if necessary. This is especially true in case NDMP media—that feature a
different data format--may be reformatted to Data Protector media. To enable such an automatic
behavior, set the global ReformatFreePoolMedia to 1. Its default value is already 1, so
setting it to 0 disables this feature.
Protected media cannot be moved to a free pool

Data Protector does not move any protected media to a free pool, because a free pool can contain
only free (unprotected) media. Even, if you tried to manually move protected media to a free pool,
the following error will be displayed:
To move a protected medium to a free pool, first remove medium protection, i.e., recycle the
medium.

Module 8
Media Management
8-17. SLIDE: Create a Free Pool
Creating a Free Pool
• go to Devices & Media

1. context
1
• expand Media
2.
• right click Pools

3.
• select Add Free Pool

4. and follow the wizard*
2 4
CLI:
omnimm –create_free_pool <name> <type> <policy> <age> <overwrites> <options> …
* Not shown here, because its identical to the previously shown setup of a regular media pool
Create a Free Pool
There are two ways to create the free pool within the Data Protector GUI:
• Automatically during the initial request to use the pool (along with the regular pool).
When the “use free pool” option is specified, simply enter a name for a new free pool in
the adjacent field.
• Manually in advance of requesting to use the free pool
The Add Free Pool option is used to manually create a Free Pool as required. The manual
creation of a Free Pool is pretty similar to the creation of a regular media pool. For the manual
creation, the following steps are required:
1. Create Free Pool with the “Add Free Pool” option, which will start the Free Pool
configuration wizard
2. Set Free Pool general options, such as Pool Name, Description and Media Type
3. Set Free Pool conditions, such as maximum age and number of overwrites.
In order to create a Free Pool from the command line omnimm can be used:
CLI: omnimm –create_free_pool <name> <type> <policy> <age>

<overwrites> <options>

Module 8
Media Management
8-18. SLIDE: Medium Properties
Medium Properties MMDB tracks

medium details
Info Usage
Medium is DP internal
identified by Medium-
General ID, external also
Description/Label can
be used
Objects
Backed up
objects
stored on the
medium
Medium Properties
Medium properties can be accessed in a few ways. The easiest way is to right click the medium and
click on Properties, as shown in the left hand section.
There are four tabs arranged next to each other

in the medium properties page, as illustrated by
the various screenshots in the slide above.
After tape medium is formatted, it should not

be formatted again. Data Protector tracks
usage and quality information regarding the
tape in the Media Management Database.
Formatting a medium more than once resets
the quality information stored thus rendering it
meaningless. If the session information stored
on a medium is not required (and it is still
protected) use the recycle feature to remove
the protection to allow the medium to obtain a
new allocation sequence number and
eventually be overwritten.

Module 8
Media Management
NOTE Media can only be exported if the sessions it contains are no longer protected or a
recycle has been performed to remove the protection.
Data Protector stores information about each medium based on the Medium ID.
The following information is available within the GUI by

selecting a medium within a media pool: (see tab)
• Initialization date/time (Info)
• Last access date/time (Info)
• Last Write date/time (Info)
• Last overwrite date/time (Info)
• Session type (Info)
• Quantity of medium writes (Info)
• Quantity of medium overwrites (Info)
• Number of write errors (Info)
• Write protection for the medium (Info)
• Objects stored on the medium (Objects)
• Capacity (Usage)
• Associated copies (Copies)
In addition to the GUI, there are several queries that may be issued from the command line to
obtain the media details shown above. The primary command for media information is the omnimm
command.
Command Examples for Media Information Description
omnimm -show_pools Display a list of media pools

omnimm -list_pool "Default File" Display the contents of a pool
omnimm -list_media "Default File_9" Display summary info for a medium
omnimm -list_media "Default File_9" -detail Display detail info for a medium
omnimm -media_info "Default File_9" Display summary id info for a medium
omnimm -media_info "Default File_9" -detail Display detail time info for a medium
omnimm -catalog "Default File_9" Display object list for a medium

Module 8
Media Management
8-19. SLIDE: Location Tracking and Priority
Location Tracking and Priority
Edit
Locations are stored in: location priority

for restore
<DP_CONFIG>/vault_locations operations
Location Tracking and Priority
Media locations are used by Data Protector to assist in tracking media that are resident or not
within a tape library. Media locations should be created by the Administrator (as shown above) and
should reflect the available media locations in the company. Created locations are stored in the
vault_locations configuration file, an ACSII file, located directly in the <DP_CONFIG> directory.
Defined location entries are shown in the Locations folder within the Devices & Media Context above
Media Pools. The <EMPTY> location is used for media that are not assigned to a specific location.
Each medium should have the location property adjusted whenever the medium is moved. Use the
“Change Location” action after selecting the desire medium.
Restore Priority
Each location can get a Location priority assigned. If a media location priority is set, Data Protector
will use the media set with the highest priority (priority 1 is the highest, priority None is the lowest)
if more than one media set equally matches the conditions of the media set selection algorithm
(e.g. original media set and copy media sets of the same data exists). The location priority based
automated media set selection (AMSS) can be manually overwritten at restore time.

Module 8
Media Management
8-20. SLIDE: Media Management actions
Media Management actions
format
media pool Media are
actions
added to import
pools by
the
following copy
medium
actions
actions
move to pool
Media Management actions
Data Protector provides the following Media Management actions for media pools:
Format Initialize a new medium, prepare it for Data Protector use by writing a
header to the tape and registering it in the MMDB.
Import Read the header and detail catalog information from a tape. The tape may
be from a different cell or may have been exported from the current cell.
Delete Removes an empty media pool. Delete media in pool first. This is useful for
removing the Default pools that are not needed.
Select Media Search a Media Pool for specific media.

Useful when a pool contains a large number of media.

Module 8
Media Management
Data Protector provides the following Media Management actions for media within media pools:
Export Delete an unprotected medium from the media management database. Tape
may need recycling to remove protection. The contents of the tape are
unaffected.
Change Alter the vaulting location string associated with a tape. The tape does not
Location need to be in a device for this operation.
Recycle Remove all of the protection from the data that is backed up on the selected
tape. The tape does not need to in a device for this operation.
Move to pool Change the pool that a particular tape(s) is assigned to. The tape does not
need to be in a device for this operation.
Copy Replicate a tape. Two devices of the same type and a blank tape are required.
This uses the omnimcopy functionality for duplicating a single tape.
Verify Read the tape header and verify that it is written in Data Protector format.
The data may also be verified if the tape contains CRC blocks. Note that this
operation checks the whole media, while Object verification under Object
Operation performs validations checks on an Object level.
Import Catalog Recover the detail catalogs from a tape that is still in the database but
without its detail catalog. The detail catalog is automatically purged from the
database when it expires. Protection levels are assigned by the backup
specification.

Module 8
Media Management
8-21. SLIDE: Formatting Tape Media
Media Format
• each Data Protector medium (physical or virtual tape based) must be formatted before backup
• auto-format possible if loose policy is used and InitOnLoose global option set to 1
• File Library /Backup-to-Disk media uses auto-format as a default
• initialize each medium only once to write tape header, media overwrite does not touch header
initialization Label/
parameters Description
Tape Location
Header Logical
Device
Medium ID
Capacity
MMDB
<force>
CLI: omniminit –init <Logical Device> <Options>
Formatting Tape Media
Before any medium can be used by Data Protector it must undergo an initialization process called
Formatting. The media format process is performed within the media pool where the formatted
medium is to be added. Media can be formatted from within the GUI in the Devices & Media context
or from the command line using the omniminit command.
CLI: omniminit –init <Logical Device> <Options>
Use of the GUI is preferred and allows multiple media to be

formatted at once by selecting the slots within the library
or jukebox.

Module 8
Media Management
NOTE Data Protector File Library and Backup- to _Disk media are automatically created
and formatted. It is not possible run manually format operations on file library
media.
The Data Protector Media Management engine requires a unique Medium ID for each tape or file
used as a backup medium. A unique ID is generated when the media is initialized. This ID is written
to the media header and to the Media Management Database (MMDB). Data Protector uses this
header to distinguish one medium from another. Each time a medium is accessed, the header
information is read to ensure that the correct medium is being used. It is also possible to manually
read media header information by using the Scan operation after selecting a Logical Device or
library slot, or with the command:
CLI: omnimlist –device <logical device> -header
Media Formatting Parameters
Medium Description (Label)

Choices for Medium Description are Automatically Generate, Specify, or Use Barcode.
When “Automatically Generate” is chosen, Data Protector generates a description (label) based
upon the name of the media pool that the media is being added to plus the current sequence
number. The format of an Auto-labeled medium is <POOLNAME_INCREMENT#>. For example, if the
pool is called “SAP_LOGS_SCD”, then the first tape to be auto-labeled in this pool will be called
SAP_LOGS_SCD_1.
When “Specify” is selected you can type in a user-defined label such as “SAP_LOGS SCD 0287”.
The label can consist of up to 32 characters. The media description used as the media label may be
altered at any time by using the GUI or by using the omnimm command.
For library devices with barcode capabilities, the “Use Barcode” assigns the tape label by reading
the barcode attached to the tape.
Location (optional)
The physical location of the medium may be manually entered or selected from a list of pre-
configured vaulting locations. The location can consist of up to 32 characters. It is suggested that
the administrator pre-configure the possible locations before formatting media to create
consistency.
Logical Device
The logical device used to perform the media initialization. Within the GUI, only logical devices that
match the media type of the media pool are selectable during media formatting. Plan in advance
the block size that is to be used for the media and configure the logical device appropriately. After a
medium is initialized, the block size for the medium may not be altered and may not be appended
by a logical device with a different block size.

Module 8
Media Management
Medium Capacity (Determine or Specify)

• Determine instructs Data Protector to detect the type of media being formatted and
select the appropriate medium capacity. Data Protector does not take into account any
compression factors when determining this capacity; therefore, this figure will be the
default minimum capacity for this type of media.
• Specify allows the user to input a specific capacity in megabytes that the medium is
expected to hold. The capacity is used only for statistical purposes and does not set a
hard limit on the amount of data that any media can hold. Typically the compressed
capacity of the medium is used and set to two times the native tape capacity.
Initialized Size
The size that a tape medium is initialized to will not ultimately affect the amount of data that can
be written to it. Data Protector writes to the tape until the device reports early end of tape (EOT)
warning. If a tape is formatted to a smaller size than the physical size of the tape, Data Protector
will write to the end of tape, and then update the Media Management (MM) database.
The recorded tape size will be reset to the value of the physical tape size. Each time Data Protector
writes to a newly formatted media, the media capacity value may be updated to reflect the largest
amount of data that has ever been written to the tape. Commonly the formatted size differs from
actual medium capacity.
The same thing applies to media that are initialized to a very large size. Once the tape has been
filled with data, the size will be reset in the MMDB.
Note When using media type File, the specified size will limit the size of the file medium;
the Data Protector default size is 100 MB. This may be permanently altered by
modifying the global option FileMediumCapacity or simple type in a higher value in
the GUI
Force Option
During initialization Data Protector checks the medium to see if it already contains data that is in a
recognizable format. If the format is recognized, then, by default, Data Protector does not initialize
the media. The reason is that this media may contain valuable data. The behavior can be changed
by checking the Force option
In addition to Data Protector media also tar, cpio and fbackup written media are recognized.

Module 8
Media Management
8-22. SLIDE: Media Export & Import 1/2
Media Export & Import 1/2
• allows exchange of Data Protector media between different cells
DP Cell1
DP Cell2
Right click the medium Right click on a pool
and select Export and select Import
Export Import
• removes information about a medium and its • adds Data Protector foreign media to the cell
contents from the local IDB • information about backed up data on the
• the data on the medium remains unchanged media is read from catalog segments on tape
• only unprotected media can be exported and written into the IDB and can now be
(Use Recycle function to remove protection browsed for restore
The media export/import process allows Data Protector media to be exchanged between Data
Protector cells.
In order to export a media, right-click on the media you wish to export and select Export from the
menu. Media export is an IDB only operation. All information about the media will be identified and
removed from the IDB; the media itself is not required and all data on the media remains
unchanged. By definition only unprotected media can be exported, so use the Recycle function in
Data Protector to remove any existing protection.
After export, physically move the media(s) to the new cell that manages a second Data Center or
Department, put it in their Tape Library and run a Barcode scan in DP to make it known to DP. Now
right click on a Pool or mark the discovered “unknown” media directly under Slots and select
Import from the menu. You need to select a drive that will be used to read the media. The import
process reads the data on the media (in detail it searches and reads the catalog segments on the
media only) and writes the information into the IDB. After import the new objects will show up in
the Restore GUI and can be selected for restore.
Note: At import time immediately set a new protection for the imported data, otherwise
imported data will be removed from IDB during Daily Maintenance.

Module 8
Media Management
8-23. SLIDE: Media Export & Import 2/2

• Fast tape import via Media Catalog File (MCF)
DP Cell 1 DP Cell 2
Tape + MCFs
MCF Export MCF Import

• Click on the medium to export and select • Click on Pools and select
Copy Catalog to File Import Catalog from MCF File ..
• Specify destination directory for MCF File • Specify copied MCF(s) to import
• Recycle and export the media • MCF content is read and written into the IDB, so
• Copy MCF(s) to Target Cell Manager that it can be browsed for restore
Data Protector supports a special file based media export/import method. In difference to the
previously explained method this method does not require a physical reading of catalog segments
on tape, it reads the catalog segments directly from a Media Catalog File (MCF). The feature
allows bulk-transfer of media information much faster to another cell; the MCF import could even
be started, when tapes are still on the way to the new Data Center.
MCF based import requires 2 steps:
• Source Cell: Copy catalog to File

• Target Cell : Import Catalog from MCF File
Copy catalog to File

In the source cell, click on the media you wish to export and select Copy Catalog to File. In the
result pane, a window opens and asks for the output directory. The default location:
UNIX : DP_CONFIG/export/mcf
WINDOWS : DP_CONFIG\export\mcf
is listed as default in the window, but can be customized e.g. to put the file on a network share right
away. Each medium has its own MCF, identifiable by the Medium-ID in the file name.

Module 8
Media Management
Note MCF creation does not export a media from the cell. In case media is no longer
required it needs to be exported in addition to force an IDB cleanup.
Import Catalog from MCF File

In the target cell copy the created MCF into the default location:
UNIX : DP_CONFIG/import/mcf
WINDOWS : DP_CONFIG\import\mcf
Within Data Protector, click on Pools (do not click on a specific pool) and select Import Catalog
from MCF File. The result pane shows the default import location and allows the selection of the
copied MCF to import.
After MCF import the media content is known to DP and can be browsed and selected for restore.
NOTE: After MCF import the media location is still unknown to Data Protector. In order to
prevent mount requests put the media in your tape library and run a barcode scan
LIMITATION: Data Protector File Library media are not supporting the physical export/import
and the MCF based export/Import. Use a Data protector File Jukebox instead.

Module 8
Media Management
8-24. SLIDE: Vaulting with Media Pools
Vaulting with Media Pools
Modify
description
and
location
move
select
medium to
medium
a new pool
CLI:
omnimm –modify_medium <medium> <NewLabel> <NewLocation>
omnimm –move_medium <medium> <NewPool>
Vaulting with Media Pools
The process of “vaulting" media is essentially a form of protection. Tapes are typically packed up
and sent to an off-site safe storage facility. Tape rotation typically involves moving the tapes off
site, keeping them there for a few weeks/month and putting them back onsite after medium
protection expires.
Data Protector supports the following features to facilitate tape rotations and vaulting:
• Media Protection - inherited from Backup Operations

• Media Pools with Strict Allocation - Media Pool Feature
• Multiple media pools of the same type - used as production and vaulting pool
• Media Location tracking - individual Media Feature
• Media Labeling - individual Media Feature
• Media Duplication – for scheduled, automatic, or manual tape replication
• Vaulting Locations - Pre-configured locations

Module 8
Media Management
Multiple media pools may serve as media repositories when media are to be taken out of a device
repository or taken offsite.
Media pool uses
• Active_pool This is the set of media available within a device repository (library)
• On-site_vault Tapes here are out of the device, but not yet offsite
• Off-site_vault Tapes are physically at a remote location.
• Free Pool holding area for expired media, prior to moving to the active pool.
Data Protector provides both the GUI and command line to allow you to move media from one pool
to another of the same type. The command line could be used in conjunction with an automation
script to make the media management simpler. Consider using the command line to automated
vaulting operations and media management.
The following example demonstrates the command line method of modifying an existing medium
that is moving to a different location (you may change the label at the same time):
CLI: omnimm -move_medium <media label/medium-ID> <new pool>
Example:
omnimm -move_medium "SAP_ARCH_SCS_023" Offsite_vault

Module 9 - Backup
Objectives: Upon completion of this module, you will be able to
• Create and generate Backup Specifications using the DP GUI and CLI
• Understand how to use the advanced backup capabilities
• Understand the backup processing flow
Contents
Module 9 - Backup 1
9–3. SLIDE: Backup, high level view .................................................................................................. 2
9–4. SLIDE: Backup specification execution ..................................................................................... 4
9–5. SLIDE: Backup Specification Content ........................................................................................ 5
9–6. SLIDE: Creating backup specification ........................................................................................ 6
9–7. SLIDE: Backup context / Group view ......................................................................................... 8
9–8. SLIDE: Creating backup specification ........................................................................................ 9
9–9. SLIDE: Creating backup specification: Wizards ....................................................................... 11
9-10. SLIDE: Creating backup specification: Sources ...................................................................... 12
9-11. SLIDE: Creating backup specification: Destination ................................................................ 14
9-12. SLIDE: Dynamic device allocation 1/2 .................................................................................... 16
9-13. SLIDE: Dynamic device allocation 2/2 .................................................................................... 17
9-14. SLIDE: Static device allocation ............................................................................................... 20
9-15. SLIDE: Object mirroring 1/2.................................................................................................... 21
9-16. SLIDE: Object mirroring 2/2.................................................................................................... 23
9-17. SLIDE: Creating backup specification: Options ...................................................................... 25
9-18. SLIDE: Creating backup specification: Filesystem options 1/2 ............................................. 26
9-19. SLIDE: Creating backup specification: Filesystem options 2/2 ............................................. 29
9-20. SLIDE: Scheduler Overview..................................................................................................... 31
9-21. SLIDE: Scheduler – Feature Comparison ................................................................................ 33
9-22. SLIDE: Using the Legacy Scheduler 1/2.................................................................................. 34
9-23. SLIDE: Using the Legacy Scheduler 2/2.................................................................................. 36
9-24. SLIDE: Using the Advanced Scheduler 1/2 ............................................................................. 37
9-25. SLIDE: Using the Advanced Scheduler 2/2 ............................................................................. 39
9-26. SLIDE: Using an incremental backup chain ............................................................................ 43
9-27. SLIDE: Protection of a backup chain ...................................................................................... 45
9-28. SLIDE: Creating Backup Spec: Backup Object Summary ........................................................ 46
9-29. SLIDE: Backup Object Summary – Object Properties 1/2 ...................................................... 47
9-30. SLIDE: Backup Object Summary – Object Properties 2/2 ...................................................... 49
9-31. SLIDE: Preview backup session .............................................................................................. 50
9-32. SLIDE: Pre- and post- execution ............................................................................................ 51
9-33. SLIDE: Performing backups .................................................................................................... 52
9-34. SLIDE: Backup session message output ................................................................................ 53
9-35. SLIDE: Resume/Restart failed Backup sessions .................................................................... 54
9-36. SLIDE: Missed job executions ................................................................................................. 56
9-37. SLIDE: Reconnect broken connections ................................................................................... 57
Module 9
Backup
9–3. SLIDE: Backup, high level view
High level view of a backup
Create Data Protector backup steps

Backup Specification
1. Selecting the data sources on the Disk Agent clients
2. Selecting the target backup devices which are connected to

Media Agent clients
3. Selecting how many additional backup copies to create

Save (optional)
4. Change default settings (optional)
5. Decide when and how frequently the backup should run
6. Save the configuration
7. Execute Backup Specification (unattended via the scheduler)

Execute
Backup Specification 8. Generate reports about performed backups (optional)
Backup, high level view
A backup is a process that creates a copy of data on backup media. This copy is stored and kept for
future use in case the original is destroyed or corrupted.
Following a brief outline about the required steps how to configure a backup in Data Protector.
1. Selecting the data sources on the Disk Agent clients

This can be a single file, an application database or a raw disk, from a single DP client server or
from multiple servers.
2. Selecting the target backup devices which are connected to Media Agent clients
Data Protector supports backup to tape from a single DDS drive up to tape libraries with 40 or more
drives and thousands of cartridges. Backed up data can also be stored on Magneto-optical media or
on disk based file libraries.
3. Selecting how many additional backup copies to create

Data Protector allows mirroring data during the backup. Read once, write many. This is an optional
feature.

Module 9
Backup
4. Change default settings

The high number of selectable options, e.g. encrypting, statistical info, compressing data and much
more can be adapted if necessary.
5. Schedule your backup

Every day, once week? A full on the weekend, and incremental backups from Monday-Friday?
6. Execute Backup Specification

At a specified time, Data Protector starts the backup session based on the backup specification.
During the backup session, Data Protector reads the objects, transfers data through the network,
and writes them to the media residing in the devices.
7. Create reports
A single report or a set of reports manually started or scheduled to run daily or weekly. This is
optional feature provides important statistics.
What are prerequisites before a backup can be configured
• You need to have a Disk Agent installed on every system that is to be backed up, unless
you use NFS (on UNIX) or Network Share Backup (on Windows) for backing up these
systems.
• You need to have at least one backup device configured in the Data Protector cell.
• You need to have media prepared for your backup.
• You need to have appropriate user rights for performing a backup
• You need to have the required licenses to perform a backup
What is a backup object in Data Protector?

A backup object is a backup unit that contains all items selected for backup from one disk volume
(logical disk or mount point). The selected items can be any number of files, directories, or the
entire disk or mount point. A backup object is uniquely defined by the client and mount-point
where it resides, by a description, and by the object type.

Module 9
Backup
9–4. SLIDE: Backup specification execution
Backup specification execution

DP Cell Manager
Backup Session Manager (BSM)

control control control
Backup Objects Backup Devices Media
/data1
Drive1
/data2
Host1 Drive2
E:\
Host2 Drive3
C:\
Drive4
Host3
Backup specification execution
On the Data Protector Cell Manager system a dedicated Backup Session Manager (BSM) reads the
content of the backup specification and starts all necessary agents as the Disk Agent (DA) for
reading the data and the Media Agent (MA) for writing the data to the backup media.
The backup specification contains the list of objects to be backed up and defines the devices to be
used. Optionally the backup specification might contains various options and parameters, which
allow to overwrite default settings for the used devices and backed up data, such as the definition
of a specific media pool that will keep the used media of that session, filter settings for the backed
up data, pre and post exec command to be executed or security settings like session ownership
definition or used encryption settings.
A backup specification can be as simple as backing up one single mount point or drive letter to a
local attached standalone tape device, or as complex as backing up 40 large servers to a SAN
attached tape library with 30 drives.
A running backup is called backup session and be started interactively from the DP GUI or CLI, via
the DP build-in scheduler or by executing an external script. During the backup session, the
configured Data Protector Disk Agents read the data within the specified backup objects, transfers
their data to the configured Backup Devices, who writes the data to media residing in these devices.
Each backup session will get a unique Session-ID assigned that allows to track the session status
while the session is running or to query the IDB for session details after the session is completed.

Module 9
Backup
9–5. SLIDE: Backup Specification Content
Backup specification
Datalists • Filesystem (UNIX/Windows)

are Backup • Hosts (expanded at runtime into
specification which file system objects).
may be used to • Rawdisk/Disk Partitions
backup the following • DP Internal Database*
object types:
Barlists • Oracle
are used to back up • SAP
Applications and • MS Exchange
Databases online.
• DP Internal Database*,
These are integration
• VMware, … and many others …
specific agents.
*… before Data Protector 8.00 backed up as Filesystem, in later version as Online Database backup
Backup Specification Content
Backup Specifications can be divided into:

• Datalists
• Barlists
Datalist: The Datalist is used for the classical file system backups. Filesystem backups includes
entire system backups or just selected mount points (Unix) or drive letters (Windows). Special
Filesystem backups are Configuration backups (Windows only) or disks and partitions backups as
Raw disk backup. Up to DP version 7.03 it was possible to backup the Internal Database as
filesystem, starting with version 8.00 IDB is backed up as Online Integration backup.
Datalists are stored as ASCII files on the Cell Manager under:
DP_CONFIG\datalists
Barlist: A Barlist is used to backup a database or application as a true online backup. It contains the
backup objects definition in the language the database or application understands like an RMAN
script for an Oracle database backup or the brbackup call for a SAP backup. These integration
backups are not part of this essential training. Special integration trainings are offered, see Module
1 for more information about these courses.
Barlists are stored as ASCII files on the Cell Manager under:
DP_CONFIG\barlists\<integration name>

Module 9
Backup
9–6. SLIDE: Creating backup specification
Creation of a backup specification

disk
one Wizard Load Balance
Using the
on
DP GUI
ts Templates
poin Object Source
nt
mou
Two Destination
Two Backup Options

mou
nt
poin Object Options
ts the
Using
on
DP CLI omnicreatedl
one Schedule
disk
Object Properties
Creating backup specification
Using the GUI, two primary methods can be used to create a backup specification:
• by starting with a template (even a blank template)
• by starting one of the backup wizards
The list shown above illustrates the typical sequence (as guided by the GUI) used when defining a
backup specification. The process for each of the methods is very similar, and both allow the
backup to be started interactively or saved to a backup specification file.
The following slides show step by step, the creation of a backup specification.
A backup specification defines the client systems, drives, directories, and files to be backed up, the
devices or drives to be used, the number of additional backup copies (mirrors), the backup options
for all objects in the specification, and the days and times when you want backups to be performed.
You can easily create multiple backup specifications by copying an existing specification and then
modifying one of the copies. Data Protector provides default options that are suitable for most
cases. To customize the behavior, use Data Protector backup options.

Module 9
Backup
Keep the following key points in mind when you run a backup session:
• The backup type (full or incremental) is the same for the whole backup session. All data
in a group is backed up using the same backup type.
• A backup object can be added to multiple backup specifications. For example, you may
have one backup specification for full backups, one for incremental backups, one for a
departmental backup, and one for the archive backup. You can give a description for
each object. It is important that you choose the description carefully; because this lets
you differentiate among various backups from the same filesystem.
• Objects or clients can be grouped into one backup specification if the media and the
backups are managed in the same way, or if media are put into a vault.
• If many backup specifications exist or are planned, you should structure them in groups
of backup specifications. If the groups are structured along common option settings
(how to back up), then you can apply the backup templates efficiently.
Omnicreatedl
In most cases a backup specification is configured using the Data Protector user interface, either
from scratch or by copying an already created backup spec, which is modified afterwards. To
allow the creation of backup specification within scripts, the command omnicreatedl can be
used. The command omnicreatedl allows scripted backup specification creation from the
command line.
Example 1
Create a datalist containing the entire file systems for a single host, backup specification name
will be system01_all, backed up client is system01, and the logical device name is LTO5_drive3:
omnicreatedl -datalist system01_all -host system01 -device LTO5_drive3
Example 2:
Create a datalist containing the entire file systems from two hosts,
backup specification name will be CAD_all, backup clients are system23 and system24 and logical
device name is drv4
omnicreatedl -datalist CAD_all -host system23 -host system24 -device drv4
For further details about omnicreatdl and available options see HP Data Protector CLI Guide.

Module 9
Backup
9–7. SLIDE: Backup context / Group view
Backup context / Backup specification group
“View”
Pull down menu
Backup
Context
Backup
Specifications
of the Group
“cleanup”
Backup
Specification
Groups
Backup context / Group view
Backup Context
A right-click opens the Context menu, where the user can select backup items beside others.
Backup Group
A large environment can have hundreds of backup specifications. Data Protector allows assigning
every backup specification to a group. The user can create as many groups as he needs. He can
create backup groups every time and can move Backup Specifications from one group to another.
You can apply common options settings (for example, for devices) from a template to a group of
backup specifications. Select all the backup specifications within the group (click on the name of
the group and then CTRL+A), right-click a target group, and then click Apply Template.

Module 9
Backup
9–8. SLIDE: Creating backup specification

Select backup specification,

right click Add Backup...
Choose a template for

a set of preconfigured
options
Default:
Local or LAN
Templates: Backup
Often used backup Static or
specification and schedule
dynamic
characteristics can be
saved in a template. assigned
The template can then be devices
used to generate new
backup specifications
Data Protector backup templates are a powerful tool that can help you simplifying your backup
configuration. A template has a set of clearly specified options for a backup specification, which
you can use as a base for creating and modifying backup specifications. Data Protector enables you
to apply a group of options offered by the template.
A template can be used in two ways:

• It can be used to create a new backup specification.
• It can be applied to existing backup specifications to modify these specifications.
Backup templates are created and modified similarly to backup specifications, except that objects
and the backup application configuration are not selected within the backup template.
In blank backup templates, such as Blank Filesystem Backup, Blank Informix Backup, and so on,
there are no objects or devices selected.
Applying a Backup Template

Data Protector allows you to apply a backup template to saved backup specifications. When
applying a template to backup specifications, you can select which option groups should be applied

Module 9
Backup
To apply a template to backup specifications, do a right-click on the backup specification and click
Apply Template. The Apply Template window appears, in which you apply the desired options.
Once you have applied the template options, you can still modify your backup specification and
change any setting.
Modifying an existing Template

You can modify Data Protector default templates, as well as templates that you have created. To
modify an existing template, open the properties of the template.
If the groups are structured along common option settings (how to back up), then you can apply the
backup templates efficiently.
For detailed steps, refer to the online Help index keyword “templates”.
Creating a new Template

You can create new templates and use them for creating
or modifying backup specifications.
To create a new template, use the Backup context and
right click on the Template folder as shown in screenshot
below:

Module 9
Backup
9–9. SLIDE: Creating backup specification: Wizards
Creating backup specification: Wizards
Load
balanced
Non-Load
balanced
DR preparation
backup for the CM
Creating backup specification: Wizards
When defining objects interactively to be added to a backup specification, you may use a “task
wizard” to create the specification. Within the backup context of the GUI, select “Tasks” from the
bottom of the Scoping Pane. There you will find the wizards. Select either the load balanced, or
non-load balanced wizard.
You will not be able to change the load balance selection later on.
It is not supported to edit the Datalist file with a text editor.

Module 9
Backup
9-10. SLIDE: Creating backup specification: Sources
Creating backup specification: Sources

Filesystem backups are able to backup multiple hosts within one backup specification.
Selection of backed up data can differ for each host, indicated by different color codes
1.Full host directly selected :

• Primary Selection: Red
• Secondary Selection: Black
1.
2.Full host selected, but one or 2.
more object deselected:
• Partial Primary Selection: Brown
• Secondary Selection: Black
3.
3. Single files directly selected:

• Primary Selection: Red
• Partial Secondary Selection: Grey
Creating backup specification: Sources
Data Protector uses the term backup object for a backup unit that contains all items selected for
backup from one disk volume (logical disk or mount point). The selected items can be any number
of files, directories, or the entire disk or mount point.
Additionally, a backup object can be a database entity or a disk image (rawdisk).
A backup object is defined by:
• Client name: a hostname of the Data Protector client where the backup object resides.
• Mount point: an access point in a directory structure (drive on Windows and mount point
on UNIX) on the client where the backup object is located. Description: uniquely defines
the backup objects with identical client name and mount point.
• Type: backup object type, for example filesystem.
The way in which a backup object is defined is important to understand how incremental backups
are done. For example, if the descriptions of a backup object changes, it is considered as a new
backup object, therefore a full backup will be automatically performed instead of incremental.
As you select objects to be backed up, you may select the check box in front of a host to include the
“host” object, or you may expand the host object and select file systems individually. The coloring

Module 9
Backup
used for the check marks in front of the objects indicate whether the items were selected directly
(blue) or indirectly (black)) because of another selection.
The lightened colors (cyan and gray) are used to indicate partial primary and secondary selections
respectively.
How to restore?
Data Protector provides essentially two methods for data restore, object-based, and session-
based. With session-based restore, Data Protector is able to restore all at once the objects from a
single backup session. The backup session is stored in the Data Protector database and may be
selected for restore. This makes restoration of a complete system very simple, but may change the
way that you will define your specifications for backup. With object restore, you may select to
restore an entire object version, or any subset of it, down to the file level. The next module of this
training explains how restore works.

Module 9
Backup
9-11. SLIDE: Creating backup specification: Destination

Creating backup specification: Destination
Properties allows to
Default device option can be overwrite default values
overwritten of the selected device
(Concurrency/Media Pool..)
Up to max 6 drives
are used in parallel
Selected device
Creating backup specification: Destination
Device Backup Options

You can select the options listed below for each backup device in use.
None of the settings are needed, because CRC Check, Concurrency, and Media Pool use the
default values that are set when the device is configured. The Prealloc List value is specified
along with the media pool settings.
CRC Check
Set this option to have Data Protector calculate the CRC (Cyclic Redundancy Check) when a backup
runs. CRC is an enhanced checksum function that lets you later confirm using the Verify option
whether or not data has been written correctly to the medium. This option can be specified for
backup and object copy operations. The default value is OFF.

Module 9
Backup
Concurrency
Concurrency allows more than one Disk Agent to write to one backup device. Data Protector can
then keep the devices streaming if data can be accepted faster than a Disk Agent can send it. The
maximum concurrency value is 32. Data Protector provides default values for all supported
devices. This option can be specified for backup and object copy operations.
Media Pool
This option selects the media pool with the media you will use for a backup. If not defined, a default
pool, which is a part of device specification, is used.
This option can be specified for backup and object copy operations.
Prealloc List
The Prealloc List is a subset of media in the media pool used for a backup. It specifies the order in
which the media will be used. When using the Prealloc List and the Strict media allocation policy
with the backup device, Data Protector expects the sequence of the media in the device to
correspond with that specified in the Prealloc List. If the media are not available in this sequence,
Data Protector issues a mount request. If no media are specified in this list, then the Data Protector
allocation procedure is used to allocate media.
This option can be specified for backup and object copy operations.
Use preferred Multipath host

(This option is available only for MultiPath devices)
If this option is selected, you can select a preferred host from the drop down list. During a backup
session, Data Protector will try to use this host first, regardless of the predefined order.
Rescan
(If this option is ON, Data Protector updates repository information before starting your backup.
This is useful when you manually change the media order in the slot or enter and eject media.

Module 9
Backup
9-12. SLIDE: Dynamic device allocation 1/2
Dynamic device allocation 1/2

Example 1
Load Balanced Backup:
• All objects from a backup specification are automatically distributed
over the configured drives
• device failover
4 drives with a
concurrency of 1 each
Assumed
drive #2 is
the next
17 Backup available
Objects from drive, object
the backup “5” will be
specification the next
stored on
drive #2.
4 objects are backed

up concurrently
Balancing the use of devices

By default, Data Protector automatically balances the load (the usage) of devices so that they are
used evenly. This is called load balancing. Load balancing optimizes the usage by balancing the
number of the objects backed up to each device. Since load balancing is done automatically during
backup time, you do not have to manage the allocation of objects to devices used in the session;
you just specify the devices to be used.
The example above shows 17 objects to be backed up to 4 configured drives, each configured with
a concurrency of 1. The objects are store one after the other to the next available drive.
When to use load balancing

Use load balancing when:
• You back up a large number of objects.
• You use library (autochanger) devices with several drives.
• You do not need to know on which media objects will be backed up.
• You have a good network connection.
• You want to increase the robustness of the backup. Data Protector automatically
redirects the backup operation from failed devices to other devices in a device list.

Module 9
Backup
9-13. SLIDE: Dynamic device allocation 2/2
Dynamic device allocation 2/2 Example 2

Load Balanced Backup a bit more complex:
• All objects from a backup specification are automatically
distributed over the configured drives
The concurrency of
• device failover
Drive #1 = 2
Drive #2 = 2
Drive #3 = 4
Drive #4 = 3 (3 arrows)
Min: Backup will only

17 Objects are backed up with 8 parallel data streams. With Max=3, start if the given number
not more than three drives are used for load balancing. Drive #4 is of devices are available
standby and used if one of the other drives fails
By default, Data Protector automatically balances the usage of backup devices specified for
backup. This is also called load balancing, and it ensures equal usage of the devices. When you run
backup with the Load Balancing option, Data Protector uses devices in the order they are specified
in the load balanced backup specification.
When to Use Load Balancing

It is recommended that you use the Load Balancing option when you want to back up a large
number of objects to a number of available devices, and you would like Data Protector to keep all
the devices busy all of the time. You should use Load Balancing to minimize the impact of
unavailable devices on the backup. A device may become unavailable because it:
• failed during a backup
• stopped during a backup
• is in use by another session
• cannot be started at all
The backup specification above contains 17 objects and four logical devices. The options for the
backup specification include: “Load Balanced, Min 1, Max 3.” Also, note that the backup objects are
in a specific order, that is to say they have an order within the object list.

Module 9
Backup
When a backup specification is configured as load balanced, the device field for each object that
normally shows the name of the logical device the object is targeted at, now shows “Load
Balanced.”
At run time, media agents are started for the minimum number of logical devices specified in the
backup specification and these devices are locked by the session manager. At most, Data Protector
will start the number of media agents defined in the MAX parameter, in this case “3.”
The media agents that are started depend on the order defined in the backup specification.
How the automatically created order can be changed, is described under Backup Object Summary,
later in this module.
Once the media agent has started, the disk agents are started. The number of disk agents started is
the combined concurrency values for the running devices; in this case, the total is eight. The
concurrency for each logical device will be satisfied before another available media agent is
started.
Object to Device Assignment

Objects to be backed up are selected in the following manner:
• Objects are grouped together to satisfy the concurrency requirements of the device
• Objects that reside on the device host have a higher priority for the local device
• Objects are scheduled so that the number of disk agents running per host is minimized
Data Protector first sends an object to its local tape drive rather than send it over the network to a
drive on another system.
NOTE: As it is not know in advance which objects will be written to each device, it makes sense to
use a common media pool for all devices that are to be a part of a load balanced backup.
An example with Min=2 and Max=2:

For example, we assume that there are 20 objects configured for backup to four devices with
concurrency set to three and with load balancing parameters MIN and MAX both configured at two.
If at least two devices are available, the session will start with three objects being backed up in
parallel to each of the first two available devices. The other 14 objects will be pending and will not
be assigned to a particular device at that time.

Module 9
Backup
1
2 Drive #1
3
4
5 Drive #2
6
Drive #3
Drive #4
Once a backup of a particular object is done, the next pending object is started and assigned to the
device that has less than three concurrent objects being backed up.
Load balancing ensures that the two devices are running in parallel as long as there are still
pending objects to be backed up. If a device fails during backup, one of the two devices in reserve is
used. The objects that were being backed up to the failed device are aborted, while the next three
pending objects are assigned to the new device. This means that each failure of a device can cause
a maximum of three objects to be aborted, provided that other devices are available for the backup
session to continue.

Module 9
Backup
9-14. SLIDE: Static device allocation

Static device allocation – Non-Load Balanced
Example3
Non-Load Balanced Backup:
• objects are pre-assigned to a particular device
• no device failover
11 Objects are
backed up in four
parallel streams
3 2 1 Drive #1
6 5 4 Drive #2
Object after object 10 9 8 7 Drive #3

is backed up
11 Drive #4
Static device allocation
When not to use Load Balancing

Deselecting the Load Balancing option is recommended when
• You want to back up a small number of objects

• Objects are backed up on simple devices, such as DDS
• You want to manually select the devices to which objects will be backed up
• You want to know on which medium/media objects will be backed up
Note: If you disable the Load Balancing option, you have to select the backup device which is
used to back up each object in the backup specification. If a device becomes
unavailable, then the objects that should be backed up to the device will not be backed
up.

Module 9
Backup
9-15. SLIDE: Object mirroring 1/2
Object mirroring 1/2

Source and Mirror devices
are defined in the
Backup Session Backup Specification
Manager
Objects Devices for Devices for Device for

Data Sources Backup mirror 1 mirror 2
mirroring à mirroring à
1 1
Drive #1 Drive #3
2
3 Drive #2 3 Drive #4 3 Drive #5
Object 1 Object 1
Object 2
Media
Object 3 Object 3 Object 3
An object mirror is an additional copy of a backup object created during a backup session. When
creating a backup specification, you can choose to create one or several mirrors of specific objects.
The use of object mirroring improves the fault tolerance of backups and enables multi-site
vaulting. However, object mirroring during a backup session increases the time needed for backup.
Benefits of Object Mirroring

Benefits of object mirroring
The use of the object mirror functionality serves the following purposes:
• It increases the availability of backed up data due to the existence of multiple copies.
• It enables easy multi-site vaulting, as the backed up data can be mirrored to remote
sites.
• It improves the fault tolerance of backups, as the same data is written to several media.
A media failure on one medium does not affect the creation of the other mirrors.

Module 9
Backup
Object mirror operation

In a backup session with object mirroring, each selected object is backed up and at the same time
mirrored as many times as specified in the backup specification. See slide above.
Let us take Object 3 in the figure as an example. The Disk Agent reads a block of data from the disk
and sends it to the Media Agent that is responsible for the backup of the object. This Media Agent
then writes the data to the medium in Drive 2 and forwards it to the Media Agent that is responsible
for mirror 1. This Media Agent writes the data to the medium in Drive 4 and forwards it to the Media
Agent that is responsible for mirror 2. This Media Agent writes the data to the medium in Drive 5. At
the end of the session, Object 3 is available on three media.
Limitations
• It is not possible to mirror objects backed up using the ZDB-to-disk or NDMP backup
functionality.
• It is not possible to mirror an object to the same device more than once in a single session.
• Block size of the devices must not decrease within a mirror chain. This means the following:
The devices used for writing mirror 1 must have the same or a larger block size than the
devices used for backup. The devices used for writing mirror 2 must have the same or a
larger block size than the devices used for writing mirror 1, and so on.

Module 9
Backup
9-16. SLIDE: Object mirroring 2/2
Already
configured
devices are
greyed out
Load Balancing options
can be set for the
backup devices and
each mirror
Available
devices
How to use object mirroring

You specify object mirroring when configuring a backup specification. In the backup specification,
select the objects you want to mirror, and then specify the number of mirrors. To be able to specify
more than 5 mirrors, increase the MaxNumberOfMirrors variable value in the global options file.
Specify separate devices for the backup and for each mirror. When a backup session with object
mirroring starts, Data Protector selects the devices from those you specified in the backup
specification. To avoid impact on performance, it is recommended that the devices have the same
block size and are connected to the same system or to a SAN environment. The minimum number
of devices required for mirroring SAP DB, DB2 UDB, or Microsoft SQL Server integration objects
equals the number of devices used for backup.
Selection of devices
Object mirroring is load balanced by default. Data Protector makes optimum use of the available
devices by utilizing as many devices as possible. Devices are selected according to the following
criteria in the order of priority:
• devices of the same block size are selected, if available
• locally attached devices are selected before network attached devices
When you perform an object mirror operation from the command line, load balancing is not
available.

Module 9
Backup
Backup performance
Object mirroring has an impact on backup performance. On the Cell Manager and Media Agent
clients, the impact of writing mirrors is the same as if additional objects were backed up. On these
systems, the backup performance will decrease depending on the number of mirrors.
On the Disk Agent clients, there is no impact caused by mirroring, as backup objects are read only
once.
Backup performance also depends on factors such as device block sizes and the connection of
devices. If the devices used for backup and object mirroring have different block sizes, the mirrored
data will be repackaged during the session, which takes additional time and resources. If the data is
transferred over the network, there will be additional network load and time consumption.
What Is the Result?

The result of a successful backup session with object mirroring is one media set containing the
backed up objects and additional media sets containing the mirrored objects. The mirrored objects
on these media sets are treated as object copies.

Module 9
Backup
9-17. SLIDE: Creating backup specification: Options

Creating backup specification: Options
Options tab for all
Under the “General”- backup specification
tab, the user can options and filesystem
define Pre- and Post- options
exec scripts for this
backup specification
Failover
Handling for a
clustered Cell
Manager
Creating backup specification: Options
Data Protector offers a comprehensive set of backup options to help you fine-tune your backups.
All options have default values that are appropriate for most cases. The availability of backup
options depends on the type of data being backed up. For example, not all backup options available
for a file system backup are available for a disk image backup. Common and specific application
options for integrations like Exchange, SQL, and so on, are described in the specific integration
guide
The backup options can be grouped as follows:

• Backup specification options, such as Ownership and pre- and post-exec options for the
whole backup specification.
• Object options specifying how different backup objects, such as file systems or disk images,
are backed up.
•
Pre- and post-exec options for the backup specification or for single objects are explained in the
later in this module in detail.
Ownership
The session owner is the user who started the interactive backup, unless the owner is specified in
the backup specification. Otherwise, the owner is root on UNIX Cell Managers and the user specified
at installation time on Windows Cell Managers.

Module 9
Backup
9-18. SLIDE: Creating backup specification: Filesystem options 1/2

Creating backup spec.: Filesystem options
The “Advanced “ button next
points to the Filesystem slide
Option window with four
further tabs
Additional options
that apply for all
marked backup
objects
E.g.: Software
encryption or data
compression
Pre- and Post-

exec scripts for
the Filesystem
Creating backup specification: Filesystem options 1/2
Data Protection: Specifying how long data is kept on the media

Configuring protection policies is extremely important for the safety of your data and for
successful management of your environment. See the HP Data Protector Concepts Guide for more
detailed information on how to define these policies.
Based on your company data protection policies, you have to specify how long your backed up data
is kept on the medium. For example, you may decide that data is out of date after three weeks and
can be overwritten during a subsequent backup. The Protection option can be specified for backup
and object copy operations.
Catalog Protection: How long info is kept in the database

Catalog protection determines how long the information about backed up data is available in the
IDB. This is different from data protection, which determines how long the backed up data is
available on the medium itself.
Catalog protection and data protection can be set independently!
Catalog protection has no effect if the log level is No Log.
The Catalog Protection option can be specified for backup and object copy operations.

Module 9
Backup
The default value for catalog protection is “Same as data protection“. This means that you can
browse and select files or directories as long as the media are available for restore.
Note: If data protection expires, the catalog protection is cancelled. When the data
protection ends and a medium is overwritten, the catalogs for the objects are
removed regardless of the catalog protection. Even when catalog protection
expires, you are still able to restore, but you must specify filenames manually.
Expired catalog protection

Once the catalog protection expires, the information is not immediately removed from the IDB.
Data Protector removes it automatically once per day. Since the information in the IDB is organized
on a per-medium basis, it is removed completely when catalog protection expires for all objects on
the medium.
Be aware that catalog protection, together with logging level, has a very big impact on the growth
of the IDB. Therefore, it is very important to define a catalog protection policy appropriate to your
environment. Refer to the IDB section in the HP Data Protector Concepts Guide for more
information on catalog protection and usage recommendations.
Logging: Changing details about data stored in the database

The logging level determines the volume of detail on the backed up files and directories written to
the IDB during a backup session. Note that you can restore your data regardless of the logging level
used during a backup session.
Logging level can be specified for backup and object copy operations. Data Protector provides the
following four logging levels:
Log All
This is the default logging level. All detailed information about backed up files and directories
(names, versions, and attributes) is logged to the IDB.
You can browse directories and files before restoring and in addition look at file attributes. Data
Protector can fast position on the tape when restoring a specific file or directory.
Log Files
When this logging level is selected, detailed information about backed up files and directories
(names and versions) is logged to the IDB. You can browse directories and files before restoring,
and Data Protector can fast position on the tape when restoring a specific file or directory. The
information does not occupy much space, since not all file details (file attributes) are logged to the
database.
Log Directories
When this logging level is selected, all detailed information about backed up directories (names,
versions, and attributes) is logged to the IDB. You can browse only directories before restoring.
However, during the restore Data Protector still performs fast positioning because a file is located
on the tape near the directory where it actually resides.
No Log
When this logging level is selected, no information about backed up files and directories is logged
to the IDB. You will not be able to search and browse files and directories before restoring. The

Module 9
Backup
different logging level settings influence the IDB growth, backup speed, and the convenience of
browsing data for restore.
Refer to the HP Data Protector Concepts Guide for more information on logging level.
Further options:
(to get a detailed description search with “filesystem options” in the OLH)
Report Level Backup Files of Size
Backup POSIX Hard Links as Files Do Not Preserve Access Time Attributes
Enhanced Incremental Backup Use native FS Change Log Provider
Software Compression Display statistical info
Lock files during backup Backup POSIX hard links as files
Do not preserve Access time attribute Copy full DR image to disk
Security: AES 256-bit encryption, Encode
User Defined Variables

Set user defined backup variables (a
variable name and its value) to
enable flexible operation on some
platforms and integrations with
Data Protector. For detailed steps,
refer to the online Help index
keyword “setting user definable
backup variables”. The list of
variables and their values that are
configurable with Data Protector is
dynamic and comes with Data
Protector Patches.

Module 9
Backup
9-19. SLIDE: Creating backup specification: Filesystem options 2/2

Creating backup specification: Filesystem options
A dedicated window allows to adapt

backups of Microsoft Windows filesystems
Creating backup specification: Filesystem options 2/2
Detect NTFS Hardlinks (Windows-Specific Option)

This option is similar to the UNIX specific option Backup POSIX hardlinks as files except that it is
only valid for NTFS and the default value is OFF, meaning that hardlinks are backed up as ordinary
files. The default value is OFF because the NTFS hardlinks are not often used and setting this
option decreases backup performance.
Do Not Use Archive Attribute (Windows-Specific Option)

Data Protector clears the archive attribute after each backup (after the file has been read). If you
have other applications that make specific use of this attribute, you should use this option.
The default value is OFF.
Report Open Locked Files As (Windows-Specific Option)

This option sets the report level for files that are opened and locked at the time Data Protector
attempts to back them up. Data Protector reports such files as per the regard to the Report Level
setting. The default value is Warning.
Open Files (Windows-Specific Option)

This option controls what Data Protector does when it encounters open Windows files. If the
Number of retries value is specified, this number defines how many times Data Protector tries to

Module 9
Backup
back up an open or busy file. The Time out value is the amount of time in seconds during which
Data Protector waits before retrying to back up an open or busy file.
Allow Fallback (Windows-Specific Options)

If the Use Shadow Copy option is specified, but the shadow copy creation on the system where the
VSS filesystem backup is running fails, the backup also fails by default. Specify this option if you
want the VSS filesystem backup to continue as a normal filesystem backup in case of a shadow
copy creation failure.
Use Shadow Copy (Windows-Specific Option)

When performing a filesystem backup on Windows Server 2003 systems or newer Windows
versions, Data Protector uses MS Volume Shadow Copy service (VSS) for coordinating the point-in-
time backup. VSS allows you to create shadow copy backups of volumes and exact point-in-time
copies of files, including all open files. This means that the VSS mechanism commits all pending I/O
operations and holds incoming writing requests during the preparation of a shadow copy volume.
In this way all files on the filesystem are closed and unlocked during the shadow copy creation.

Module 9
Backup
9-20. SLIDE: Scheduler Overview
Scheduler - Overview
What is a scheduler?
• Start a configured backup at a predefined date and time

• Need to be configured for each Backup Specification that should run
unattended
• Allow configuration of recurrent executions
• Allow overwrite of default protection settings and backup type (full,
incremental, incremental1..9)
Important:
Starting with Data Protector 8.10 there are two schedulers available:
- Legacy Scheduler
- Advanced Scheduler
Scheduler overview
A scheduler triggers the execution of a configured backup at a predefined data and time and is an
essential part of your backup specification configuration. Of course it is possible to complete the
backup specification without scheduling it and configure or update the schedule data at a later
time.
To ensure the effective utilization of the available backup infrastructure backups should run fully
unattended and around the clock 24x7. This requires careful planning and each backup
specification run needs to be scheduled individually.
In addition the scheduler allows the configuration of a recurrent execution, so the configured
backup specification can be configured to run several times a day, week or month.
Each backup specification can get multiple schedules configured. For each schedule the backup
type (full, incremental, incremental1...9) and the backup protection type (default or specified new
protection time) can be set. This allow the recurrent run of just one backup specification with
different parameters to achieve a daily incremental with 2 weeks protection and a weekly full with
1 month protection.

Module 9
Backup
Data Protector is shipped with its own build-in scheduler. In addition it is possible to use an
external scheduler, which will use the Data Protector omnib command to start a backup at a pre-
defined data and time. See the Data Protector CLI Reference Guide for the available omnib options.
Important: Starting with Data Protector 8.10 there are two schedulers available:
- Legacy Scheduler
- Advanced Scheduler
The Legacy Scheduler is the existing Data Protector scheduler, which was left unchanged and allow
the use of Data Protector like in previous Data Protector versions.
Newly introduced was the Advanced Scheduler with a new look and feel and added functionality.
Both schedulers can be used for scheduling the backups and will be explained on the following
pages.

Module 9
Backup
9-21. SLIDE: Scheduler – Feature Comparison
Scheduler – Feature Comparison

Legacy Scheduler Advanced Scheduler
Pro Pro
• Easy to use • Priority based job execution
• Access to Scheduler configuration file • Large set of recurrence options
• Global deactivation possible • Missed Job execution discovery
• Holiday file and Template support • MS Outlook Scheduler look and feel
Con Con
• No job periodization • No scheduler configuration file
• Missed execution not discovered • No global deactivation possible
• Limited scheduler options • No Holiday file and Template support
Important: Both scheduler are working fully independent from each other.
Scheduler – Feature Comparison
The above slide lists the Pros and Cons of each scheduler.
Both scheduler are fully independent from each other. So it is possible to schedule the backup of
one backup specifications using both schedulers. There is no scheduler hierarchy or scheduler
deactivation, if backups were configured in both schedulers.

Module 9
Backup
9-22. SLIDE: Using the Legacy Scheduler 1/2

Using the Legacy Scheduler 1/2
A colour code helps to

quickly check
scheduled incremental
and full backups
List of backup(s)
for the selected
day See next
slide
The Legacy Scheduler is the default Scheduler in Data Protector. During an initial backup
specification configuration it shows up after the Backup Option windows. In case on a saved backup
specification click on the Schedule tab to access it.
A calendar shows the configured schedules for a 9-month timeframe. The timeframe can be move
forward/backward by clicking on the arrow icons in the upper left and lower right part of the
calendar window. A special color code is used to show the backup type. If you click on a specific
date the schedule for that date is shown in a frame below the calendar.
Configuring a recurring backup

Click on Add to configure a schedule. A schedule option window will show up.
It is explained on the next slide.
Note: It is possible to add multiple schedules for one backup specification.

Module 9
Backup
Editing your backup schedule:

It is not possible to edit an added schedule. Simple mark it and click on Delete to remove it.
Afterwards click on Add to recreate your schedule.
Clearing a schedule
To eliminate your schedules that you have already set up, click Reset in the Schedule property
page.
Undoing the clear

To undo the schedule clearing, click Undo in the Schedule property page.
Disabling a schedule
To disable a backup schedule, select the Disable Schedule option in the Schedule property page.
The backup will not be performed until you deselect this option. Disabling backup schedules does
not influence currently running backup sessions.
Skipping backups during holidays

By default, Data Protector runs backups on holidays. If you do not wish to run your backups on
holidays, set the Holidays option to ON in the Schedule page of the Backup wizard. You can identify
holidays from the Holidays file or dates marked red on the Schedule Calendar.
Predefined backup schedules

Click on Predefined to a access a list of predefined backup schedules. Select one from the list to
apply it for the current backup specification. Available schedule types are:
Daily intensive
Data Protector runs a full backup at midnight and two additional incremental backups at
12:00 (noon) and 18:00 (6 p.m.) every day. This backup type is intended for database
transaction servers and other environments with intensive backup requirements.
Daily full
Data Protector runs a full backup every day at 21:00 (9 p.m.). This is intended for backups
of single workstations or servers.
Weekly full
Data Protector runs a full backup every Friday and Incr1 backups every day from Monday to
Friday at 21:00 (9 p.m.). This is intended for small environments.
Fortnight full
Data Protector runs a full backup every second Friday. Between these backups, Data
Protector runs Incr1 backups every Monday to Thursday, all at 21:00 (9 p.m.).
Monthly full
Data Protector runs a full backup on the first of every month, an Incr1 backup every week,
and an incremental backup every other day. This is intended for relatively static
environments.
Saved schedules of a Backup Specifications are stored as ASCII Files on the Cell Manager under:
Datalists: DP_CONFIG\schedules
Barlists: DP_CONFIG\barschedules\<integration name>

Module 9
Backup
9-23. SLIDE: Using the Legacy Scheduler 2/2
Using the Legacy Scheduler 2/2 Dependent of the chosen

recurring mode, the user can
Recurring: e.g. select days of the week or a
None single Month from a year.
Recurring:
Weekly Recurring:
Daily
Recurring:
Monthly
Backup type
Full or inc x
The slide above shows the Scheduler option window.
First select the Time options, such as Start Time and initial Start Date. Next select the Recurring
mode: None, Daily, Weekly or Monthly. Depending on your selection more recurring options will be
made available as shown above.
Next define your Session options:

• Backup type:
Full, Incremental, Incremental1..9
• Network Load:
High, Medium and Low
• Backup protection:
Default (use the setting from Backup Options),
None (not recommended), Until <date>,
Number of weeks, Number of days,
or Permanent Protection (not recommended)

Module 9
Backup
9-24. SLIDE: Using the Advanced Scheduler 1/2
Using the Advanced Scheduler 1/2

Startup possible from Legacy
Scheduler or from DP GUI:
Backup context - Action Menu
• New concepts
• Priority driven
• New Calendar View
• Day, week, month
• Usability
• Edit existing schedules
• New Recurrence patterns
• “Last Friday of the month“
• Hourly
• Every x minutes
• Missed executions
• New GUI
The slide above summarizes the main features of the Advanced Scheduler.
The Advanced Scheduler can be started within Data Protector:
(1) from the Legacy Scheduler window (2) from the Actions Menu

Module 9
Backup
The Advanced Scheduler is running in its own windows.
The main area is the Calendar that lists all configured

schedules. The view can be changed between Month, Week
and Day
At the right part of the window all configured backup specifications are listed, grouped by type.
Click on a Backup Specification to see existing schedules:
Click at the Symbols above the listed schedules to add, edit, delete one or delete all schedules.
How to add a new schedule is explained on the next slide. The missed execution feature is
explained at the end of this module.

Module 9
Backup
9-25. SLIDE: Using the Advanced Scheduler 2/2

• Optional: Schedule Description
1
1 • Backup type (Full, incr, ...)

2 2
3 • Retention (default: Default)

3
4
5 • Priority (default: Medium = 3000)
6 4
7 • Start date and time

5
• Optional: Estimated duration

6
• Network load (default: High)

7
• Recurrence Pattern
8
• Optional: End of reccurrence

9 (default: No end date)
If you click on Add or Edit the above shown Schedule Option screen is shown.
The following options already exists in the Legacy Scheduler, so there is no need to explain these
option again:
• Backup type
• Retention,
• Start date and End date time
• Network load
New options are:

• Schedule Description
• Priority
• Time Zone,
• Estimated duration
• New Recurrence Pattern.
Schedule Description (1)

The description is show in the schedule overview table and will help to identify schedules

Module 9
Backup
Priority (4)
Starting with Data Protector 8.10, it is now possible to assign a priority to a schedule.
The priority range is 1 to 6000, where a backup with priority 1 assigned is getting the highest
priority, 6000 is getting the lowest priority.
Highest Priority:
Lowest Priority:
Incorrect Range:
If multiple jobs are started at the same time, backups are executed according to their assigned
priorities. Assigning priorities to schedules remove the need to schedule backups by time, instead
configure a number of backups with the same start time and control the execution order by setting
different priorities.
Backup jobs without a defined priority receives a default priority of 3000 (Medium).
Note: If more than 1 backup starts at the same time, the first backup is a random selection.
All following backups are started according their priorities
Time Zone (5)

In large Data Protector environments with Backup clients from different time zones or Operator
systems located in a different time zone it is now easy to define a consistent start time for the
backup by adding the time zone information to the start time. In the Legacy scheduler the backup
starts according start time and time zone from the Cell Manager system
Estimated duration (6)

This parameter is currently not used. The value is used to show the estimated session running time
in the scheduler calendar.
New Recurrence Pattern (8)
The Advanced Scheduler allows scheduling backups n intervals from every minute to once a year.

Module 9
Backup
Some examples:
• Last day of every second month or
• Every last Sunday of the Month
• Every 30 Minutes between 6am and 10am
• Every 2nd of January
There are 7 sub menus:
• Once:
Backup is executed just one time, no additional options
• Every minute:
If every minute has been selected a
sub menu allows to configure the
interval of 1, 2, 3, 4, 5, 6, 10, 15, or
30 minutes.
Furthermore the user can select the

days of the week the schedule
should apply.
• Hourly:
Similar to Every minute, but
instead of minutes the job can be
started every 1, 2, 3, 4, 6, 8, 12
hours.
• Daily:
Either the use can choose every day,
or every weekday. Weekdays are
Monday till Friday.
• Weekly:
Select the days (Monday to Sunday)the schedule should apply
• Monthly:
If monthly has been selected the
user can choose between two
submenus as shown right:

Module 9
Backup
The first submenu allows selecting a day independent of what kind this day is. The
selection is: Day (1-31) of every (1, 2, 3, 4, 6, 12) month(s).
The second submenu allows selecting dedicated days of the week. E.g.: Monday or
Saturday. The selection is:
The (First, Second, Third, Fourth, Last) (Monday à Sunday, weekday, day) of every (1, 2, 3,
4, 6, 12) month(s).

Module 9
Backup
9-26. SLIDE: Using an incremental backup chain

Incremental backup chains
Relative Referencing of Backup Runs
1 Full <---- Incr1 Available
2 Full <---- <---- <---- Incr2 Backup Types:
3 Full <---- Incr1 <---- Incr2
Full Incr5
4 Full <---- Incr
Incr Incr6
5 Full <---- Incr1 <---- Incr
Incr1 Incr7
6 Full <---- Incr1 <---- Incr2 <---- Incr
Incr2 Incr8
7 Full <---- Incr1 <---- Incr <---- Incr
Incr3 Incr9
8 Full <---- Incr1 <---- Incr3
Incr4
9 Full <---- Incr1 <---- Incr2 <---- Incr3
10 Full <---- <---- <---- Incr2 <---- Incr3
11 Full <---- <---- <---- <---- <---- Incr3
Last Full #5 #5 and #9 in a

#5 and
Incr1 Incr #5graphical
and view
Multiple differential backups (incr1)
[t] Full
Last Full #9 Incr1

Incr1 Incr2 Incr3 Incr1
Incr1
Incr1
[t] [t]
Using an incremental backup chain
The rows in this table (shown above), are independent of each other and show different situations.
The age of the backups increases from right to left, so that the far left is the oldest and the far right
is the most recent backup.
The full and Incr<x> represent still protected objects of the same owner. Any existing Incr<x> that
is not protected can be used for restore, but is not considered for referencing on subsequent
backup runs.
Examples
1. In the second row, there is a full, still protected backup and an Incr2 is running. There is no
Incr1, so the backup is executed as an Incr1.
2. In the fifth row, there is a full backup, an Incr1 and another incremental is running. Data
Protector references the currently running backup to the previous incremental that is Incr.
3. In the eighth row, the Incr3 is executed as Incr2, and in the eleventh row, the Incr3 is
executed as Incr1
How to select the backup type

If you perform an interactive backup, you are prompted to select the backup type. When scheduling
a backup, you specify the backup type in the Schedule Backup dialog. You can, for example, create
a schedule that runs the same backup specification as full on Saturday and as Incr1 on all working
days.

Module 9
Backup
Backup type and the restore process

Keep in mind that full backups enable a simple and efficient restore, but require many media that
can hold multiple versions of the entire backed up data. The time required to complete a backup is
rather long. Incremental backups require fewer media resources, but have a more complex restore
algorithm. Compare the following two examples:
1. full ; Incr ; Incr ; Incr ; Incr (-> time)

This example requires a shorter backup time and the media space required is lower. The
restore process is more complex; many media need to be accessed, and the required time is
longer if you want to restore to the state of the last Incr.
2. full ; Incr1 ; Incr1 ; Incr1 ; Incr1 (-> time)

This example requires more time for backup and the media space consumption is a bit
higher if compared to the first example. The restore process is simple; few media are
needed, and the time spent on performing a restore is shorter than in the first example.
Option: Network load

Select the network load for the session.
Setting this option to Low reduces the load on the network when running Data Protector. This
prevents the data transmission from blocking the network for other users but increases the time
required for the session to complete.
Incr1 backup
This backup type refers to the most recent still protected full backup with the same ownership. It
does not depend on any previous incremental backups. The files that have changed since the most
recent still protected full backup are included in the backup.
Incr1-9
(Available incremental levels are different for specific integrations.)
Incr1-9, also called leveled incremental backup, backs up only changes made since the last
protected backup of the next lower level. For example, an Incr1 backup saves all changes since the
last full backup, and an Incr5 backup saves all changes since the last Incr4 backup. An Incr1-9
backup never references an existing Incr backup. If there is no protected full backup, Data Protector
starts a full backup instead.
The advantage of an incremental backup is that it takes less time to complete (it backs up smaller
quantities of data) and occupies less space on media and in the IDB.
The disadvantage is that a restore is more complicated as you usually need all the media used since
the last full backup

Module 9
Backup
9-27. SLIDE: Protection of a backup chain
Protection of a backup chain
An incremental backup requires a successful write-protected full backup

If all linked incremental backups have the same protection and the earliest session
within the chain expires:
1. the complete chain expires and the next backup will run in full mode no
matter which mode was selected
2. protection time for full should be set to cover the time until the next full
plus protection time of incr.
Example:
full … every Sunday, protected 7 days (should be at least 14)
incr … every day, protected 7 days
t1 … the time, 5incremental, still protected, became invalid, since full has expired
days
full incr incr incr incr incr incr full incr
expired protected (7days) t1
invalid
Protection of a backup chain
If the protection for full backup expires, Data Protector does not check, whether there are still
depending incremental backups. The user has to choose the correct protection time window, in
order to pretend this case. In such a configuration the corresponding incremental backups, even so
still protected, become useless, since the required full has expired.

Module 9
Backup
9-28. SLIDE: Creating Backup Spec: Backup Object Summary

Creating backup spec.: Backup Object Summary
next slide next slide

Right click an object
opens a new menu with
additional options , like
change the order of the
objects
Creating Backup Spec: Backup Object Summary
The final step in creating a backup specification is to review, and possibly change the objects and
options selected for the backup. Here you may also change the order of the objects in the list. The
order will affect the execution sequence and pairings for concurrency. The object list order along
with the algorithm for load balancing will determine the backup sequence.
Notice that you may select the column headings in the summary within the Results Area to change
the sorting preference for the list; such as the “Order” of the objects.
Each object that is part of mirror chain may have a specific device set for it. By default, devices used
for writing mirrors are selected automatically.
To change the device for a mirror, select the object in the list, then select “Change Mirror.”
From the Mirror options dialog, highlight the mirror, and select a device from the drop-down list. By
default all mirrors are set to <Automatic>.
You may add any additional objects to the backup specification at this point. Each selection will
start an add object wizard. The object types that may be added are: UNIX filesystem; Windows
filesystem; NetWare filesystem; Client System; Intl. Database (IDB) ; Microsoft network shared;
Disk image object (commonly called raw disk)
If this object type is added, use the <- Back button to set the raw disk image properties.

Module 9
Backup
9-29. SLIDE: Backup Object Summary – Object Properties 1/2
Backup Object Summary – Object Properties
Backup Object Summary – Object Properties 1/2
The slide above illustrates where to find General and Trees object properties where you may fine-
tune the scope of the backup.
From here, you may select the parts of a filesystem object to backup, instead of the entire tree,
which is the default. The Trees list is essentially an Include-only list for the backup. The exclude list
allows you to specify the absolute path of the files or directories to exclude from the backup.
When the lists are empty, the entire object (file system) will be backed up.
Use the Filter… button to specify a wildcard list of names to include or exclude. The “Onlys” list is
used for include, and the “Skips” list is used for exclude. In both cases, the list represents a filter
for the entire file system. Whenever a match for the filter is found, the item is either skipped or
included in the backup.
From this object summary screen you may also modify any object options individually.
The options from this summary screen allow individual filesystems to have specific rather than
general properties applied. For example, the pre-post exec script may be modified for each object,
rather than having one script for all filesystems.

Module 9
Backup
Object Qualifiers
The data that is to be backed up requires qualification that is more detailed for Data Protector.
Configuring Data Protector to backup a file system is not sufficient information. A complete
description of the object, such as where it resides, which parts of it are to be backed up, etc., must
be specified.
Specialized backup specifications, such as Oracle, Informix, MS Exchange, etc., have other
qualifiers, such as the instance or SID name. However, we will not be detailing these options, but
focusing on the backup specification datalist and options instead.
Note Data Protector uses four key qualifiers to identify file system objects in the
database: Hostname, Mount Point/Drive Letter, Description and Owner. These
object names are used for restore and reporting.
The following list details the most commonly used qualifiers used with the backup specifications:
• Hostname: Specifies the particular system in the cell that the object resides on.
Example: vindaloo.uk.hp.com is a fully qualified hostname.
• Mount Point: Specifies the file system mount point on a UNIX type system, or the drive
letter on a Windows or Novell system
Example: /opt a UNIX file system mount point
/ a UNIX file system mount point for the root file system
C:\ a Windows drive letter (internally converted to C:/)
• Description Object description, default setting is identical to name of the

Mount Point/Drive Letter
• Owner Object owner is the person who run the backup

(e.g. root/Administrator) or who was defined as session owner
(e.g. Oracle user or SAP user account)
The description can be customized to distinguish between this particular backup of the object and
another. This description is stored in the Database as the object description.

Module 9
Backup
9-30. SLIDE: Backup Object Summary – Object Properties 2/2
Backup Object Summary – Object Properties
“Options”, “Other”, “WinFS Options” tabs

are the same like the Backup Specification
options, just now tuneable on Object level
Backup Object Summary – Object Properties 2/2
This slide shows the remaining tabs: “Option”, “Other” and “WinFS Options”.
There are no differences compared with the windows already shown in backup creation part of this
trainings module. The user can here fine tune object by object without stepping backward.
These options allow the user to fine tune and change options in a similar way as already shown in
Options Tab.

Module 9
Backup
9-31. SLIDE: Preview backup session
Preview backup session
Performs a “Dummy Run” of the backup

• Should be performed on all new or modified backup specifications.
• No data is actually backed up or written to media.
Checks the following:

• Syntax of backup specification
• Licenses
• Agent startup and communication (disk,
media agents)
• Sufficient media pool allocation
• File system trees walked, total data
calculated
• Object level pre/post-execs run
Preview backup session
You can preview a backup to verify your choices. Previewing does not read data from disk(s)
selected for backup, nor does it write data to the media in the device configured for the backup.
However, it checks the communication through the used infrastructure and determines the size of
data and the availability of media at the destination.
You can start an existing (configured and saved) backup after you have given Data Protector all the
information for the backup.
Limitation
Preview is not supported for some integrations and for ZDB.
Steps
1. Select the backup specification that you want to start or preview.
2. In the Actions menu, click Preview Backup
3. In the Preview or Start Backup dialog box, select the backup type (Full or Incremental; some
other backup types are available for specific integrations) and the Network load.
4. In the case of ZDB to disk+tape or ZDB to disk (instant recovery enabled), specify the Split
mirror/snapshot backup option.
5. Click OK to preview or to start the backup.

Module 9
Backup
9-32. SLIDE: Pre- and post- execution

Pre- and post- execution
Start Backup
Allows commands or scripts to be run before and
after the backup, such as database shutdown and Backup Spec Pre-exec
start up
Object Pre-exec
O System A Object
Two levels of pre and post Object Post-exec

execution are executable: Object Pre-exec
B Backup Specification Level B O System B Object
Object Post-exec
O Object Level Object Pre-exec
O System C Object
Object Post-exec
Backup Specification Level can be executed on any
system in the cell.
Backup Spec Post-exec
Object Level is always executed on the system
where the object resides Stop Backup
Pre- and post- execution
Before a backup or restore session begins, an additional action is sometimes necessary. For
example, you may want to check the number of files to back up, stop some transaction processing,
or shut down a database. Such actions are performed using pre- and post-exec commands. Pre-
and post-exec commands are not supplied by Data Protector. Depending on your needs, you have
to write your own executable to perform the required actions. For backup, pre- and post-exec
commands can be configured on two levels:
The pre-exec command is executed before the backup session starts. The post-exec command is
executed when the backup session stops. You specify these commands as backup options for the
entire backup specification. By default, pre- and post-exec commands for the session are
executed on the Cell Manager, but you can choose another system.
Backup Object
The pre-exec command for a specific backup object starts before the object is backed up. The post-
exec command for the backup object is executed after the object is backed up. You specify these
commands as backup options that apply for all objects, or for individual objects. Pre- and post-
exec commands for the object are executed on the system where the Disk Agent that backs up the
object is running.

Module 9
Backup
9-33. SLIDE: Performing backups
Performing backups
Data Protector offers 3 interactively ways to start a backup session
1) From the GUI manually 2) From the GUI scheduled
3) CLI : omnib –datalist My-Backup –mode full

Performing backups
Data Protector provides three methods of performing backups.

Interactive Backups via the GUI
Using this method, the GUI is used to define exactly what to back up, and the devices, media, and
options to use. The backup is then executed. If the backup is saved, it becomes a backup
specification; otherwise, the backup definition is discarded.
Predefined Backup Specification via the GUI

To execute this type of backup, select the backup specification required, and “Start Backup”.
Predefined Backup Specification via the Data Protector Scheduler

Allows the backup to run at a predefined date, time, and frequency.
Command Line Interface via the omnib command (manual or by scripts)

The omnib command can be used to start a backup from the command line.
Example-1: Using omnib to start saved backup specification mydatalist

CLI: omnib -datalist mydatalist
Example-2: using omnib to start a backup without a saved backup specification

CLI: omnib -filesystem system1:/data "/data" device drive1

Module 9
Backup
9-34. SLIDE: Backup session message output
Backup session message output
Object status Medium

in use
Device status
Session messages
Right Click in-to the session

output field to get additional
options
Backup session message output
Shown above is a sample backup session. Three sections in the results area convey current status
information.
• Object status (running, pending, completed, completed/errors, failed, aborted)
• Device status (inactive, running, inactive/finished)
• Session messages: (auto-scroll is on; may be saved, printed, copied to clipboard)
While a backup session is executing, the GUI does not need to continue monitoring the backup; if
the GUI is exited, the session will continue
With a right-click into the session output window, the user can stop the auto scrolling of the
session output.
Other options are, to copy a part or the whole message output, to clear the output, to find a
string and more.

Module 9
Backup
9-35. SLIDE: Resume/Restart failed Backup sessions
Resume/Restart failed Backup sessions

In case of a failed Backup session there are two ways to restart the session:
• Restart Failed Objects
• Resume Session
Restart Failed Objects

All objects in status Failed will be
backed up from the beginning
Resume Session
All objects in status Failed will be
backed up from the point of failure
CLI:
Restart: omnib -restart SessionID
Resume: omnib -resume SessionID
Resume/Restart failed Backup sessions
Typically a backup session does not backup just one system. A Backup Specification might get 50 or
100 systems configured that will be backed up together within one backup session. Such large jobs
typically run into various issues, caused by the environment, and one or more systems will not be
backed up correctly. Data Protector helps to isolate the missing systems and offers two different
ways of restarting these failed objects only:
• Restart Failed Objects
• Resume Session
Restart Failed Objects

Using this option all objects in status Failed will be backed up again. This backup will skip all
objects in status Completed and backs up all failed objects from the beginning.
The restarted backup will run under a new Session-ID.
Resume Session
This option was introduced in Data Protector 8.10. Simply said it allows the backup to continue at
the position, where the problem occurred. For failed objects it will not just start from the beginning.
Based on IDB checkpoints Data Protector knows the last file that was backed up successfully and
continues with the backup at that position.
The resumed session will run like an “append” to the original backup session and uses the original
backup Session-ID.

Module 9
Backup
Both feature are available through the DP GUI. Change to the Internal Database context, expand
Sessions, mark the failed session and select either Restart Failed Objects or Resume Session from
the shown menu. Click Yes in the Popup window to trigger the Restart/Resume.
Session Resume/Restart is also available from the CLI:
CLI:
Restart: omnib -restart <SessionID>
Resume: omnib -resume <SessionID>
Limitation: The options Resume Session/Restart failed Objects are only available for
Filesystem Backups and Oracle Integration Backups

Module 9
Backup
9-36. SLIDE: Missed job executions
Missed job executions

Missed job execution lists Backup jobs that were not executed, because of Data
Protector Services down or other Cell Manager connection issues.
Startup from Action Menu

(Internal Database context)
Columns are
customizable
Missed Jobs can be

restarted or deleted
Missed job executions
If Cell Manager services were down, Missed Job Execution list all backups that couldn’t run during
that time. The DP administrator gets now the possibility to start those missed backups selectively
from this GUI.
The Missed Job Execution window can be started from the Action
tab out of the Internal Database context as shown on the slide
above.
Missed sessions are listed within a table. The table can be

customized by selecting/deselecting columns as shown right.
Restarting jobs
Select a job and clicking Run Now to immediately start that missed
job. This re-started session and all other entries are not deleted
automatically. This has to be done manually by clicking the Delete or
Delete All button.

Module 9
Backup
9-37. SLIDE: Reconnect broken connections
Reconnect broken sessions
• Instructs HP Data Protector to use a more robust protocol

• If communication between BSM and an agent fails, BSM and agent attempt to re-
establish communication
• No reconnect for broken connection between direct Disk and Media Agent connection
Disk Agent
Network Backup
TCP/IP
Cell Manager
TCP/IP
Backup Session
Manager
TCP/IP
Media Agent
Reconnect broken connections
The “reconnect broken session” backup specification

option can be used to increase the robustness of the
backup. It can be used when backups are taking place over
networks that are susceptible to interruptions, such as
WANs.
For activation change to Options – Backup Specification Options – Advanced and check the
option: Reconnect broken connections for your backup specification.
When this option is enabled, a more advanced protocol is used for agent communication and data
transfer. This protocol has a performance overhead, and therefore, should be used only if the link
reliability is a problem.
If the BSM loses communication with the disk or media agents, the BSM and the agents will both try
to re-establish communications. It is possible to fine tune it by an omnirc option:

Module 9
Backup
Configurable omnirc file parameters

(can be set on Media and/or on Disk Agent system)
OB2RECONNECT_RETRY (Default: 600s)

Time-out (in seconds) before either a Disk Agent (DA) or Media Agent (MA) should stop trying to
reconnect to the Session Manager or Disk Agent should stop trying to reconnect to the Media Agent
during backup.
OB2RECONNECT_ACK (Default: 1200s)

Timeout (in seconds) before an agent gives up waiting to acknowledge a message from the
session manager

Module 9
Backup

Module 10 — Restore
Objectives
• Understand and use the restore capabilities in HP Data Protector
• Perform session and object restores
• Perform single or parallel restores
• Use the “Restore” context of the HP Data Protector GUI
Contents
Module 10 — Restore 1
10–3. SLIDE: What is Restore? .......................................................................................................... 2
10–4. SLIDE: Restore methods ......................................................................................................... 3
10–5. SLIDE: Restore prerequisites .................................................................................................. 4
10–6. SLIDE: Concept of Parallel Restore ......................................................................................... 6
10–7. SLIDE: Restore – Sequence ..................................................................................................... 8
10–8. SLIDE: Restore – Objects ....................................................................................................... 10
10-9. SLIDE: Restore – Session ....................................................................................................... 12
10-10. SLIDE: Restore – Source ....................................................................................................... 14
10-11. SLIDE: Restore – Object properties ...................................................................................... 16
10-12. SLIDE: Restore – Destination ............................................................................................... 18
10-13. SLIDE: Restore – Options ...................................................................................................... 20
10-14. SLIDE: Restore – Devices ...................................................................................................... 22
10-15. SLIDE: Restore – Media......................................................................................................... 24
10-16. SLIDE: Restore – Media/object copies .................................................................................. 27
10-17. SLIDE: Restore – Summary................................................................................................... 29
10-18. SLIDE: Restore – Single or parallel? ..................................................................................... 31
10-19. SLIDE: Restore – Point in time restore ................................................................................. 32
10-20. SLIDE: Restore – By query name or location........................................................................ 33
10-21. SLIDE: Restore – By query backup or modification time ..................................................... 34
10-22. SLIDE: Resume failed Restore sessions ............................................................................... 35
Module 10
Restore
10–3. SLIDE: What is Restore?
What is “Restore” ?
Restore is the process of recreating the original data from a backup copy back
to the original or to a newly specified location.
Advanced features of Data Protector restore

• Ability to restore on different levels: session, client, object, directory,
specific file, or specific file version
• Specifying an alternative location to restore your data
• Cross-platform restore (for example, data backed up on UNIX and
restored on Windows)
• Parallel restore of multiple objects from a session, on a client, or in a cell
• The possibility of automatic or manual selection of the media set to restore from
Note:
Depending on the platform, the way you specify these features and the available options can vary!
What is Restore?
A restore is a process that recreates the original data from a backup copy to a disk. This process
consists of the preparation and actual restore of data and, optionally, some post-restore actions
that make that data ready for use.
The Data Protector Internal Database (IDB) keeps track of data such as: which files from which
system are kept on a particular medium.
Advanced features of HP Data Protector restore operations are:

• Ability to restore on different levels: session, client, object, directory, specific
file, or specific file version.
• Specifying an alternative location to restore your data.
• Cross-platform restore (for example, data backed up on UNIX and restored on Windows).
• Parallel restore of multiple objects from a session, on a client, or in a cell.
• The possibility of automatic or manual selection of the media set to restore from.
Depending on the platform, the way you specify these features and available options can vary. For
information on how to restore with application integrations see the HP Data Protector Integration
Guides.

Module 10
Restore
10–4. SLIDE: Restore methods
Restore methods
Restore using the GUI

• by object
• by session
• by query
Restore using the Command

Line Interface (CLI)
• omnir command interactive
• started by a script
Restore methods
Data Protector offers several methods of restoring data interactively. Three methods (object,
session, and query) are accessible through the GUI and one uses the command line (omnir
command) interface.
In general, restore tasks are infrequent events that are performed only once in the same manner.
As such, there is no need to have the equivalent of a backup specification for restores. omnir is the
corresponding CLI command to the GUI.
Data Protector restore definitions are done on the backup session or object level. Within one
restore session, one or more backup objects may be selected. For each object, files and versions
may be selected. Options may be set on the restore session level, as well as on object level.
When the restore is started, the restore session manager (RSM) is executed on the cell manager
and a restore session ID is assigned to the restore session. The restore session is stored in the IDB
in a similar manner to backup sessions. These sessions may be removed, up to the discretion of the
administrator. While backup data in the Data Protector database is necessary for restore, restore
data is only necessary for auditing and reporting purposes.

Module 10
Restore
10–5. SLIDE: Restore prerequisites
Restore prerequisites
• Appropriate user rights to perform a restore task
(These rights are defined according to the user group)
• Valid, protected, available backup data  valid restore chain
Full Inc Inc Inc Inc Inc Inc Inc Valid restore chain of
protected backup
I
Full Inc Inc n Inc Inc Inc Inc Broken restore chain
c
t t+n Desired
Expired/Deleted Point-in-time
Incremental Backup data
Restore prerequisites
To perform a restore you need to have the appropriate user rights. These rights are defined
according to the user group.
The restore context in the graphical user interface allows you to select a backup session (like an
incremental backup from a specific backup specification) then browse all objects that were backed
up in this session, and all versions of this backup chain.
The backup chain is based on the level of the incremental backups used (Incr, Incr 1, Incr 2, and so
on), simple or rather complex dependencies of leveled incremental backups to previous
incremental backups can exist. The backup chain is all backups, starting from the full backup, plus
all the dependent incremental backups up to the desired point in time.
When performing a restore, the backup chain is used to re-construct the data set selected for
restore. If one of the backups within the chain is missing, then an incomplete restore may be
performed and a warning is generated. The warning indicates that the restore chain has been
broken.
As a consequence the user cannot rebuild the data structure up to the desired point-in-time.

Module 10
Restore
In the below example a depot file representing an incremental back in a Data Protector file library,
was missing:
[Warning] From: RSM@tpo042.tic.hp.com "FileLibT1EVA_Writer0" Time: 8/1/2012

1:09:24 PM
__________________________________________________________________
Mount request for medium:
MediumId : 2a493910:4e368762:07d4:0169
Label : FileLibT1EVA_MediaPool_1268 []
Location :
Device : FileLibT1EVA_Writer0
Host : tpo025.tic.hp.com
Slot : Z:\FileLibT1EVA\2a49391054e368761507d450167.fd
__________________________________________________________________
The media mount request in the restore task got manually aborted. However the data could be
restored up to the point of the missing incremental backup:

Module 10
Restore
10–6. SLIDE: Concept of Parallel Restore
Concept of Parallel Restore

Restoring backed up data to multiple disks at the same time
by running multiple Disk Agents, that receive data from one
Media Agent.
DA Disk1
DA Disk2
MA
Host A
DA Disk1
MA ... Media Agent
DA … Disk Agent
Host B
… 3 Backup Objects
Concept of Parallel Restore
A parallel restore allows you to restore data concurrently from multiple objects to multiple disks or
file systems while reading the media only once, thus improving the speed of the restore.
For the parallel restore to work, the data from the different objects must have been sent to the
same backup device using a concurrency of 2 or more. During a parallel restore, the data for
multiple objects selected for restore is read from the multiplexed media, thereby improving restore
performance.
Prerequisite
At backup time, the data from the different objects must have been sent to the same device using a
concurrency of 2 or more.
Limitation
You cannot restore the same object in parallel. For example, if you select for the same restore an
object under Restore Objects and then select the session that includes the same object under
Restore Sessions, the object will be restored only once and a warning will be displayed.

Module 10
Restore
A parallel restore requires only one pass of a media in order to extract all the selected objects from
it; in other words, a sort of reverse concurrency. A sequential restore only allows the selection of a
single object at a time; thus, multiple passes of the media are required if more than one object from
the concurrent backup is selected for the restore.
When sequential restore is necessary, it is wise to de-multiplex the backup media as a way of
organizing the objects (object copy) for the fastest restore. See the “Media Management and
Replication” module for details on object copy.
Concurrent Restore or Sequential Restore

In some cases, objects selected for parallel restore may be restored sequentially. This depends
largely upon how the objects exist on the physical media.
• Objects that were backed up in parallel to the same medium are capable of being restored in
parallel.
• Objects that were backed up to separate devices using different media are capable of being
restored in parallel.
• Objects that exist on the same medium in different tape segments are restored sequentially,
even if configured for parallel restore.
Note: A parallel restore may launch multiple DA processes for a single MA, just the
reverse compared to concurrent backup. In addition, Data Protector may start
multiple DA processes for a single object if the data was backed up in that
manner using the trees options.

Module 10
Restore
10–7. SLIDE: Restore – Sequence
Data Protector’s restore sequence

Source
Restore by:
Object Version
Object
Destination
-or-
Session
Restore Options
-or-
Query
Devices
Media
Object Properties Preview

Restore Context
Start Restore
Restore – Sequence
A standard restore procedure consists of several phases. You have to select the data to be
restored, find the necessary media, and start the restore session. Other settings are predefined
according to the backup process, but can be modified.
Prerequisite
To perform a restore you need to have the appropriate user rights.
Tasks:
Selecting the Data to Restore Selecting a Specific Backup Version
Selecting Restore Location Setting Restore Options
Handling File Conflicts Selecting a Device to Restore From
Finding Media Needed to Restore Previewing and Starting a Restore
Viewing Finished Sessions Resuming Failed Sessions
Specifying Restore Location for Individual Files and Directories
The restore process is conceptually similar to backup, but you may start the restore at any point,
you do not have to walk through all of the option screens if you want to accept any or all of the
restore defaults.

Module 10
Restore
Advanced Restore Tasks

You can control a restore in many ways. Advanced restore tasks include specifying rarely used
options or taking some actions that do not follow the standard restore procedure. To restore the
data you will still have to perform most of the standard restore steps.
Advanced restore tasks are:

Skipping Files for Restore Selecting Only Specific Files (Matching) for Restore
Selecting Open Files for Restore Denying Access to Files During Restore
Searching for a File to Restore Selecting a Windows Shared Disk for Restore
Restoring Objects in Parallel Restoring Directly from Media
Disk Image (RAWdisk) Restore Restore from Media in a Vault
Web Server Restore Restore without Browsing
To get a detailed description: Search in the OLH with "Advanced restore tasks".
Restore Options
Data Protector offers a set of comprehensive restore options that allow fine-tuning of a restore. All
these options have default values which are appropriate in most cases.
The following list of options can be set on a per-object basis. The restore options are available
according to the type of data being restored.
General restore options

Show full chain Show this session only Target client
Omit deleted files Move busy files List restored data
Display statistical information Lock files during restore Restore time attributes
Restore protection attributes Restore sparse files
Restore share info for directories Omit unrequired object versions
Pre- and post-exec commands

Device selection
Automatic device selection
Original device selection
Handling file conflicts Active Directory specific options

Keep most recent Replication mode
No overwrite Authoritative
Overwrite Nonauthoritative
Primary

Module 10
Restore
10–8. SLIDE: Restore – Objects
Restore - Objects
Always visible in restore Restore Context

context:
• Disk Image
• Filesystem, Disk image
• Internal Database
Filesystem
Internal Database
Integration Objects will
only show up if at least
Integrations
one client got the
Integration Agent
installed, e.g.:
Restore Sessions
MS SQL Server
Oracle Server
Restore by Query
Restore – Objects
Depending on the types of backups performed, different object types may be available for restore.
Each object has restore options that are specific to the individual object type. There are also restore
options that are common to all object types.
Restore Objects
If this item is selected in the Scoping Pane, the types of data backed up (e.g.: Filesystem, Internal
Database, and so on) are listed in the Results Area. You can right-click Restore Objects and select
“List From Media” to restore directly from media.
By default, when you select a whole directory, only directories and/or files from the last backup
session are selected for restore. Directories and files in the same tree structure that have not been
backed up in the same backup session are shaded. If you want to restore the data from any other
backup session, right-click the selected directory and click Restore Version. In the Backup version
drop-down list, select the backup version that you want to restore from.

Module 10
Restore
Object Types
Disk Image
From a rawdisk object backup it is possible to restore the entire raw disk image copy. No single file
or directory objects may be specified with this object type.
Filesystem
Filesystem objects include UNIX, Windows, Netware, etc. From these objects, it is possible to
restore a file, directory, or complete file system. In addition, from the winfs object type, it is
possible to restore the windows registry which is part of the CONFIGURATION backup.
Internal Database
From the omnidb object, the Data Protector internal database can be recovered, including the
<DPCONFIG> directories. This topic will be addressed in much more detail later in this course.
Databases
Data Protector supports integrated online backup for several enterprise database and application
solutions. For example: rman for Oracle, sapdba for SAP, or onbar for Informix. How to backup and
restore such integrations are explained in the dedicated Data Protector integration guides.
Disk Image (Rawdisk) Restore

A disk image (rawdisk) restore is a fast restore of a corresponding disk image backup. Data
Protector restores the complete image of a disk, sector-by-sector instead of only restoring
selected files or directories.

Module 10
Restore
10-9. SLIDE: Restore – Session
Restore – Select session

• All objects from a single backup
session (Show this session only)
• Can exclude individual objects
• High degree of restore control
for each object
Note: By default, the entire restore chain is restored (Show full chain is selected).
Restore – Session
If this item is selected in the Scoping Pane, filesystem sessions and their attributes are displayed in
the Results Area. You can right-click Restore Sessions and set the interval for limiting the displayed
sessions.
Restore Sessions will contain a list of backup sessions with all objects backed up in these sessions.
You can browse all objects that were backed up in this session (like any disk drive from all clients
named in the backup specification), and all versions of this restore chain.
Prerequisite
In order to browse objects and select directories or specific files, the corresponding backups must
have been done using a logging level of directory, filenames, or log all.
Note: By default, the entire restore chain is restored (Show full chain is selected).
To restore only data from this session, select Show this session only.
In some cases, the restore of an entire system is necessary. Normally this would be after a disaster
recovery. A disaster recovery of a system probably includes some out of date files or data. Data
Protector restore in conjunction with disaster recovery tools allows for easy recovery of your
system and data from the most current backup session.

Module 10
Restore
Data Protector “Disaster Recovery” is a separate learning module.
The session restore capability within Data Protector is based upon the specific backup sessions that
have been completed. Data backed up within a single session, usually from a backup specification
(Datalist), may be restored in parallel.
While selecting a session to restore, Data Protector provides individual object selection, so you are
not limited to an all or nothing restore. By selecting a backup session for restore purposes you are
able to restore all of the data that was a part of the backup.
The Data Protector internal database plays a key role in making the session and object data
available for restore. Within each session, you will be able to browse the object trees and select
down to the file level if a partial rather than a full restore is necessary.

Module 10
Restore
10-10. SLIDE: Restore – Source
Restore - Source
• Select from Restore Objects or
• Select from Restore Sessions
1.
1.
3. • Select object to prepare properties

2. 2.
• Select time interval to browse the

IDB for backup object versions
4.
3.
• Configure properties for object

1. 4.
2.
3.
4.
Restore – Source
You can browse for data to restore in two possible ways: either from the list of the backed up
objects or from the list of sessions. The difference is in the scope of directories and files presented
for restore:
Restore Objects with a list of backed up objects classified by client systems in the cell and by
different data types (such as Filesystem, Disk Image, Internal Database, and so on). You can browse
all the directories, files and versions, which were backed up and are still available for restore.
Restore Sessions with a list of backup sessions with all objects backed up in these sessions. You
can choose to view only sessions from the last year, last month, or last week. You can browse all
objects that were backed up in this session (like any drives from all clients named in the backup
specification), and all versions of this restore chain. By default, the entire restore chain of the
selected directories or files is restored, but you can also restore data from a single session only.
Prerequisite
In order to browse objects and select directories or specific files, the corresponding backups must
have been done using a logging level of directory, filenames, or log all.

Module 10
Restore
Required steps for selecting the data from the list of the backed up objects
1. In the Context List, click Restore
2. In the Scoping Pane, under Restore Objects, expand the appropriate data type (for
example, File system).
3. Expand the client system with the data you want to restore and then click the object
(mount point on UNIX, drive on Windows systems) that has the data.
4. In the Source property page, expand the object and then select directories or files that
you want to restore.
By default, when you select a whole directory, only directories and/or files from the last backup
session are selected for restore. Directories and files in the same tree structure that have not
been backed up in the same backup session are shaded. If you want to restore the data from
any other backup session, right-click the selected directory and click Restore Version. In the
Backup version drop-down list, select the backup version that you want to restore from.
Note: If you repeat the steps above and select data under more than one object
(mount point or drive), you can perform a parallel restore.
Selecting the data from the list of the backup sessions

1. In the Context List, click Restore.
2. In the Scoping Pane, expand the Restore Sessions to display clients and then objects,
backed up on a particular client. Click an object to open the object's property pages.
3. In the Source page, select directories and files to be restored. By default, the entire restore
chain is restored (Full chain is selected). To restore only data from this session, select Show
this session only.
4. Specify the restore destination and set the restore options.
5. Click Restore to start the restore session.
Note: To perform a parallel restore, repeat steps 2 to 4 for additional objects

before starting the restore.
The amount of file and directory details available for browsing depends upon the log level option
that was used for the backup session.
Data Protector user permissions and public and private objects

Depending on the permissions of the user, and the setting of the object protection to public or
private, a user may not be able to see certain objects while browsing the restore catalog. Typically,
Admin level users can see all objects, while ordinary users can see only their own objects, plus any
objects that are made public.

Module 10
Restore
10-11. SLIDE: Restore – Object properties
Restore – Object properties

• Available for each object
• Right click to show menu
1.
1.
• Select appropriate version
to restore
2. (latest = default)
• Select appropriate location

2. 3. for restored data
• Filter objects using Restore

Only or Skip
4.
3.
3.
Restore – Object properties
Data Protector allows each object selected for restore to be “fine-tuned” to meet specific
requirements. You can select the backup version of the object as well as the destination for the
object to be restored.
On the “Restore Only” option tab, you may specify wildcard matches to filter the object content and
restore only certain files or file types. For example; to restore just word documents use *.doc. To
exclude certain files from the restore, enter them in the “Skip” option tab. For example, to exclude
any file named containing “core,” such as *core, or core.*.
Within the Properties GUI shown above, the Destination tab contains options that allow the
destination of the object to be changed. You may alter the name of the object, or place it into a new
directory. Setting the destination here, allows for an override of the destination defaults.

Module 10
Restore
Options are:
• Select for restore

− You can select or deselect the file or directory for restore.
• Backup version
− Select a backup version of the file or directory. By default, the most recent backup
version is selected for restore.
• Last backup version

− The date, time, and type of the last backup version.
• Restore
− To default destination
The file or directory will be restored to the destination specified under Default
destination in the Destination property page. If you leave the default there, the
destination is the original directory on the original client system.
− As
The path from the backup will be replaced with the new location specified below. The
destination path can be a new directory or an existing one. You can rename the files
and directories that you want to restore.
− Into
The path from the backup will be appended to the new location selected below. The
new location has to be an existing directory.
• Drive (Windows only)

The original drive of the file or directory is displayed. To restore to another drive, select the
drive from the drop-down list.
To restore to another client system, click Browse.
• Location
Enter a new path for the file or directory.

Module 10
Restore
10-12. SLIDE: Restore – Destination
Restore – Destination
• Default destination
• Original location; same client
1. • Any DA client of cell
• Select restore operation File Conflict

Handling
2.
1.
2.
Restore – Destination
After selecting the data that you want to restore, you can select the location to restore the data to
and the file conflict handling. You can restore the data to another Data Protector client system and
change the directory path. This applies to the entire object to be restored.
Steps:
1. Click the Destination tab and then, in the Target client drop-down list, select the client
system that you want to restore on the new client. By default, Data Protector uses the
original directory structure to restore: if the data was backed up from the C:\temp directory
on system A, it restores the data to the C:\temp directory on system B.
2. You can change the directory path for your restore by selecting the Restore to new location
option and then entering or browsing for a new anchor directory. The directory path at
backup time is appended to the new anchor directory: if data was backed up from the
C:\sound\songs directory and you enter \users\bing as a new path, the data is restored to
the C:\users\bing\sound\songs directory.

Module 10
Restore
Default destination
Some of these settings can also be set for each individual file or directory in the Source page. If you
change the properties there, they will override the settings made in this page.
• Target client
By default, you restore to the same client system from which the data was backed up. You can
select another system in your cell from the drop-down list. The Disk Agent is started on the
selected client system and the data is restored there.
You need to have the Restore to other clients user right to be able to restore to another client
system.
• Restore to original location
By default, you restore your data to the same directory in which it was located when the backup
was performed. It can be on the original client system or on some other client system you have
selected.
• Restore to new location
This option enables you to restore your data to another directory. Specify the path to the
directory to which you want to restore the data. You can browse for it if you are using the GUI
on a Windows system. If you restore to a Windows system, you could select a directory on
another system, but this is not recommended.
File Conflict Handling (not available for NDMP restore)

• Keep most recent
If this option is selected, the most recent versions of files are kept. If a file on the disk is newer
than the backed up version, the file is not restored. If a file on the disk is older than the backed
up version, the file is overwritten with the newer version from the backup. By default, this
option is enabled.
• No overwrite
If this option is selected, files that exist on the disk are preserved. This means that they are not
overwritten by other versions of these files from the backup. Only non-existing files are
restored from the backup. By default, this option is disabled.
• Overwrite
If this option is selected, existing files on the disk are replaced with files from the backup. By
default, this option is disabled.

Module 10
Restore
10-13. SLIDE: Restore – Options
Restore – Options
• Restore options allow to choose file

handling during restore
1. • Statistical information
• Specify action scripts which might

1. be required to run on the target
2. host before or after a restore task.
2.
Note: Above the default checked options are shown.

Restore – Options
DP offers a set of comprehensive restore options which are applied on a per-object basis.
Omit deleted files (Default: Disabled)

When restoring a directory from which files were deleted between a full and an incremental
backup, these files are also restored. If this option is enabled, Data Protector attempts to recreate
the state of the restored directory tree as it was when the last incremental backup was run, while
preserving files that were created or modified after the last incremental backup. The files that were
deleted between a full and incremental backup are restored and then deleted.
However, if the directory contains files that did not exist there at the time of the last incremental
backup, but their modification time is older than the time of the incremental backup, Data
Protector will delete these files as well.
When using the Restore As or Restore Into functionality with this option enabled, be careful when
selecting the new location to prevent accidental deletion of existing files. The time on the CM and
clients must be synchronized for this option to function properly.
Move busy files (Default: Disabled)

This option is relevant if a file on the disk is being used by an application when a restore wants to
replace this file. It only applies to the files that are locked by an operating system when they are
used by the application or other process. The option is used with the Keep most recent or Overwrite
options. On UNIX, Data Protector moves the busy file filename to #filename (adds a hash in front of

Module 10
Restore
the filename). The application will keep using the busy file until it closes the file. Subsequently, the
restored file is used. On Windows, the file is restored as filename.001. All applications keep using
the old file. When the system is rebooted, the old file is replaced with the restored file. On Linux,
this option is not supported.
List restored data (Default: Disabled)

When this option is enabled, Data Protector displays the names of the files and directories in the
monitor window as the objects are being restored.
Display statistical information (Default: Disabled)

Data Protector reports statistical information (size and performance) for each object that is backed
up or restored. You can view the information in the monitor window.
Omit unrequired object versions (Default: ON)

This option applies if you select directories for restore and the backup was performed with the
logging level Log All or Log Files.
If this option is ON, Data Protector checks in the IDB for each backup in the restore chain if there are
any files to restore. Backups with no object versions to restore are skipped. Note that this check
may take some time.
If this option is OFF, each backup in the restore chain is read, even if there was no change since the
previous backup. To restore empty directories, set this option to OFF.
Restore sparse files (Default: disabled)

This option restores sparse files in their original compressed form. This is important because
sparse files can consume additional disk space unless they are restored in their original form. This
applies to UNIX sparse files only. Windows sparse files are always restored as sparse.
Lock files during restore (Default: disabled)

This option denies access to files during the restore.
Restore time attributes (Default: Enabled)

This option preserves the time attribute values of each restored file. When this option is disabled,
DP sets the time attributes of the restored objects to the current date/time.
Restore protection attributes (Default: Enabled)

This option preserves the original protection attributes of each restored file. If this option is
disabled, DP applies the protection attributes of the current restore session.
Restore share info for directories (Default: selected)

Specifies that share information for directories will be restored. When restoring a directory that
was shared on the network when it was backed up, the directory will also be shared after restore if
this option is selected, provided that the backup was made with the Backup share information for
directories option selected.

Module 10
Restore
10-14. SLIDE: Restore – Devices
Restore – Devices
• Automatic Device
selection or
1. • Fixed Original Device
• Use Change… to select if

Original Device is not/no
1. 2. longer available
Restore – Devices
When restoring data, Data Protector will choose the same Logical Device that was used during the
backup for the object. In most cases, this is desirable, especially if the needed tape is still within the
repository of the tape or file library.
Steps
1. Click the Devices tab to open the Devices property page.
The devices that were used during backup are listed here.
2. To restore your data with an alternative device, select the original device and click
Change. In the Select New Device dialog box, select the alternative device and click OK.
The name of the new device appears under Device Status. The new device will be used
only for this session.
For more information on a device, right-click the device and click Info.
Specify what Data Protector should do if the selected devices are not available during restore (for
example, if they are disabled or already in use). Select either Automatic device selection or Original
device selection.

Module 10
Restore
Option: Automatic device selection (Default: ON)

This option is applicable when the original devices are not available for a restore or an object copy.
Select this option to enable Data Protector to automatically replace unavailable devices with other
devices that are selected for the restore or object copy and have the same device tag as the original
device. If there are not enough available devices to replace the original devices, the restore or
object copy is started with fewer devices than were used during backup.
By default, Data Protector attempts to use the original device first. If the original device is not
selected for a restore or an object copy, then a global variable is considered. To use alternative
devices first or to prevent the use of the original device all together, modify the global variable
AutomaticDeviceSelectionOrder.
Option: Original device selection (Default: off)

This option is applicable when the original devices are not available for a restore or an object copy
at the moment. Select this option to instruct Data Protector to wait for the selected devices to
become available.
Change Logical Device

In some cases, the device used for the object backup may no longer be available, or may be busy. If
waiting for the device to become available is not acceptable, or the device no longer exists, it is
possible to use a different logical device of the same type for the restore. Select the device, then
select Change… .
If the device no longer exists, a permanent change would be required. Use the omnidbutil
command with the -change_bdev option to permanently change a device to another within the
Data Protector database. The omnidbutil command will be discussed in more detail within the
“Database” module.
Example: permanently change all backups from drive1 to drive2
omnidbutil –change_bdev drive1 drive2

Module 10
Restore
10-15. SLIDE: Restore – Media
Restore – Media
.. List required media for restore, so ensure that listed media are available during restore
• Select All media to view

media used for restore.
1.
• Right-click on media for
1. 2. media properties
• Influence default media

set selection if required
3.
2.
3.
Non-resident media:
Media kept outside a library
Restore – Media
After selecting the data that you want to restore, you need to get a list of media containing the
data. This is essential if you use standalone devices or if you keep media outside of libraries to
verify availability.
In the below example there is one media which is required for that restore task at a different
location creating a mount request if started.

Module 10
Restore
If an object version that you want to restore exists on more than one media set, you can influence
the selection of the media set that will be used for the restore by setting the media location
priority, or manually select the media set that will be used.
If you use synthetic backup, there is often more than one restore chain of the same point in time of
an object. By default, Data Protector selects the most convenient restore chain and the most
appropriate media within the selected restore chain.
Note: Copies obtained using the media copy functionality is not listed as needed media.
A medium copy is used only if the original medium (the medium that was used as
a source for copying) is unavailable or unusable.
Limitations
• With some integrations, it is not possible to set the media location priority in the Restore
context. The GUI does not display the Media tab for these integrations.
• You cannot manually select the media set when restoring integration objects.
Steps
1. Click the Media tab to open the Media property page. The needed media are listed.
For more information on a medium, right-click it and click Info.
If an object version that you want to restore exists on more than one media set, all
media that contain the object version are listed. The selection of the media set
depends on the Data Protector internal media set selection algorithm combined
with the media location priority setting.
To override the media location priority setting, select a location and click Change
priority. Select a different priority for the location and click OK.
To manually select the media set from which you want to restore, click the Copies
tab. In the Copies property page, select the desired object version and click
Properties. Select the Select source copy manually option, select the desired copy
from the drop-down list, and click OK.
2. If necessary, insert the media into the device.
Note: You can also list the media needed for restore, including media containing object
copies of the selected objects, by clicking Needed media in the Start Restore Session
dialog box. This dialog box appears when you start the restore.
Label
Labels help you identify media. They can have a maximum of 80 characters, including any keyboard
character or space.
Location
If the medium is in a library device, the location of the medium in the slot (enclosed in brackets),
and if provided, the location of the medium when it is not in a device.

Module 10
Restore
Media ID
A unique identifier assigned to a medium by Data Protector.
Location priority
The order in which media are selected for restore, object copying, object consolidation, or object
verification when copies of the same object version exist in more than one location.
By default, Data Protector automatically selects the most appropriate media set. Media location
priority is considered if more than one media set equally matches the conditions of the media set
selection algorithm.
Location
Media location information helps you find the medium. You should enter the location when you
initialize media, and update it whenever you move media (for example, to off-site storage). The
location information is written on the media and in the IDB.
Data Protector allows you to create a list of predefined locations to simplify vaulting and archiving.
Number of media
The number of media present in a location.
Setting the Media Location Priority

If an object version that you want to restore, copy, consolidate, or verify exists on more than one
media set, any of the media sets can be used for the operation. By default, Data Protector
automatically selects the most appropriate media set. You can influence the media set selection by
specifying the media location priority.

Module 10
Restore
10-16. SLIDE: Restore – Media/object copies
Restore – Media/object copies

... Allow modification of the automatic copy selection behavior for each object version
• Select object version you

plan to restore from a
2. 1. copy
1. • The Property button will

open the “Version
2. properties” window
• Selected source overrides

the standard selection with
3. a copy if exists
3.
Note: Using the Copies tab to manually select object copies overrides Data Protector’s Automatic Media Set Selection – Handle with care!
Restore – Media/object copies
By default, Data Protector restores data from the original media set. However, if the original media
set is not available, but a copy is available, the copy is used for the restore.
If neither the original nor a copy is available in the backup device during restore, Data Protector
issues a mount request, displaying both the original and the copy as the media required for restore.
You can use any one of these.
If you perform a restore using a standalone backup device, you can choose to restore from the copy
rather than from the original. To do this, insert the copy in the device that will be used for the
restore, or select the device containing the copy. However, if you perform a restore using a library
device and the original is in the library, Data Protector will use it for the restore.
Auto select copy

If an object version exists on more than one media set, Data Protector selects the media set
automatically by default. You can also select the media set manually.

Module 10
Restore
Properties
If an object version that you want to restore exists on more than one media set, you can manually
select the media set that will be used. Select the desired object version and click this Properties
button.
Version properties
The version properties allow a change from automatic media-set selection to a manual source copy
selection based on required media for specific copy shown in media list. From the “source copy
created” list you can select which object version to use based on the shown creation data/time for
all point-in-time object versions. Each time a new object version is selected, the media list below
will be updated.
Restore from an object copy (or mirror)

File system, raw disk restore:
You cannot directly see or browse any copies of object-versions in the restore context, only point-
in-time objects. Therefore, you select appropriate versions among available point-in-time objects.
Before starting restore you’ll need to decide:
• whether to let Data Protector select appropriate copy of an object-version for selected
point-in-time (automatic media-set-selection) or
• manually select appropriate copy of an object-version.
Both restore methods can be mixed for object-versions to be restored.

You can influence automatic media-set-selection by providing the order of media locations to be
used for restore. The location order may be defined globally in “Devices and Media” context or
overridden by each restore session.
Automatic Media-Set-Selection:
The order in which media are selected for restore, object copying, object consolidation, or object
verification when copies of the same object version exist in more than one location.
By default, Data Protector automatically selects the most appropriate media set. Media location
priority is considered if more than one media set equally matches the conditions of the media set
selection algorithm.

Module 10
Restore
10-17. SLIDE: Restore – Summary
Restore – Summary
Restore Summary: Allow last-minute changes • Add file or directory to
1. restore manually
• Cancel selection of file

2. or directory
1. • Fine tune selection (time

2. 3. specific) for restore
3.
Restore – Summary
The Restore Summary screen allows for last minute changes to the object list. Data Protector
allows the addition or removal of objects for the restore session. The properties for each object
may be changed by selecting the object and using the pop-up menu (right-mouse-button) to select
its properties. The properties include Version, Destination, Restore Only, and Filters to allow a fine-
tuning for each object.
From the pop-up menu, an additional choice of version selection by time, allows a file version to be
chosen from “best available.” You can specify an acceptable time range for an alternate version, if
your preferred version is not available. Your selection may be from a date and time range from
seconds to hours.
Select version by date and time

In this page you select the backup version to be used for the restore by date and time.
Select latest version

If you select this option, the latest version of the file or directory will be restored.

Module 10
Restore
Select version by date and time

If you select this option, specify the date and time of the backup that will be used for the restore.
Differences in backup time

Specify a time range within which Data Protector will search for the backup version closest to the
specified time. If no backup was made within this time range, Data Protector selects a backup
version based on the criteria below.
If selected date and time doesn't match with selected criteria
Select first available newer version

If no backup was made within the specified time range, Data Protector selects the first available
newer version for restore.
Select first available older version

If no backup was made within the specified time range, Data Protector selects the first available
older version for restore.
Select latest version

If no backup was made within the specified time range, Data Protector selects the latest version for
restore.

Module 10
Restore
10-18. SLIDE: Restore – Single or parallel?
Restore – Single or parallel

2. 1.
• Start Preview from the toolbar or

menu button to verify correct
1. configuration of restore task
• Start Restore task from either toolbar

or menu button
2.
2. 1. • Select restore mode if multiple
objects are selected
3.
• Report, Network load level,

Resumable restore session
4.
3.
4. Resumable Restore Session
Filesystem restore sessions
IDB restore sessions
Oracle Server integration restore
sessions
Restore – Single or parallel?
The actual restore process can be launched from the Restore Summary page by clicking the restore
button or the restore icon on the toolbar. It is advisable to perform a preview restore task prior the
“real” restore” to test of the availability of object versions, the availability of tape media and the
availability of restore devices
Configure Parallel Restore
When you have selected multiple objects for restore, Data Protector will prompt you with a
notification screen, and choice of performing single or parallel restore. In many cases your choice
of multiple objects was deliberate, but in case sequential restore is needed, you can choose
individual objects for single restore one at a time without losing the configuration specified up to
this point.
Single Restore
When single restore is chosen, you will be prompted for the object to restore. After that object
completes, chose the “start restore” icon from the Tool Bar, and select another of the configured
objects to restore. Repeat this process until all of your objects are restored.
Resuming Failed Sessions
A failed restore session can be resumed. DP has checkpoint files where the progress of the restore
is logged.  see OLH “Resuming Failed Sessions “

Module 10
Restore
10-19. SLIDE: Restore – Point in time restore
Restore – Point in Time
• “Select version by date and

1. time”
• DP automatically cares about

1. 2. restore sequence
• Restore of Full, Incr1, Inc in

3. one session
2. 3.
Restore – Point in time restore
To be able to recover data to a certain point-in-time all backups that are necessary for a restore of
a backup object to a certain point in time are required. A restore chain consists of a full backup of
the object and any number of related incremental backups.
To be able to restore to a particular point in time (a date/time of a particular backup) multiple
restores must be performed.
Example: We assume that a weekly full backup is performed followed by daily multi-level
incremental backups (Monday-Friday). To recover a directory to the state it was on the Tuesday,
the following restores (restore chain) must be performed:
1. Restore directory from last full backup.
2. Restore directory from Monday’s incremental1 backup.
3. Restore directory from Tuesday’s incremental backup.
Data Protector takes care of this by building the restore session automatically including the objects
and the order they are to be restored. Data Protector will issue mount requests for media in the
correct order as needed for the restore, if the media is not already in the device.
With this type of restore, it is also possible to omit files that were deleted between backups as well
as omit un-required incremental backups from the restore chain.

Module 10
Restore
10-20. SLIDE: Restore – By query name or location
Restore by query - name & location

Search for files and
directories and restore them
if you know at least a part of
the file name
2. 3.
• Select Tasks from
1. -Scoping Pane-
• Restore by Query will

2. open Query wizard 4.
• Select Search location
3.
1.
• Specify file and directory details
4. and hit Next to continue
Restore – By query name or location
The Restore by Query task, located at the bottom of the Scoping Pane in the restore context, will
help locate the files needed for restore by allowing a search of the Data Protector internal
database (IDB). The files must reside within the current Data Protector catalog database to be
located by the search.
You can search for files and directories if you know at least a part of the file name. You can use wild
cards to get a list e.g. of all .docx Word files.
A description of all the options you can choose, see OLH with keywords “restore by query”.
After entering the search criteria hit Next to continue

Module 10
Restore
10-21. SLIDE: Restore – By query backup or modification time
Restore by query - backup or modification time

Limit the query based on when the files were backed up or modified
• Select Tasks from

-Scoping Pane-
1.
3.
• Continue within Query wizard
2. 2.
• Select your Search timeframe

4. 3.
• Specify if files were modified within

4. timeframe and hit Next to see the results
1.
Restore – By query backup or modification time
In the second window of the Restore by Query wizard enter the Backup search interval of the
query.
In addition it is possible to see all modifications of the files you want to restore or you limit the
restore to files that were modified within the specified modification time interval (in days or
month).
Hit Next to start the query.
The result window provides the same look and feel as the Restore source window and allow to
mark the shown files for restore and proceed with the restore like during a regular restore.

Module 10
Restore
10-22. SLIDE: Resume failed Restore sessions
Resume failed Restore sessions

Failed Restore session can be restarted via Resume Session
Resume Session
• All objects in status Failed will be restored
from the point of failure
• The feature is activated as a default.
• Checkpoint files are created during restore
and used during Resume Session.
Note:
Option Restart Failed Objects is not available for
restore
CLI:
Resume: omnir -resume <Session-ID>
Resume failed Restore sessions
Restores of File Servers with hundreds of Mount Points are very complex and time consuming. In
case of a failure it is difficult to analyze the status in order to reconfigure a manual restart of this
restore. Data Protector supports such situation with the Resume Session feature.
Resume Session
This option was introduced in Data Protector 6.20. Simply said it allows the restore to continue at
the position, where the problem occurred. Based on IDB checkpoints Data Protector knows the last
file that was restored successfully and continues with the resume restore at that position.
The resumed session will create a new Session-ID for the
restore.
The Resume Session feature is activated as a default. It can

be switched off for a particular restore, just uncheck the
option Enable resumable restore in the Start Restore
Session wizard, the wizard that pops up if you click on Start
Restore.

Module 10
Restore
Similar to a Backup session restart this feature is available through the DP GUI. Change to the
Internal Database context, expand Sessions, mark the failed session and select Resume Session
from the shown menu. Click Yes in the Popup window to trigger the Resume.
Session Resume is also available from the CLI:
CLI: Resume: omnir -resume <SessionID>
Limitations: The option Resume Session is only available for Filesystem Restores and
Oracle Integration Restores.
The option Restart Failed Objects is not available for restore

Module 10
Restore

Module 11 Monitoring, Reporting, Notification
Objectives
• Monitor current session and browse for sessions that were performed in the past
• Explain Data Protectors Reporting features
• Configure a Report Group and add Reports to this group
• Configure and modify Data Protector Notifications
Contents
Module 11 Monitoring, Reporting, Notification 1
11–3. SLIDE: Monitoring, Reporting, Notification overview ............................................................. 2
11–4. SLIDE: Monitoring current sessions ........................................................................................ 4
11–5. SLIDE: Viewing previous session details ................................................................................. 5
11–6. SLIDE: Reporting possibilities ................................................................................................. 6
11–7. SLIDE: Reports and report categories..................................................................................... 7
11–8. SLIDE: Reporting overview ...................................................................................................... 8
11–9. SLIDE: Interactive Reports .................................................................................................... 10
11-10. SLIDE: Scheduled Reports .................................................................................................... 11
11-11. SLIDE: Scheduled Reports cont. ........................................................................................... 12
11-12. SLIDE: Notification overview ................................................................................................ 13
11-13. SLIDE: Default notification ................................................................................................... 14
11-14. SLIDE: Adding a notification ................................................................................................. 15
11-15. SLIDE: Web Reporting........................................................................................................... 16
Module 11
Monitoring, Reporting and Notifications
11–3. SLIDE: Monitoring, Reporting, Notification overview
Monitoring, Reporting & Notifications overview
Data Protector GUI Scheduled Reports
Data Protector Event Driven

Web Reporting
Internal Database Notifications
(IDB)
CLI Reporting External Reporting

Commands Tools
Monitoring, Reporting, Notification overview
Data Protector provides a set of tools and features to enable the administrator to manage the Data
Protector environment effectively. Monitoring, reporting and notifications are available through
the following Data Protector tools:
• Data Protector GUI

• Web Reporting
• CLI Reporting Commands (omnirpt)
• Scheduled Reports (Report Groups)
• Event Driven Notifications
• External Reporting Tools
Monitoring allows the administrator to view and manage current cell activity and view previous cell
activity. All currently running sessions can be seen in the Monitor context in the Data Protector GUI.
Completed or aborted sessions can be viewed in the Internal Database context. Monitoring can be
used to check the status of currently running backups, restores, copy jobs etc. and check for
outstanding mount requests. Individual sessions can also be monitored through the CLI.
Reporting provides information on various aspects of the Data Protector environment. For
example, the status of the last backup, object copy, object consolidation or object verification,

Module 11
check which systems in the cell are not configured for backup, check the consumption of media in
media pools; check the status of device and much more.
Reports can be configured using the Data Protector GUI, any web browser with Java support using
Web Reporting and through the CLI.
Reports can be run individually, interactivity or scheduled as a Report Group. The creation of Report
Groups allows for reports to be scheduled for specific times or to be run when triggered by a
particular notification.
Notification enables the administrator to be alerted to predefined events such as a mount request
or a device error. Notifications can be sent in various forms such as email and SNMP.
External Reporting tools, such as the recently announced HP Backup Navigator (see Module 2), the
Data Protector Reporter or 3rd Party solutions like Aptare can be used to extend the build-in
Reporting features of Data Protector.
These applications typically install their own agent either directly on the Data Protector Cell
Manager system or only on a Data Protector client system with the Cell Console module installed
and run regular queries on the Data Protector IDB. The results are loaded into their own database
and based on the data various customized reports can be run.

Module 11
11–4. SLIDE: Monitoring current sessions
Monitoring current sessions

Double click to view
session details
Currently running
Sessions
CLI Monitoring
CLI: omnistat –session <session-id> -monitor

Monitoring current sessions
Monitoring allows the management of running sessions and allows the user to respond to mount
requests. The status of the session is displayed, as is session type, owner, the session ID, the time
the session started and the name of the corresponding backup specification.
The currently running sessions can be seen in the Data Protector GUI Monitor context. The status of
current sessions is displayed in the Results pane. The sessions can be sorted by status, type,
owner, etc. by clicking the corresponding column header. Double click on the session to be viewed.
The results pane will then provide detailed session information (the objects, the devices, the
status, session messages, etc.).
When an interactive session is started (from their respective Context), a monitor window opens
showing the objects, backup devices and the messages generated during the session.
A mount request for e new media appears in the Scoping pane and can be confirmed or the session
can be aborted

Module 11
11–5. SLIDE: Viewing previous session details
Viewing previous session details

Completed
Sessions
Double click to view

session details
Viewing previous session details
To view previous sessions, select Internal Database in the Context List. In the Results Pane all the
sessions stored in the IDB are displayed. It is also possible to view the sessions in the Scoping Pane.
The sessions are stored by date. Each session is identified by a session ID consisting of the date in
YY/MM/DD format and a unique number.
On selecting an individual session, details on each backup object is given. The full object description
is provided, including the client system, the mount point, description, object type, backup status,
and size of each object, the number of errors or warnings and the devices used. The object status
can be completed, failed or running and is a summary of all objects in a session plus the completion
status of pre and post exec commands.
Right click the session and select Properties to view details on a specific session.
Right click on a failed backup/restore session allows restarting/resuming a session.
Previous session information is also obtainable through CLI.
Example:
omnidb –session Obtain a full listing of previous sessions
omnidb -session <ID> -detail Obtain object level detail from a particular session

Module 11
11–6. SLIDE: Reporting possibilities
Reporting possibilities
• Interactive Reports
(GUI & CLI)
• Report Groups
• Event Triggered
• Post Exec Script
• Web Reporting
HP Data Protector supports SMTP server configuration via two

Global variables: SMTPServer & SMTPSenderAddress
Reporting possibilities
Reporting can be used to garner information about the Data Protector environment. For example, it
is possible to check the status of the last backup, object copy, or object verification, check which
systems in the environment are not configured for backup, check on the consumption of media in
media pools, check the status of devices.
Reports can be customized with parameters allowing multiple options to be configured. Reports
can be started interactively using the GUI, the CLI and Web Reporting.
In addition, through the use of Report Groups, reports can be started using the Data Protector
scheduler or through a notification event. The Report Group allows for easier management of
reports; various reports can be included in a Report Group, which can then be scheduled or
triggered by a notification. It is also possible to start a Report Group interactively through the GUI
and CLI. To configure a Report Group, the following needs to be provided:
1: Name of the report, 2:Type of report, 3: Send method, 4: Recipient(s), 5:Format
Reports can also be started by a post-exec script that includes a Data Protector CLI command that
starts the report.

Module 11
11–7. SLIDE: Reports and report categories
Reports and report categories

Available reports are grouped
in 6 categories:
• Configuration
• Pools and Media
• Session Specifications
• Session in Timeframe
• Single Session
Reports and report categories
Data Protector provides a rich set of predefined detailed reports to provide all the typical
information that the Administrator may need to assist with day to day Data Protector tasks. All are
available via the Reporting context in the Data Protector GUI and Web Reporting.
Configuration for Cell: client and licensing information
Internal Database: (IDB) reports about IDB’s situation
Pools and Media: Lists about media and media pools
Session Specifications: Average Backup Object Sizes, Filesystem or Objects Not Configured for
Backup, Session Specifications
Sessions in Timeframe: Statistics about Client, devices, list of sessions, used media,
Single Session: Session reports about media, devices objects, clients …
In a Manager of Manager (MOM) environment, reports can be configured on a MOM level, so they
include information from all Client Cells.

Module 11
11–8. SLIDE: Reporting overview
Reporting overview
Interative Report
Choose Reporting or
Tool Add Report Group &
Add Report to Group
Choose Choose
Report Format Report Content
Choose Delivery Define

Method Report Schedule
Reporting overview
Data Protector provides a large number of predefined reports. Reports can be generated
interactively via GUI or command line, in a selected format, such as ASCII, HTML, etc. Reports can
also be used within notifications, such as email, broadcast, etc., and can be scheduled to provide
regular information.
Reporting Tools
Data Protector provides the following mechanisms for defining and running reports:
• Data Protector GUI (Reporting context)
• Data Protector Reporting CLI command - omnirpt
• Web Reporting
• Other Data Protector CLI commands (omnidb, omnistat, omnicellinfo, omnimm,
omnidbutil), allow integration with 3rd party reporting tools
Interactively or Report Groups

Reports can be run interactively or can be placed in Report Groups to allow multiple reports to be
collated together to provide more useful information. A report must also reside in a Report Group if
it is to be scheduled. Data Protector allows schedules for the group of reports, not the individual
reports.

Module 11
Report Content
Depending on the information about the environment that is required, various types of reports can
be generated:
• Configuration reports
• IDB reports
• Pools and media reports
• Session specification reports
• Sessions in timeframe reports
• Single session reports
Report Formats
It is possible to generate Data Protector reports in various formats.
If the report is started interactively, with each report individually, the report is displayed in the Data
Protector Manager and it is not required to choose the report format.
If reports are gathered into a Report Groups, it is possible to specify the format and the recipients
of each report.
You can choose from the following report formats:
• ASCII - A report is generated as plain text
• HTML - A report is generated in HTML format. This format is useful for viewing using a
web browser
• Short - A report is generated as plain text, in summary form showing only the most
important information. This is the suggested format for broadcast messages
• Tab - A report is generated with fields separated by tabs. This format is useful if you
plan to import the reports into other applications or scripts for further analysis, such as
Microsoft Excel
The actual output of a report varies depending on the selected format. Only the Tab format
displays all fields for all reports, other formats may sometimes display only selected fields.
Delivery Methods
Reports may be delivered using the following methods:
• Broadcast - Allows for pop-up window within the Microsoft Windows environment
• Email - Sends the report as Email, requires a mail sending capability to be available on
the Cell Manager
• External - Executes a program external to the Data Protector product. The report data
is sent to this executable as command line parameters
• Log - Logs the report data to a file on the Cell Manager
• SNMP - Sends the report data to an SNMP manager, such as NNM or Operations Manager
Report Group Schedule

If reports are grouped in a Report Group, then the reports can be scheduled to be generated on a
regular basis.

Module 11
11–9. SLIDE: Interactive Reports
Interactive Reports
3. Modify report, if needed
4. After clicking on Finish,

the report is immediately
generated and shown in
the result plane
2. Select a default Reports
1. Click on Task for Interactive Reports
Example: Interactively generated licensing report

Interactive Reports
The Data Protector GUI provides an easy method of generating and viewing reports online. Through
the use of wizards, the Data Protector GUI can be used to define, generate and schedule reports on
both Windows and UNIX Cell Managers. Through the GUI, it is possible to run individual reports
interactively or group reports into Report Groups and run all the reports in the Report Group
together. The Mount Request Report and Device Error Report can only be used in a Report Group
and are not available as interactive reports.
How to run an individual report interactively can be done with few clicks and is shown above.
To run all the reports in a Report Group together:
1. In the Context List, select Reporting
2. In the Scoping Pane, browse for and right-click the report group you want to start and
then click Start
3. Click Yes to confirm
The creation of a Report Group, adding reports to a Report Group and the scheduling of a Report
Group will be described later in this training.

Module 11
11-10. SLIDE: Scheduled Reports 1/2

Scheduled Reports 1/2
1. Right click on Report, select Add Report Group
Enter a name for the Reporting Group and click Next
2. Schedule the Report Group
3. Schedule Options
The Report Group defines a collection of reports that will be executed together. The Report Group,
unlike individual reports, can be scheduled. Report groups can also be triggered by a notification
event. Therefore, a report group allows you to:
• Start all the reports at once (interactively)

• Schedule the group to start the reports at a specific time
• Start the group when triggered by a notification
Note: To schedule reports, a Report Group must be used.
To configure a Report Group in the Data Protector GUI:

1. In the Context List, select Reporting - Right-click Reports, and then click Add Report Group to
open the wizard - Name the report group and then click Next
2. Schedule the report group using the Data Protector scheduler displayed in the Results Area.
3. Define the Recurring options. Afterwards click Finish

Module 11
11-11. SLIDE: Scheduled Reports 2/2
1 Select Add Report
2 Select Report Category
Report Types
4 Select Format and Send method
3 Select Report Type
Send method: Email, Log, SNMP, …

Format: ASCII, HTM, ..
(Multiple selections are possible)
The Report Group is used to create a report collection that may be scheduled and executed
together. The Report Group is conceptually, a folder or container for the report definitions. A report
group can contain multiple individual reports that will be executed together via the execution of
the report group. Data Protector allows for several reports to be added to a single Report Group.
Once a Report Group is created, report definitions may be added, as shown in the slide above, to
form the collection. Once defined, the properties of the Report Group and reports within the group
may be modified.

Module 11
11-12. SLIDE: Notification overview
Notification overview
HP Data Protector contains a build-in event driven notification service:
Event: Notification
Method:
• Device Error
• End of Session • Broadcast
• LowDatabase Space triggers • Email – OS Based
• Mount Request • Email - SMTP
• License Warning • External
• Mail Slots Full • Logfile
... • SNMP
• Report Group
Notification overview
Data Protector allows notifications to be sent from the Cell Manager when specific events occur.
For example, when a backup, object copy, object consolidation, or object verification session is
completed, an e-mail with the status of the session can be sent. It is possible to set up a
notification that triggers a report. It is possible to configure notifications using the Data Protector
GUI or any web browser with Java support.
Notification Types can be divided into two main types of notification:

A: Triggered when an event occurs and
B: Scheduled and started by the DP checking and maintenance mechanism.
Examples for type A:

Alarm Device Error, IDB Corrupted;
Examples for type B:

Health Check Failed, License warning.
Notification Send Methods

Email (SMTP); External Send Method (a script receives the output as standard input (STDIN); Log to
File; Event Log (default, send to DP Event Log); SNMP
To get a complete list search in OLH for “notification type” and notification send method.

Module 11
11-13. SLIDE: Default notification
Default notifications
Default notification
Shown above are all the pre-configured notifications that are included with the Data Protector Cell
Manager installation. There are two main types of notifications.
Notifications that are triggered when an event occurs:

Alarm Check UNIX Media Agent Csa Start Session Failed
Device Error End of Session IDB Corrupted
File Library Disk Usage Mail Slots Full Mount Request
Session Error Start of Session Too Many Sessions
Notifications that are scheduled and started by the Data Protector’s checking and maintenance
mechanism:
Health Check Failed IDB Backup Needed IDB Limits

IDB Reorg Needed IDB Space Low License Warning
License Will Expire Not Enough Free Media Unexpected Events
User Check Failed
Each of the default notifications sends alerts to the Event Log. Many of these notifications send
their alerts based upon pre-configured thresholds that may be modified. The thresholds and
parameters may be viewed using the GUI, as partly shown above.

Module 11
11-14. SLIDE: Adding a notification
Adding a notification
Adding a notification
It is recommended to add additional notifications (to the default set that writes to the event log)
instead of altering the default set. Each event type may be configured multiple times to trigger the
desired types of notification. To configure a notification a name for the notification, a type of
notification, message level, send method and recipient are required.
All other input parameters depend on the type of the notification. How to add a notification is
shown in the slide above. After selecting a type of Event, (on the slide it’s End of Session) the
following drop down boxes are adapted.
The Level option refers to the severity level at which the notification will be triggered by a
particular event. The severity of attributes increases as follows:
Normal  Warning  Minor  Major  Critical
Once configured, the notification will be sent using the specified send method when the specified
event occurs.
To trigger a report group by a notification, configure a report group and then configure the
notification to use the Use Report Group send method.
Parameters may be viewed using the GUI, as shown above.

Module 11
11-15. SLIDE: Web Reporting
Web Reporting
Start Web Reporting directly from DP GUI …
.. or directly from your Internet Browser
Web Reporting
Data Protector provides a Java applet Web-based online reporting capability that lets you
configure, run, and print all the Data Protector built-in reports of the omnirpt command
interactively. During reporting operations, Data Protector's Java applet directly accesses the Cell
Manager to retrieve current data.
The Java reporting interface is installed as a component of the cell console, which means that it is
available on any client system that supports the cell console user interface.
The Java applet requires a web browser (e.g. Microsoft Internet Explorer).
The Java interface is started from a web browser with the following URL
URL up to version DP8.0: file:/opt/omni/java/bin/webreporting.html
URL in DP8.1 and newer: https://<cell_manager>:7116/webreporting/WebReporting.html
Or directly from the DP GUI :
Reporting – Select Actions – Web Reporting
More about Web Reporting can be found in the Online

Help. Search “About Web Reporting”

Module 11

Module 12 — Media and Object Copy and Verification
Objectives
• perform interactive and scheduled duplication of Data Protector tape media
• perform interactive and scheduled duplication of Data Protector objects
• perform interactive and scheduled verification of Data Protector media and objects
Contents
Module 12 — Media and Object Copy and Verification...................................................................... 1
12–3. SLIDE: Overview ...................................................................................................................... 2
12–4. SLIDE: Media Copy ................................................................................................................... 3
12–5. SLIDE: Interactive media copy................................................................................................. 5
12–6. SLIDE: Automated Media Operation 1/2 ................................................................................. 8
12–7. SLIDE: Automated Media Operation 2/2 ............................................................................... 11
12–8. SLIDE: Object Copy ................................................................................................................ 15
12–9. SLIDE: Object Copy – Example 1............................................................................................ 17
12-10. SLIDE: Object Copy – Example 2........................................................................................... 18
12-11. SLIDE: Object Copy GUI/CLI ................................................................................................... 19
12-12. SLIDE: Interactive Object Copy 1/3 ...................................................................................... 20
12-15. SLIDE: Automated Object Copy 1/2 ...................................................................................... 23
12-16. SLIDE: Automated Object Copy 2/2 ...................................................................................... 24
12-17. SLIDE: Object Copy wizard – Filter 1/2 ................................................................................. 25
12-18. SLIDE: Object Copy wizard – Filter 2/2 ................................................................................. 27
12-19. SLIDE: Object Copy wizard – Devices ................................................................................... 28
12-20. SLIDE: Object Copy wizard – Options ................................................................................... 30
12-21. SLIDE: Summary ................................................................................................................... 32
12-22. SLIDE: Media and Object verification ................................................................................... 33
12-23. SLIDE: Media verification ...................................................................................................... 34
12-24. SLIDE: Object Verification GUI/CLI ........................................................................................ 36
12-25. SLIDE: Interactive Object verification 1/4 ............................................................................ 37
Module 12
Media and Object Copy and Verification
12–3. SLIDE: Overview
Overview
Media Copy
Direct Tape to Tape

copy only
Object Copy
Logical Copy on Object

level to Disk and Tape
Overview
There are multiple reasons to generate duplicate sets of media from the same source data.
Disaster recovery preparation, security aspects or any kind of regulations might still require a
classical media copy, but there are a lot more reasons to consider. Especially Data Protectors
Object Copy functionality opens the door to new advanced backup concepts that includes fast
multiplexed backups to disk, followed by scheduled de-multiplexed object copy sessions to
physical tapes that run fully independent from the source data.
Methods
Data Protector offers two methods for data replication:
• Media copy
• Object copy
In this chapter both methods will be explained in detail.

Module 12
12–4. SLIDE: Media Copy
Media Copy
• Interactive or automated 1:1 duplication of a physical media

for vaulting or business continuity support
• Source and Target device must be fully indentical
Identification:
List all copies of medium
Source Copy
HASCOPY Flag ISCOPY Flag
Media Copy
Media Copy allows the creation of exact 1:1 copies of a physical media containing a backup. After
creation ether source or copy media can be removed from the library to a safe place for vaulting
purposes and keep the other media in the library for restore requests.
In order to create a media copy a source and a target device with the same tape type are required,
so LTO media can only be copied to other LTO media with the same or higher capacity, but it is not
possible to copy old SDLT media to new LTO media. It is possible to create multiple replicas from
the same source media, but it is not possible to create a second copy from a created copy.
Note: Media copy is not supported for File Libraries or file devices, only exception is a File
Jukebox. Use Object copy to create replica from file based media.
Source and copy are identical, so how to identify if a media is a source media or a copy?
Within Data Protector GUI double click on a media and on the shown media properties select Info.
Under Statistics on the Info page check the Type entry. The source media got a HASCOPY flag,
while the copy got an ISCOPY flag assigned. In addition the source media contains a Copies tab
that lists all created copies from the selected source media

Module 12
On the CLI run the following command:
CLI: omnimm –media_info <media label/media id/Barcode> -detail
In order to see the list of copies from a given source media run:
CLI: omnimm –list_copies <media label/media id/Barcode>
Media Copies can be created in three different ways:
• Interactive
• Scheduled
• Post backup operation
The following pages will explain those ways in detail.
Block Padding
There are slight variations in the overall capacity of individual tapes. This can pose a significant
challenge when attempting to make an exact copy from a tape that is slightly larger than the
destination tape. Planning for this eventual issue must be done before media is initialized.
There is a local tuning parameter that may be configured for the Media Agent called
OB2BLKPADDING. This parameter is placed in the omnirc file on each system with connected
devices that is used as a source device and indicates the number of empty blocks to add after the
tape header when a Data Protector media is initialized.
This additional padding allows tapes of the same type to be duplicated without problems even if
they vary slightly in capacity, because the empty blocks from the source media are not copied.
Tape padding is configured in block units. Normally, the empty blocks should take up
approximately one percent of the length of the entire tape.
For more information about OB2BLKPADDING see the description in the omnirc file.

Module 12
12–5. SLIDE: Interactive media copy
Interactive Media Copy
1. Change to Devices and Media

1
2. Mark the media to copy
3. Select Copy from the list
2
4. Follow the Media copy wizard
3
4
CLI : omnimcopy –copy <target> -from <source <options>

Interactive media copy
An interactive media copy operation can be initiated through the Data Protector GUI from the Device
and Media context, or from the command line interface via omnimcopy command.
The source and destination devices are logical devices. The logical devices may be located
anywhere in the Data Protector cell, but must be of the same media type.
Note: Media copy is also listed under Object Operations. Note that this is a void entry
without any function besides providing the information to use Media Copy from the
Device and Media context.
To start a media copy select the source media from a media pool (2) and select Copy from the menu
(3). A wizard guides through the media copy configuration steps and starts the media copy at the
end.
The wizard is show on the next page.

Module 12
Interactive Media Copy wizard
Wizard 1/5 - Source Device Wizard 2/5 - Target Device and Media
Wizard 3/5 - Target Pool Wizard 4/5 - Target Media label and location

Module 12
Interactive Media Copy wizard (cont.)
Wizard 5/5 - Additional option for target media
As shown on these screenshots the target media is initialized during copy. In case the target media
already contains data make sure that Force operation option is checked (see Wizard 5/5). The
protection of the copy can be set independent from the source protection.
In case the source media is overwritten after the copy, copy media becomes new source media.

Module 12
12–6. SLIDE: Automated Media Operation 1/2
Automated Media Operation 1/2
Post-backup Media Copy

Enables automatic media copy at the end of a backup session
Copy all media used in that particular session
1. Switch to Devices and Media
1 2. Click on Automated Operations

3
3. Select :
2 Add Post-Backup Media Operation
4. Follow the wizard:

• Chose Backup specification
• Select Source and Target device
• Define Copy options
Automated Media Operations (AMO) is a feature that facilitates automated copying of media
containing backups and is located in the Devices & Media context.
There are two types of AMO:
• post-backup: enables automatic media copy at the end of a backup session, which copy all
media used in that particular session
• scheduled: schedules an automatic copy of media used for backups at a specified point in
time. Media used in various backup specifications can be copied in the scope of a single
scheduled AMO session. Appropriate device and media pairs must be available during
scheduled-copying; the copy session aborts if either the device or medium is not available
(such as locked in backup mode).
A post-backup Automated Media Copy specification is configured in the following way:

Select the Devices & Media context in the GUI (1) and in the Scoping pane right-click Automated
Operations (2). Select Add Post-Backup Media Operation to start the configuration wizard (3). The
wizard is show on the next page.

Module 12
Post-Backup Media Copy wizard
Wizard 1/3 – Select Backup Spec Wizard 2/3 - Select Source and Target Device
Wizard 3/3 – Specify Copy option

Module 12
A post-backup Automated Media Copy specification needs to be created for each backup
specification to copy. The source and target devices needs to be of the same type and need to
be located in a library, standalone devices are not supported and will not be listed as Devices
in the wizard (Wizard 2/3). In addition it is not possible to select the same device as source and
target device.
It is possible to create up to 5 copies of one source media within one pos-backup job.
The post-backup Automated Media Copy specification is stored in the following directory:
WINDOWS : DP_CONFIG\amo
UNIX : DP_CONFIG/amo
The specification got the same name like the selected backup specification, but file extension
suffix “amc”, eg. if the backup specification is named Backup_MSL the created Automated
Media Copy specification is named Backup_MSL.amc.
Below a sample of a post-backup Automated Media Copy specification:
Example:
NAME " Backup_MSL"

SRC_DRIVES
"HP:Ultrium4_SCSI_1"
DEST_DRIVES
"HP:Ultrium4_SCSI_2"
DEST_LOCATION "SOUTH_VAULT"
DEST_PROTECTION -3
DEST_ENCRYPT 1

Module 12
12–7. SLIDE: Automated Media Operation 2/2
Scheduled Media Copy

Enables automated media copy at predefined dates and times
Copy media of ether all or only selected backup session that run in a
specified time interval
1. Change to Devices and Media
1 2. Click on Automated Operations

3
3. Select:
2 Add Scheduled Backup Media Operation
4. Follow the wizard:

• Define Media Operation job name
• Select Source and Target device
4 • Define Time interval to check for
used media
• Select Backup Specifications to copy
• Define required conditions of source
media
• Select copy options
• Schedule the media copy
The scheduled Automated Media Operation (AMO) is the process of duplicating media used in one
or more backup sessions at a scheduled time. Scheduled Media Copy seeks backup sessions that
started and have completed, within a user-defined timeframe. Once the sessions are known, AMO
copies all of the media that belong to the backup sessions using a single AMO session.
The media will be copied simultaneously, if enough devices are available. Otherwise, they will be
copied sequentially. Load balancing in AMO strives to simultaneously use the maximum number of
media during the copy process.
As a default omnitrig process polls every minute to see if there are any scheduled AMO jobs
(including backups or reports) to be processed.
A scheduled Automated Media Copy specification is configured in the following way:

Select the Devices & Media context in the GUI (1) and in the Scoping pane right-click Automated
Operations (2). Select Add Scheduled Media Operation to start the configuration wizard (3).
The wizard is show on the next pages.

Module 12
Scheduled Media Copy wizard
Wizard 1/7 - Specify AMO name Wizard 2/7 – Select Source and Target device
Wizard 3/7 - Specify Time Frame Wizard 4/7 – Select Backup specs that
are included in copy job

Module 12
Scheduled Media Copy wizard (cont.)
Wizard 5/7 – Filter source media Wizard 6/7 – Specify Copy option
Wizard 7/7 – Schedule Copy Job

Module 12
The main advantage over a post-backup AMO job is the feature to include multiple backups in one
copy job as well as the feature to schedule this copy to a time no or less backups are running. A
filter (see Wizard 5/7) allows elimination of poor or fair media from being copied as well as it
makes sure that only protected data is copied, but the administration can tweak the behavior in
case of a concrete business need.
A new feature is the definition of a timeframe that is checked for all or only selected backups (see
Wizard 3/7). It is possible to select an absolute or relative timeframe to be checked.
Relative
The relative time option apportions a timeframe based on the two input values, namely Started
Within (hours) and Duration (hours). Started Within establishes the beginning of the timeframe,
while Duration sets the actual duration of the time frame. This defines a so-called window of
opportunity, starting some number of hours before the actual AMO start time.
For example, an AMO is scheduled at 10.00PM; specifying relative time option, we may choose
Started Within = 24 hours and Duration = 10 hours. Now AMO seeks all media associated with
backup sessions that started between 10.00PM the night before and 08.00AM the next morning,
and attempts to copy them.
A conflict can be anticipated in case one or more backup sessions that were started within the AMO
time frame were still running beyond this time frame, and simultaneously AMO was attempting to
copy the media that this particular backup specification would produce.
In such situations, AMO will not be able to copy media that are related to that particular backup
specification because they are still locked by the BSM. The AMO session displays the following error
message:
Source medium <medium ID> could not be locked and will not be copied
in this session.
Absolute
You set the scope in terms of absolute days to search for backup sessions. The drop down arrows
serve to open a calendar. This option would probably be used for one-time vaulting purposes, or to
vault media from a certain time to another!

Module 12
12–8. SLIDE: Object Copy
Object Copy
• Copy selected object versions from one or more backup, copy or

consolidation session to defined target devices
• Source and Target device can be of any device type
Freeing Media
De-Multiplexing
Restore chain consolidation

Typical
Use Cases
Disk Staging
Data Migration
Vaulting
Object Copy
The object copy functionality enables the replication of object versions to a specific media set.
Object versions are selected from one or several backup sessions. During the object copy session,
Data Protector reads the data from the source media, transfers the data, and writes it to the target
media. The source media for the copy may be an original backup medium, or a copy; a copy of a
copy may be made as necessary. This process is similar to running a restore that is connected to a
subsequent backup.
The result of an object copy session is a media set that contains the selected object versions in the
sequence specified.
Object copy uses a Copy and Consolidation Session Manager (CSM) to read the copy specification
and controls the object copy operation. The session is visible to the user and can be monitored
similar like a backup session via Data Protector GUI/CLI, e.g. viewing messages, session status,
object and devices (read devices are listed before write devices and they have two different states:
reading and writing).
The object copy session details and object version data are stored in the IDB. Additionally, the detail
catalog information for each new copy object version is stored in the DCBF files.

Module 12
The amount of detail stored depends upon the selected log level for the session, which could differ
from the logging level of the backup session for filesystem backups.
Object Copy Uses and Benefits
 Freeing media: To keep only protected object versions on media, you can copy such object
versions, and then leave the medium for overwriting. For further details please see
example on one of the next pages.
 De-multiplexing of medium: You can copy objects to eliminate interleaving of data. For
further details please see example on one of the next pages.
 Consolidating a restore chain: You can copy a restore chain (all backups that are necessary
for a restore) of an object version to a new media set. A restore from such a media set is
faster and more convenient, as there is no need to load several media and seek for the
needed object versions.
 Support of disk staging: Administrators may use high speed disk backup to for initial
backup, and then replicate (migrate) the data to tape for offsite storage.
 Migration to another media type: You can migrate backed up data to another media type.
For example, you can copy objects from file devices to LTO devices or from DLT devices to
LTO devices.
 Vaulting: Administrators may create copies of backed up objects and keep them in several
locations. Vaulting is a process of storing media in a safe place (often called a vault), where
they are kept for a specific period of time. It is recommended to keep a copy of the backed
up data on site for restore purposes. To obtain additional copies, you can use the object
copy, object mirror, or media copy functionality, depending on your needs.
Object Copy functionality is the base function and key enabler for other important Data Protector
features like Backup Device Mirroring (Creation of multiple backup copies at backup time), Object
Consolidation (Merging of a restore chain into a synthetic full backup) and Object validation (Object
restore into memory only to verify consistency of a backup).
It allows handling of backup data on a pure logical layer and removes the dependency to the used
storage layer.

Module 12
12–9. SLIDE: Object Copy – Example 1
Object copy – Example 1/2
Example 1:
SAP archive logs are backed up several times a day to a File Library and
cumulated within one Object Copy session to a physical tape
Object Copy session

12:00 (includes all SAP logs from last 24h)
16:00
14:00
10:00
Frequent SAP Archive Log Backups Cumulated Media with all

to a Disk Device SAP Archive Logs
Object Copy – Example 1
The customer needs to backup one or more SAP databases. While SAP database backup goes
directly to tape the SAP Archive logs are backed up to disk (e.g. File Library) to prevent ongoing
tape load and unload as well as tape forward/backward positioning operations.
Once a day all backed up archive logs are copied from the disk based backup location to a physical
tape library within one large Object copy job. It is possible to copy several hundred up to several
thousand objects within one copy session, default maximum value is 500, in case of expected more
objects to copy adjust the global parameter CopyAutomatedMaxObjects.
It is possible to free up the used

disk space in the File Library right
after the copy operation or keep
the archive logs still protected on
Disk for a configurable timeframe
in case of for restore/recovery
requests.

Module 12
12-10. SLIDE: Object Copy – Example 2
Object copy – Example 2/2
Example 2:
Fast Filesystem backup of multiple systems is de-multiplexed by a
Object copy session to several tapes for fast restore
Object Copy session
Multiplexed data on tape
Multiplexed Filesystem De-Multiplexed Media for

Backup of several systems fast restore
Object Copy – Example 2
In order to keep the backup window short in this sample setup all performed backups are running
with a high device concurrency to fully utilize the available bandwidth of the LAN or SAN
infrastructure. In such a case the backed up data is multiplexed on tape. This will result in much
longer restore times compared to the backup time if only one or a few objects need to be restored,
because data is fragmented on tape. By using object copy functionality it is possible to de-
multiplex the data ether by copying all related data of ether all backed up objects or only of
important objects to special tapes with a dramatic reduced concurrency (level of multiplexing)
setting of the configured target devices.
It is also possible to copy all the backed up data to just one device with concurrency of 1 of the
configured target device for de-multiplexing. While it’s a full offline operation, so original source
data system(s) are not contacted for the copy, this kind of operation will take much longer time
than the backup, so it is recommended to use it only for objects with a higher need of short restore
times.

Module 12
12-11. SLIDE: Object Copy GUI/CLI
Object Copy GUI/CLI
1. Automated
• Post Backup
• Scheduled
1 1
2
2
2. Interactive
• Media view
• Objects view
• Sessions view
Objects View Tasks View
CLI : omniobjcopy -copylist <CopySpecificationName> <options>

Object Copy GUI/CLI
Within the Data Protector GUI Object Copy is part of the “Object Operations” context. This context
contains 3 main sections: Copy, Consolidation and Verification. As indicated by the context name
all those section allow Data Protector backup objects operations with Object Copy as the base
functionality that is extended and utilized by Consolidation and Verification. The two main items
under Copy are Media copy and Object copy. As mentioned in the previous chapter Media copy
simply directs you to the “Devices & Media” context for manual and automated operations which
will perform a bit-to-bit copy of a medium. The second item is Object copy and there are two
methods for object copy:
Automated and Interactive. Both methods and their features are explained in the following pages.
Additionally, there are the Objects and Tasks tabs. The Objects tab allows the definition of a copy
specification. The tasks tab starts interactive session wizards to perform various object copy tasks
and create copy specifications. There is a high degree of overlap between the two tabs, and are
simply multiple ways to access the same functionality.
On the command line Object copy features can be scripted via:
CLI : omniobjcopy –copylist <CopySpecificationName> <options>

Module 12
12-12. SLIDE: Interactive Object Copy 1/3
Interactive Object Copy 1/3
1 1. Change to Object Operations
2. Expand Object Copy –

Interactive and click on Media
2
3. Expand the Media Pool and
expand the Media
3
4. Select the Objects to copy
and follow the Wizard
Note:
• It is possible to select from one or more Media Pool, one or more media up to a single objects to copy
• Select Restore Chain feature not available
• Possible to disable copy of unprotected objects (Check option: Enable selection of protected objects only)
There are multiple ways to start an interactive Object copy session, sorted by Media, Objects or
Sessions. In certain use cases, situation and depending on the available backup information it
might be more convenient the start with Media, Objects or Sessions.
In case an interactive Object Copy by Media is selected the result pane starts showing all
configured pools (without free pools) – expanded all media of that pool – expanded again all
objects with their session-ids that are stored on that media. The grouping and sorting rule is:
1. by media pool
2. by medium
3. by object + description + session-id (and if applicable “+copy”)
You can select a pool, a medium, one or more objects on one or more media, but only a completed
object version. The object can be either the original object version or a copy object-version. A failed
object can NOT be copied. “Select restore chain” is not available for this starting point.
It is possible to automatically exclude all unprotected objects from the copy by setting the option
“Enable selection of protected objects only”
If this is selected then only objects that have data protection can be selected for copying. The check
boxes of objects without data protection are shaded.

Module 12
1. Change to Object Operations

1
Interactive and click on Objects
2 3. In the right area identify the

3
object(s) to copy and mark it
4. Optional:
Right click on a marked Object and
4 click on “Select Restore Chain ..”
5. Click on Next and follow the

wizard
5
Note:
• Possible to mix object types in one copy job (Filesystem, IDB backup or Integration objects)
• Select Restore Chain feature is available and will select full with all required incremental backups
Starting Point Object Copy by Objects shows all backed up Object types, similar to the restore
context.
All object versions are shown, including copies. Selecting a particular original or copy does not
automatically mean that the selected object version will be used as a source during copy. Data
Protector may substitute the selected object version for one of its copies or original. You may avoid
this so called Automatic Media-Set Selection (AMSS) by changing from automatic to manual
media-set selection. This option is available in the Summary window (near the end of the wizard)
by selecting the object name and then modifying the properties.
To copy a restore chain (all backups that are necessary for a restore) of an object version, right-
click the object version and click “Select Restore Chain” option. All required objects (full backup
and all required incremental backups) will become selected. The selection of a restore chain is not
available for integration objects.
Similar like in Object copy by Media it is possible to filter out all unprotected objects by checking
option “Enable selection of protected objects only” and it is possible to select different Object
types within one copy session.

Module 12

1
Interactive and click on Sessions
3
3. In the right area mark the
sessions or underlying objects
2
for copy
4 4. Optional:
Right click on an Object and click on
“Select Restore Chain ..”
5. Click on Next and follow the

wizard
Note:
• Possible to mix sessions with different object types in one copy job
• Select Restore Chain feature is available and will auto select full with all required incremental backups
Starting Point Object Copy by Sessions lists all performed Sessions, with the latest Session-ID on
top, in the result pane. If you expand the Session-ID all objects that were backed up within that
particular session are listed.
Similar to Object Copy by Object this starting point supports selection of different object types that
were initially backed up within different sessions for one copy session. The listed sessions are not
just backup sessions, also copy and consolidation sessions are listed and can be selected for copy
within one copy session.
Object Copy by Sessions supports the exclude of unprotected objects by “Enable selection of
protected objects only” option and the auto selection of a whole restore chain by selecting the
“Select Restore Chain” option. Data Protectors build-in Automated Media Set Selecetion feature
will check for the best fit of available medias according its rules and autoselect the appropriate
sessions after checking “Select Restore Chain” option.

Module 12
12-15. SLIDE: Automated Object Copy 1/2
Automated Object Copy 1/2
Post-backup Object Copy

Enables automatic object copy of created objects after a backup, copy or consolidation
1 2. Expand Object Copy –

Automated - Post Backup
2 3. Right click on Post Backup

and click on Add
3
4 4. In the right area mark the
Backup, Copy or Consolidation
Specifications for copy,
click on Next and complete
the wizard
Note:
• Possible to add Backup, Copy and Consolidation specifications for automated copy in one copy job
• Copy job will run any time one of the marked specification was running (Post-Backup, -Copy and -Consolidation)
• Source object filter allow control on copied objects
There are two types of automated object copy in addition to interactive copy:
• Post-backup object copying

• Scheduled object copying
Post-backup object copying

Post-backup object copying uses a copy specification to determine which objects to replicate. The
replication takes place after the completion of any backup session that is specified in the copy
specification. The copy specification includes the specific backup and objects from the backup to
copy. The copy session begins as soon as the backup completes. Each post-backup copy
specification requires a unique name and is stored in
UNIX: DP_CONFIG/server/copylists/afterbackup
WINDOWS: DP_CONFIG\server\copylists\afterbackup
folder on the Data Protector Cell Manager.

Module 12
12-16. SLIDE: Automated Object Copy 2/2
Scheduled Object Copy

Run scheduled automated object copy of objects that were backed up, copied or
consolidated within a preconfigured timeframe

1
Automated - Post Backup
2
3 3. Right click on Scheduled Backup
and click on Add
4. In the right area mark the

Backup, Copy or Consolidation
4 Specifications for copy,
click on Next, follow
the wizard and schedule the copy
Note:
• Possible to add Backup, Copy and Consolidation specifications for automated copy in one copy job
• Configured scheduled copy job can be start interactively (Right mouse click on saved spec and select “Start Copy
Scheduled object copying

Scheduled object copy takes place according to the copy specification schedule. Objects backed up
during different backup sessions can be copied in a single scheduled object copy session. Scheduled
object copy only varies from post-backup object copy in that it uses a schedule to affect the start
time. Each scheduled copy specification requires a unique name and is stored in
UNIX: DP_CONFIG/server/copylists/scheduler
WINDOWS: DP_CONFIG\server\copylists\scheduler
folder on the Data Protector Cell Manager.

Module 12
12-17. SLIDE: Object Copy wizard – Filter 1/2
Object Copy wizard – Filter 1/2
Only the objects matching the specified criteria will be copied
General Object Filter

• Possible to exclude objects with expired protection
from being copied
• Manage number of copies that are created from the

same source
Object Filter based on timeframe

(only available for scheduled object copy)
• Relative timeframe will copy all objects that were

created in a rotating timeframe defined by a Start
and a duration time
• Absolute timeframe copies all objects that were

created in that timeframe
Creating an automated copy specification

To create an automated copy specification select either Post-Backup or Scheduled and with the
right-click select Add to start the copy specification wizard.
Automated copy is composed of following dialogs/steps:
1. Backup/Copy/Consolidation Specifications tab … define the specifications that will

be checked for objects to be copied
2. Objects tab … define additional filter for copy object selection
3. Libraries tab … filter copy object selection on library location of source media
4. Source tab … define what devices will read the source media
5. Destination tab … define what devices will write object copy to media
6. Options tab ... define copy session options
7. Schedule tab … define the schedule for automated copy (scheduled only)
Backup/Copy/Consolidation Specifications tab was already covered on previous slides, so let’s

focus on the remaining parts of the wizard.

Module 12
Object Filter
In this page you specify the criteria for object selection. Only the objects matching the specified
criteria will be copied. The available options are as follows:
Include only protected objects

This will select to copy only objects with data protection. By default this is disabled, and would copy
any object, whether protected or not.
Include only objects with number of copies less then

This will select to copy only objects that do not have more than a certain number of copies
specified. The maximum is 10. By default this is disabled.
Include objects backed up in timeframe (available only for scheduled object copy)
This option defines the timeframe within which Data Protector will search for sessions.
• Relative time
Select this option to set a relative period of time, and then specify the timeframe. The first
number specifies the beginning of the timeframe, and the second number the duration of
the timeframe.
For example, if you specify 24 in the first field and 22 in the second field, and the operation
is scheduled today at 10 pm, Data Protector will copy objects from the sessions that took
place between 10 pm yesterday (24 hours ago) and 8 pm (22 hours after the start time)
today. This time window concept is the same as for the AMO discussed previously in this
module.
• Absolute time
Select this option to set an absolute period of time. Specify the starting and the end date of
the period. Click the drop-down arrows to display the calendar.
• No time limit (default)

Select this option to include all sessions, regardless of when they were performed.

Module 12
12-18. SLIDE: Object Copy wizard – Filter 2/2
Library Filter for Object selection
Library Filter
• All libraries : No Filter on media location
• Libraries capable of replication :Apply to

Object Copy through Replication feature
(requires two HP StoreOnce B6200 devices
with StoreOnce Catalyst)
• Selected Libraries: Only objects residing on

media in the specified libraries will be copied
In this page you can specify the library filter for object selection. Only objects residing on media in
the specified libraries will be copied.
All libraries (default option)

Select this option to include all the listed libraries in the operation. The libraries visible in the pane
will be shaded.
Libraries capable of replication

Starting with Data Protector 7.01 it is possible to configure a direct data replication between two
HP StoreOnce Hardware Appliances using the Catalyst interface, also called D2D HW-to-HW
replication. As a special feature the deduplicated data is not dehydrated during the replication. This
replication can be configured through the Object Copy wizard, so specific replication options were
added to the GUI. For more information see Module 15 “Deduplication”.
Selected libraries
Select this option to include only specific libraries. Objects that reside on media for the selected
backups and used within the time window, but are outside the specific library will not be copied.

Module 12
12-19. SLIDE: Object Copy wizard – Devices
Object Copy - Devices
1. Define Source Devices

reading the data
3. Define Destination
Devices writing the data
2. Optional:
Replace Original Device
by other Device
Note:
Automatic device selection is influenced by Logical Device
Device Policy setting and by global variable
AutomaticDeviceSelectionOrder (0,1,2)
Object Copy wizard – Devices
In this page, the source and destination devices are chosen.
1. Source Devices
Automatic device selection

By default, these devices, which were used for writing the objects, are selected for copying as
source devices in the object copy operation. This setting can be tuned by global option
AutomaticDeviceSelectionOrder. Setting this option to 2 will cause that Data Protector will never
attempt to use the original devices. It will use devices with the Copy flag policy applied instead.
Device Policy

Module 12
In addition it is possible to mark and replace source devices with other devices in the same library
by pressing the Change button and do the replacement in the new popup window.
In case of large copy jobs with lots of devices involved this feature will allow a dramatically
reduction of involved devices.
Original device selection

The names of the devices which were used for writing the objects are selected for copying.
2. Destination Devices
Show all
Select this option to display all configured devices, including these ones that will be used for source
reading. At this stage Data Protector does not know which devices will be used for reading if user
wants to use the automated media-set selection. With automated media-set selection the device
availability is known only when the copy session starts.
Show capable of replication

D2D HW-to-HW replication feature only. For more information see Module 15 “Deduplication
Show selected
Select this option to display only selected devices. The user can select any number of devices but
not more then number of selected objects.
Properties
To display the properties of a device, select the device, highlight it, and then click this button. This
brings up the same dialog as in backup where user can change media pool, define pre-allocation
list, etc.
Min(-imum)/Max(-imum) devices
Specify the minimum and maximum number of available devices similar to the Load Balancing
feature as in backups.
Note: Data Protector will lock the number of maximum devices, so devices cannot be
used for other tasks, even if they are not used in this copy job.

Module 12
12-20. SLIDE: Object Copy wizard – Options
Object Copy - Options
1. Activate Object Replication between

two Backup to Disk (B2D) Devices
1
2 2. Allow modification of source object

protection to free space on source
device
3. Set data and catalog protection

of created copies
3
4. Option to change IDB logging

(Filesystem objects only)
4
5. Configure target media handling

5
6. Setting session ownership to

6 overwrite default ownership
handling
Object Copy wizard – Options
In this page you can specify options for the object copy operation.
Use replication
This Object Copy wizard can be used to configure Data Replication between two B2D devices, e.g.
two StoreOnce B6500 Hardware Stores. To activate this special replication with or without Data
Dehydration activate this option. For normal Object Copy do not check this option.
Source object options

“Change data and catalog protection after successful copy”
Select this option to change the data and catalog protection periods for the source objects involved
in the object copy session to the specified setting.
“Recycle data and catalog protection of failed source objects after successful copy”
Select this option to remove data and catalog protection of failed objects on the source media. The
failed objects will not be copied in the object copy session, so carefully consider the use of this
option.
Using these option will automatically free space on the source data location and allows re-use of
the space for backup.

Module 12
Target object options

Target options allow for the control of the copy destination media. The three available options are
as follows:
• Protection
The data protection of the objects on the target media is by default the same as the
protection of the source objects. To specify a different protection period, deselect the
“same as source” option and select one of the following: days, none, permanent, until, or
weeks.
• Catalog Protection
The catalog protection defines how long information about the objects (such as filenames
and detail catalog information) is kept in the IDB.
By default, the catalog protection of the objects on the target media is the same as the
catalog protection of the source objects.
• Logging
The logging level determines the volume of detail for files and directories that is written to
the IDB during backup or object copy sessions. The logging level of a copy session can differ
from the backup session; it can be even higher than defined at backup time, because full
catalog is always written to tape. Logging option only applies for filesystem backups. The
Logging level cannot be set for Integration backups, here all required information for
restore/recovery are stored automatically in IDB at backup and at copy time.
Target media options

“Eject target media after successful copy”
With this option selected the target media will be ejected after a successful object copy operation.
It is recommended to specify the location where the media will be kept. Locations are the same
“vaulting locations” used for other media management tasks.
Ownership
The user who starts a session in Data Protector is stored as session owner in the IDB. Session
Ownership is a security feature, so only users with appropriate permissions are able to see and
browse a session. Object copy allows copy of various sessions, initially performed by different
owners, so incorrect usage might result that users are not able to see their session and data after
source data protection expires. This option allows overwriting of the default session owner by the
specified user.

Module 12
12-21. SLIDE: Summary
Summary
Object Copy Object Mirror Media Copy
What is Any combination of A set of objects An entire medium
duplicated object versions from from a backup
one or several backup session
sessions
Time of Any time after the During backup Any time after the
duplication completion of the completion of the
backup backup
Media type of Can be different Can be different Must be the same
source and target
media
Size of source and Can be different Can be different Must be the same
target media
Appendability of Yes Yes No
target media
Result of the Media containing the Media containing Media identical to the
operation selected object the selected source media
version object version
Note: Object Mirror is handled in Chapter 9 – Backup

This table provides an overview of the available methods of duplicating backed up data:
• Media copy
• Object copy
• Object mirror (covered in detail in the “Backup” module)

Module 12
12-22. SLIDE: Media and Object verification
Media and Object verification
Open DP GUI – Object Operations to

access Verification area
Data Protector offers the following

methods for verifying backup objects:
• Media verification
• Object verification
For both methods the discussed media and

object copy functionality is used
Note: Media verification is located under Devices and Media, similar to Media Copy. Media Verification
entry under Object Operations is just a placeholder that forward users to the right context
Media and Object verification
Media and Object Verification allows the verification of performed backups, copies and
consolidations without physically restoring the data to any system.
The following methods are available:

• Media verification
• Object verification
Similar to Media and Object copy Media Copy allows the verification of the whole medium, while
Object copy allows the verification on Object level.
Under normal conditions a verification should not be required. Data Protector checks the correct
function of its Media and Disk Agents and reports any encountered problems in the session report,
so the Backup Administrator is able to get the Media and Object backup status by checking the
session reports, running reports or querying the IDB.
But in special situations such as critical restores, vaulting of media with long retention for legal
purposes or sending media to other datacenter for disaster recovery preparation a media and
object verification might be required to ensure data consistency.

Module 12
12-23. SLIDE: Media verification
Media verification
Media Verification
• Under Devices & Media expand
Pools and expand your Media Pool
• Mark the Medium and select Verify
from the Context menu
• Select the Backup Device that
should be used for the verification
and click
• Check the status of the started
media session to see the result
CLI : omnimver –device <Logical Device> <options>

Media verification
As stated on the previous slide see Devices & Media context for the Media verification feature.
Usage
Expand Pools and expand the Media Pool holding the medium to verify and mark this medium.
Select Verify from the context menu. In an Option window select the Logical Device that should be
used to read the medium and hit Finish to start the verification.
What is verified?
• Checks the Data Protector headers that have information about the medium
(Medium-ID, Description and Location).
• Reads all blocks on the medium and verifies block format.
• If the CRC check option was used during backup, recalculates the CRC and compares it to
the one stored on the medium. In this case, the backup data itself is consistent within
each block. This level of check has a high level of reliability.

Module 12
If the CRC check option was not used, and the verify operation passed, this means that all the data
on the medium has been read. The medium did not cause a read error, so the hardware status of
the tape is fine.
The CRC check option can be checked

under Device Properties in your backup
specification.
On the command line Media Verification features can be scripted via:
CLI : omnimver –device <Logical Device> [-slot <slotID>] [-eject]
Note: It is not possible to configure a scheduled or post backup Media verifications.

As a workaround you could execute a Post Exce script to verify the used media of the
performed backup job.

Module 12
12-24. SLIDE: Object Verification GUI/CLI
Object verification GUI/CLI
1. Automated
• Post Backup
• Scheduled
2. Interactive
2 • Media view
1 • Objects view
• Sessions view
1
2
CLI : omniobjverify -verificationlist <VerificationSpecificationName> <options>

Object Verification GUI/CLI
Object Verification part of the Object Operations context. There are two methods for object
Verification: Automated and Interactive. As an example an interactive Object verification is
explained on the following pages.
Very similar to Object Copy, there are the Objects and Tasks tabs. The Objects tab allows the
definition of a copy specification. The tasks tab starts interactive session wizards to perform
various object copy tasks and create copy specifications. There is a high degree of overlap between
the two tabs, so there are multiple ways to access the same functionality.
On the command line Object copy features can be scripted via:
CLI : omniobjverify –verificationlist <VerificationSpecificationName> <options>

Module 12
12-25. SLIDE: Interactive Object verification 1/4
Interactive Object verification 1/4

Object Verification is very similar to Object Copy. The usage is shown on the
example of an Interactive Object verification with entry point Sessions
1
3 2. Expand Object verification –

Interactive and click on Sessions
3. In the right windows expand the

Session to see the backed up objects
4
2 4. Select a subset or all Objects
for verification.
Click on Next to continue
Object verification offers the same look and feel like configuring an Object copy. So entry points are
the same for the creation of an automated or interactive Object verification. As an example the
creation of an interactive Object verification is used to illustrate the usage of that feature.
In the sample on the slide three IDB backups were run.
Change to the Object Operations context in the DP GUI. Under Verification expand Object
verification – Interactive and select Session to verify objects created in a particular session.
In the Result window on the right the three IDB sessions are listed. Expand the specific session,
here 2014/07/30-4, to see the backed up Objects from that session.
Mark the Objects for Verification and click on Next to continue.

Module 12
5. Select the Reading Device(s)

5
6. Select the system that should be
used for verification
6
Note:
For a SAN based verification select Verify on
media agent host, otherwise data is send
over LAN to the selected host for verification
In the Source Devices window select the device(s) that will be used for reading the data from that
selected session. The device handling is again very similar to Object Copy. As a default the original
devices will be used for verification. If they are not available other suitable devices will be used if
Automatic device selection is used. In case Original device selection is used the verification will
abort, if the original used backup devices are not available. Hit Next to continue.
In the Verification target window select the system that is used to perform the verification. The
normal Restore Disk Agent (VRDA) performs the verification and this process can be started on any
Data Protector client system with a Disk Agent installed. The Restore Disk Agent does not restore
any data, it just checks if a restore would be possible, so it checks if data is readable and complete
(no data block is missing). Therefore the verification does not have to run on the original source
system.
Possible selection is:

• Source system
• Media Agent host
• An alternate host
Note: For a SAN based verification select Verify on media agent host, otherwise data is send over
LAN to the selected host for verification

Module 12

7. Check if all required media are
available to prevent mount
requests (Non-resident media)
7
8. Check the listed objects in the
Summary window. Delete Objects
you want to exclude. Hit Finish to
start Verification
Note: It is possible to select copies of selected objects for verification. Mark the Object and click on Properties
to get to the selection menu.
In the Media Window check the required media and ensure that media are available.
If you click on Non-resident media you will see all media, which are currently not online accessible,
so these media will issue a mount request.
The last window of the wizard, the Summary window, lists all objects selected for verification. It is
still possible to delete objects from the list, adding objects is not possible here.
If you mark an Object from the list, the Properties button

gets activated and allows the selection of alternate
Object sources, like copies.
Hit the Finish button to start the verification.

Module 12
Check the Verification session

output to get the status
An object verification is handled like a normal Filesystem restore.

A Restore Session Manager (RSM) is controlling the session and starts the required Restore Media
Agents (RMA) and Restore Disk Agents (VRDA). A session is started and can be interactively
monitored through DP GUI/CLI or checked after completion by an IDB query through DP GUI/CLI.
The result of the verification is shown at the end of the session.
[Normal] From: RSM@vm1.dpdom.com "Interactive" Time: 7/31/2014 11:01:16 AM

Verified successfully:
vm1.dpdom.com:ConfigurationFiles IDB (2014/07/30 0004, copyId=9868C9CD-3AC0-41D2-B020-82149F6C39FA/1382)
vm1.dpdom.com:DCBFs:1 IDB (2014/07/30 0004, copyId=9868C9CD-3AC0-41D2-B020-82149F6C39FA/1386)
vm1.dpdom.com:DCBFs:0 IDB (2014/07/30 0004, copyId=9868C9CD-3AC0-41D2-B020-82149F6C39FA/1384)
vm1.dpdom.com:SMBFs:1 IDB (2014/07/30 0004, copyId=9868C9CD-3AC0-41D2-B020-82149F6C39FA/1393)
[Normal] From: RSM@vm1.dpdom.com "Interactive" Time: 7/31/2014 11:01:16 AM

Successful verifications: 6
Unsuccessful verifications: 0

Module 12

Module 13 — Object Consolidation
Objectives
• understand and explain Object Consolidation
• understand the requirements and principal work of Synthetic and Virtual Full Backups
• know how to configure and run an Object Consolidation
• know how to run Restores with Object Copies and Object Consolidations
Contents
Module 13 — Object Consolidation ................................................................................................... 1
13–3. SLIDE: Object Consolidation - Motivation ............................................................................... 2
13–4. SLIDE: Synthetic Full Backup – How it Works......................................................................... 3
13–5. SLIDE: Synthetic Full Backup – Requirement 1/2 .................................................................. 4
13–6. SLIDE: Synthetic Full Backup – Requirement 2/2 ................................................................... 5
13–7. SLIDE: Object Consolidation GUI/CLI ....................................................................................... 7
13–8. SLIDE: Interactive Object Consolidation 1/3 ........................................................................... 8
13–9. SLIDE: Interactive Object Consolidation 2/3 ........................................................................... 9
13-10. SLIDE: Interactive Object Consolidation 3/3 ........................................................................ 10
13-11. SLIDE: Virtual Full Backup – How it Works ........................................................................... 12
13-12. SLIDE: Virtual Full Backup – Requirements......................................................................... 13
13-13. SLIDE: Synthetic Full Backup vs. Virtual Full Backup 1/2 .................................................... 14
13-14. SLIDE: Synthetic Full Backup vs. Virtual Full Backup 2/2 .................................................... 15
13-15. SLIDE: Object Consolidation – Backup Types ....................................................................... 16
13-16. SLIDE: Restore Considerations ............................................................................................. 17
13-17. SLIDE: Restore with Consolidation and Copies .................................................................... 19
13-18. SLIDE: Limitations ................................................................................................................ 20
Module 13
Object Consolidation
13–3. SLIDE: Object Consolidation - Motivation
Object Consolidation - Motivation

Problem:
• Backup window too small or amount of Data too big to perform full backups
• Long Restore chain because of lots of incremental backups
Solution:
• Run an initial full backup and afterwards incremental backups only
• Consolidate full and incremental backups into one synthetic full backup
• Continue run incremental backups only and consolidate these backups with
the last synthetic full to a new synthetic full backup
Consolidation Types:
• Two different Object Consolidation types are supported:
 Synthetic Full Backup
 Virtual Full backup
Object Consolidation – Motivation
Data Protector Object Consolidation is another component of Data Protector’s Object Operations.
It is based on the unique Object Copy feature and, similar to all Object Operations, a full offline
feature that requires no access to the application system. In addition it requires no special license
to use, just the configured Logical devices needs to be licensed.
Data Protector Object Consolidation dramatically reduces the need of frequent full backups. In
large enterprise environments full backups are nearly impossible to run, because of the amount of
data to back up during such a full backup and the given backup time windows. So customers are
running incremental backups, which causes a long restore chain and lots of media to be loaded.
Using Object Consolidation functionality allows to consolidate all incremental backups with an
existing full backup. As a result you will get a newly updated full backup that can be used for
restore. This newly created full backup is called synthetic full backup.
Afterwards continue run incremental backups and consolidate these new incremental backups with
the last synthetic full backup. So there is actually no need to run real full backups again.
Two different Object Consolidation types are supported:

• Synthetic Full Backup
• Virtual Full Backup
Both methods will be explained in detail on the following pages.

Module 13
13–4. SLIDE: Synthetic Full Backup – How it Works
Synthetic Full Backup – How it Works

Data Protector Synthetic Full Backup merges a full backup and any number of
incremental backups into a new, synthetic full backup.
Used Logical device:

Tape
Disk
Synthetic Full Backup – How it Works
As stated on the previous slide there are two different Object Consolidation types. Let’s start with
the most common used type - Synthetic Full Backup.
Data Protector Synthetic Full Backup merges a full backup and any number of incremental backups
into a new, synthetic full backup.
This synthetic full backup is fully independent from the previous full backup and can be used like a
normal full backup. Object Copy or further Object Consolidation sessions with newly created
incremental backups are possible.
As shown on this high level overview slide the created synthetic full backup only contains the set of
data you will get after restoring the full and all incremental backups.
In case a file was overwritten the deleted version is not part of this synthetic full backup and for
modified files only the latest version of that file is part of the synthetic full backup.

Module 13
13–5. SLIDE: Synthetic Full Backup – Requirement 1/2
Synthetic Full Backup – Requirement 1/2

The Data Protector synthetic backup can be written to any supported disk or tape
device. But there are requirements for the location of the backups to be consolidate.
Location of the initial full Backup

The initial full backup can be written by any supported disk or tape device.
Location of the incremental Backups

All incremental backups need to be located within the same disk based device,
a Data Protector File Library or a Backup to Disk (B2D) device (except a B2D
Smart Store).
The synthetic full backup can be written to any supported disk or tape device. There is no
dependency to the location of the consolidated full and incremental backups.
But there are requirements for the location of the backups to be consolidate.
Location of the initial full Backup

The initial full backup can be written by any supported disk or tape device.
Location of the incremental Backups

All incremental backups need to be located within the same disk based device, a Data Protector File
Library or a Backup to Disk (B2D) device (except a B2D Smart Store).
Note: Similar to Object Copy the target device need to have the same or higher block size than the
used source devices. Other parameter like backup device type (disk or tape), number of
used source or target devices or used concurrency of source or consolidated data can
differ.

Module 13
13–6. SLIDE: Synthetic Full Backup – Requirement 2/2

To enable synthetic backup, the use of enhanced incremental backup is required.
Enhanced incremental backup must be turned on before the full backup and the
incremental backups are performed.
Enhanced Incremental Backup

Enhanced mechanism to detect all changed files, including
renamed and moved files, as well as files with changes in
attributes
Filesystem Options - Other

Check: Enhanced incremental backup
Default: not selected
In case of synthetic full backups only incremental backups are performed on the Backup client
systems. To ensure that all changes are discovered on these system an enhanced incremental
backup has to be performed.
Enhanced incremental backup is using an enhanced mechanism to detect all changes on the
system, including renamed or moved files, as well as file attribute changes only.
For activation open your backup specification, change to the Options tab and click on Filesystem
Options. In the Popup window select the Other tab
and check the option Enhanced incremental backup
as shown on the slide above.
This will trigger the installation of a local MySQL

database on each client system - the file properties
are shown on the picture here - that keeps track of
all system changes and is contacted by the Disk
Agent at backup time. There is no need to backup
this database. It will automatically check
consistency and gets recreated in case of a problem.

Module 13
Important: After activation of the enhanced incremental backup option perform a

new full backup on this client system. This will initialize the load of the current file
properties into this local database.
In case the database get lost or corrupted a new full backup

is required to recreate this database.
All backups will now show up as full (enhanced) or

incremental (enhanced) backups in the Data Protector IDB.

Module 13
13–7. SLIDE: Object Consolidation GUI/CLI
Object Consolidation GUI/CLI
1. Automated
• Post Backup
2 • Scheduled
1
1
2 2. Interactive
• Objects view
• Sessions view
CLI : omniobjconsolidate -consolidationlist <Cons.SpecificationName> <options>

Object Consolidation GUI/CLI
Within the Data Protector GUI Object Consolidation is part of the “Object Operations” context.
Copy and Verification were covered in the previous chapter, so now let’s focus on Consolidation.
Similar to Copy and Verification there are two methods available for Object Consolidation:
Automated and Interactive. The changes compared to the already covered Object Copy and Object
Validation feature are explained on an interactive Object Consolidation configuration in the
following pages.
Additionally, there are the Objects and Tasks tabs. The Objects tab allows the definition of a
Consolidation specification. The tasks tab starts interactive session wizards to perform various
object consolidation tasks and create consolidation specifications.
On the command line Object Consolidation tasks can be scripted via:
CLI : omniobjconsolidate –consolidation <Cons.SpecificationName> <options>

Module 13
13–8. SLIDE: Interactive Object Consolidation 1/3
Interactive Object Consolidation 1/3

1
2. Expand Object Consolidation –
Interactive and click on Objects
3 3. Expand the Object until you

see the Session Date and Times
2 4
4. Mark the latest enhanced

incremental session to consolidate
Note:
• Objects that cannot be consolidated are grayed out (e.g. every regular or synthetic full backup)
• Direct selections are marked in red, depended restore chain is automatically marked in black
• Only Filesystem Objects can be consolidated
There are two ways to start an interactive Object Consolidation session, sorted by Objects or
Sessions. In certain use cases, situation and depending on the available backup information it
might be more convenient the start with Objects or with Sessions.
In case an interactive Object Consolidation by Object is selected the result pane starts showing all
backed up filesystem objects (WinFS for Windows and Filesystem for Unix) only, grouped by
system name. Expand the system to see all backed up objects on that system (drive letter, mount
points). Expand the object (e.g. drive letter like C:\ <Description>) to see all performed backup
sessions on that object.
Note: Only objects that are backed up using the enhanced incremental backup option are shown
Mark the latest enhanced incremental backup session you want to consolidate. This session will be
marked in red, all dependent backups from the restore chain are automatically marked in black.
Click on Next to continue.

Module 13
13–9. SLIDE: Interactive Object Consolidation 2/3

5. Select the Reading Devices
5 (Source Devices) for the full and all
incremental backups
6. Select the Destination Device(s)
Note:
• As a default the original Source Device(s) are used as Read Devices for full backups and can be replaced via the Change button
• Read Device(s) for the incremental backups are not pre-allocated, user input is required
• Destination Devices support Load Balancing (Min/Max) and more option via Properties button (Media Pool, Concurrency..)
Object Consolidation will consolidate full and incremental backups, so two sets of Reading Devices
are required, one set of Reading Devices that will read the full backup and one set of Reading
Devices that will read all the incremental backups.
In the above shown Source Window this selection has to be made. The required devices to read the
full backup are pre-allocated – the original Source devices. If you need to replace these devices,
because they are currently used for backups, just mark the device and click on the activated
Change button to select a new device. The devices/writers to read the incremental backups are not
pre-allocated. The File Library that keeps all incrementals (listed requirement for Object
Consolidation) is shown and you need to pick up one or more writers to read the incremental
backups. Hit Next to continue.
Note: Similar to Object Copy/Validation a Restore Media Agent (RMA) gets started for each device
to read the data. In difference to a normal restore each device requires a valid license.
In the Destination Device window select the device(s) used to keep the consolidated data. It is
possible to select disk or tape devices and it is possible to select properties like Media Pool,
Concurrency or Load Balancing option similar to a normal backup specification configuration.

Module 13
13-10. SLIDE: Interactive Object Consolidation 3/3

7. Check the Options (similar to Object
7 Copy) and hit next to continue
Not shown wizard windows:

• Check list of required media
• Check/Overwrite automated Copy
selection
• Summary Windows
8. Hit Finish to start Consolidation.

Check the Session Report
The Options Window shows similar options like in Object Copy. So it is possible to define Logging
Level and Protection for the consolidated data and to define the handling of the Source data after a
successful consolidation. For Service providers that backup data of different departments or
customers it is possible to filter objects by owners. Hit Next to continue.
The following, not shown, window lists the required media for this consolidation, grouped by non-
resident media and all media.
The Copies Window (see right) provides a list of

required objects with the possibility to select
Object Copies manually (in case copies of the
selected object exist).

Module 13
Finally the Summary Window is shown. It

is possible to delete consolidation objects
from the list or fine tune the options on an
object level by marking the consolidation
object and select Properties.
Hit Finish to start the Object Consolidation.
In case of an interactive Object Consolidation the session is automatically shown within the GUI.
For a scheduled or post backup consolidation open the Internal Database – Sessions context
within the GUI to see the session details.
Note: Similar to Object Copy the Copy and Consolidation Session Manager (CSM) controls the
Consolidation session.
An interactive Object Consolidation Specification is directly executed and not saved for a recurrent
execution.
In case of an automated Object Consolidation,

Post Backup or Scheduled, a Consolidation
Specification is created and saved on the Cell
Manager under:
Post Backup Object Consolidation Specification

DP_CONFIG\consolidationlists\afterbackup
Scheduled Object Consolidation Specification

DP_CONFIG\consolidationlists\scheduled
The schedule information for this specification is saved into a separated file under:
DP_CONFIG\consolidationlists\scheduled\schedules
Note: After saving a scheduled Object Consolidation Specification the Advanced Scheduler
can be used to schedule this consolidation specification.
Both saved automated Consolidation

Specifications can be directly started
from the GUI via:

Start Consolidation
from the CLI via:

omniobjconsolidate –consolidationlist
<name> -scheduled

Module 13
13-11. SLIDE: Virtual Full Backup – How it Works
Virtual Full Backup – How it works

If all backups, full and incremental, are written to the same Data Protector File Library that uses
Distributed File Media Format, a Virtual Full Backup is performed. This solution uses pointers to
consolidate data rather than copy the data.
Data Protector
File Library with
DFMF
Virtual Full Backup – How it Works
A special Object Consolidation is a Virtual Full Backup. Data Protector automatically performs a
Virtual Full Backup if the required full and all incremental backups are located within the same
Data Protector File Library and Distributed File Media Format (DFMF) is used in this library.
In such a setup all required data is already available, somewhere within this File Library. By using
the Distributed File Media Format a Virtual Full Backup is created as set of pointers only that points
to the current location of the backed up files and directories within the File Library, which are
identified as content of this Virtual Full Backup.
The main benefit is, no data needs to be copied within the File Library to create this new Virtual
Full Backup. This operation is a very fast and space efficient way to create full backups.
Note: Virtual Full backup is only supported for Data Protector File Libraries using DFMF.
Internally the data protection of the file media within the File Library is managed in a different way
than for normal Data Protector media. Even if the user configures a data protection for the full and
the incremental backups the data might be still required to restore the created Virtual Full Backups.
So Data Protector needs to keep data from the initial full backup and from those incremental
backups, which are still part of the protected Virtual Full Backups, while externally from a Data
Protector GUI these session are not available for restore anymore.

Module 13
13-12. SLIDE: Virtual Full Backup – Requirements
Virtual Full Backup – Requirements

The Data Protector Virtual Full Backup is supported for Data Protector File Library only.
Requirements of Virtual Full Backup are:

• Full Backup and all incremental backups need to be located in the same File Library
• Enhanced Incremental Backup option is used
• Distributed File Media Format (DFMF)is activated for the File Library
File Library - Settings

Check: Use distributed file media format
Default: not selected
Virtual Full Backup – Requirements
The requirements for the Virtual Full Backup are:
• Full Backup and all incremental backups need to be located in the same File Library
• Enhanced Incremental Backup option is used
• Distributed File Media Format (DFMF)is activated for the File Library
In order to activate DFMF for a File Library change to Devices & Media context within the GUI,
expand Devices and see the Properties of the File Library. Under Settings activate the option:
Use distributed file media format
as shown on the slide above.
Important: It is possible to activate for an existing File Library, which was used for backups
before. In addition it is possible to deactivate DFMF for a File Library. After DFMF
deactivation Data Protector will create Synthetic Full Backups instead of Virtual Full
Backups.

Module 13
13-13. SLIDE: Synthetic Full Backup vs. Virtual Full Backup 1/2
Synthetic Full Backup vs. Virtual Full Backup 1/2
During Object Consolidation configuration there is no option to define, if

Synthetic or Virtual Full Backup should be performed.
Data Protector always performs a Synthetic Full Backup, only in case the
requirements for a Virtual Full Backup are fulfilled it automatically performs a
Virtual Full Backup.
Note: There is no message in the session report, what type of Consolidation

was performed. Only the property Backup Type, listed under
Internal Database – Sessions
contains consolidation type:
• full (synthetic, enhanced)
• full (virtual, enhanced)
The Objection Consolidation wizard provides no option to select if a Synthetic or Virtual Full Backup
should be performed during Object Consolidation. There is also no option for the CLI available.
Data Protector automatically decide, if a Synthetic or Virtual Full Backup is performed. If all
requirements for a Virtual Full Backup all fulfilled automatically a Virtual Full Backup is created,
otherwise a Synthetic Full Backup is created.
If later on DFMF is deactivated for the

chosen File Library the same Consolidation
session will now perform a Synthetic Full
backup without any warning or error.
The session report does not mention the

consolidation type. Only Backup Type,
listed under Internal Database - Sessions
shows the performed consolidation type,
e.g.:
• full (synthetic, enhanced)
• full (virtual, enhanced)

Module 13
13-14. SLIDE: Synthetic Full Backup vs. Virtual Full Backup 2/2

Example 1
Example 2
Example 3
Example 4
DFMF DFMF DFMF

The examples is based on the following scenario:
• 1 Full Backup performed to Tape or Disk

• 2 Incrementals performed to Tape or Disk
Example1: Full Backup performed to Tape, Incremental Backups to Disk

• Synthetic Full is performed,
• Requirements for Virtual Full not fulfilled
Example2: Full Backup performed to Tape, One Incremental Backup to Disk, one to Tape
• Consolidation not possible
• Requirements for Synthetic and Virtual Full not fulfilled
Example3: Full and Incremental Backups performed to Disk, no DFMF is used

• Synthetic Full is performed,
• Requirements for Virtual Full not fulfilled
Example4: Full and Incremental Backups performed to Disk, DFMF is used

• Virtual Full is performed,
• Requirements for Virtual Full are fulfilled

Module 13
13-15. SLIDE: Object Consolidation – Backup Types
Object Consolidation – Backup Types
full ……………………………………………… regular full backup

full (enhanced) ……………………………… full backup with enhanced incremental option
incr (enhanced) …………………………….. Incr. backup with enhanced incremental option
full (synthetic, enhanced) ………………. Synthetic Full Backup
full (synthetic, enhanced, copy) ……… Object Copy of the Synthetic Full Backup (*)
full (virtual, enhanced) …………………… Virtual Full Backup
full (virtual, enhanced, copy) …………… Object Copy of the Virtual Full Backup (*)
(*) .. Second Consolidation of the same Object also shows up as copy

Object Consolidation – Backup Types
Session Property Backup Type contains the information if a backup was performed with the
Enhanced Incremental Backup option (full and incremental). In this case the “(enhanced)” was
added to the regular backup type full and incr.:
• full (enhanced) …………… full backup with enhanced incremental option

• incr (enhanced) …… …….. Incr. backup with enhanced incremental option
In addition it is possible to identify regular full backups, synthetic full backups and virtual full
backups:
• full …………………………… regular full backup
• full (synthetic, enhanced) Synthetic Full Backup
• full (virtual, enhanced) .. Virtual Full Backup
In case an Object Copy or second Object Consolidation of the same object was performed “copy” is
added to the Backup Type:
• full (synthetic, enhanced, copy) Object Copy of the Synthetic Full Backup
• full (virtual, enhanced, copy) Object Copy of the Virtual Full Backup

Module 13
13-16. SLIDE: Restore Considerations
Restore Considerations
Synthetic Full
full incr incr incr incr incr Object Copy
based on
Syn. Full
restore chain
Object Copy Syn. Full

consolidation
object copy
Object Copy
Scenario
• 1 full and 5 incremental backups are performed
• after each even incremental a synthetic full is done
• each synthetic backup is copied Data Protector automatically picks
up the shorted restore chain via
5 Restore Chains available AMSS
(Automated Media Set Selection)
Restore Considerations
Using Object Copy and Object Consolidation will add a lot of complexity to the restore area as well.
Assuming the following scenario:

• An initial full and 5 incremental backup were performed.
• Always after two new incrementals a synthetic full to Disk was made
• For each Synthetic Full an Object Copy to Tape was made.
Now a problem occurred and the backed up data need to be restored. There are five restore chains
available:
1. Restore the full backup and all 5 incrementals
2. Restore the first Synthetic Full and 3 incrementals
3. Restore the Object Copy of the first Synthetic Full and 3 incrementals
4. Restore the second Synthetic Full and 1 incremental
5. Restore the Object Copy of the second Synthetic Full and 1 incremental
The question is now: Which backup chain Data Protector will restore and how to configure it?
Data Protector is using an internal function called Automated Media Set Selection (AMSS) to
identify the best restore chain out of a complex tree of possibilities. In this case the shortest chain
is selected, which will point to Restore Chain 4 or 5.

Module 13
Which one of these two ways is selected at the end depends on the configured Location Priority.
In case disk based restore is having a higher priority over tape based restore the Restore Chain 4
will be used.
It is possible to switch off AMSS and manually select the copy you want to restore. This is shown on
the next slide.

Module 13
13-17. SLIDE: Restore with Consolidation and Copies
Restore with Consolidation and Copies
Based on AMSS Data Protector automatically select the best versions to

restore. Similar to Object Copy a manual overwrite is possible.
Automated Media Set

Selection (AMSS)
activated
Mark the version, click on

Properties to manually select the
source copy to restore
Restore with Consolidation and Copies
For the Restore mark the data in the Source Window and select the session you want to restore,
e.g. the 5th incremental backup, based on the example from the previous slide.
Use the Destination, Options and Media Windows in the same way like during a normal restore.
In the Copies Windows all Object versions are listed. For the full backup the synthetic full object
was automatically selected.
If you want to overwrite this default selection, mark that Object version and click on Properties.
In the Version Property Window check Select source copy manually and pick up the version from
the pull down menu. In the example above the Object Copy is selected.

Module 13
13-18. SLIDE: Limitations
Limitations
• Object Consolidation is only supported for Filesystem backups, there is

no Database or Application Integration support
• Synthetic Full Backup requires all incremental backups within the same
Data Protector File Library
• Virtual Full Backup requires full and all incremental backups within the
same Data Protector File Library
• Virtual Full Backup is only supported for Data Protector File Library
• A consolidation of AES 256 encrypted data is not supported
Limitations
The following limitation apply for the use of Object Consolidation
• Object Consolidation is only supported for Filesystem backups, there is no Database or

Application Integration support. This includes the backup of the Data Protector Internal
Database, which is an Integration Backup since Data Protector version 8.00
• Synthetic Full Backup requires all incremental backups within the same Data Protector File
Library. The full backup can be located within any supported disk or tape.
• Virtual Full Backup requires full and all incremental backups within the same Data
Protector File Library. Only in this configuration Data Protector is able via DFMF to create
the set of Pointers that will point to the physical location of the data within this File Library.
• Virtual Full Backup is only supported for Data Protector File Library. No Backup-to-Disk,
File Jukebox or Virtual Tape Library is supported.
• A consolidation of AES 256 encrypted data is not supported. If the full and all incrementals
or any of those backups was using Data Protector AES 256 Encryption the Object
Consolidation is not supported.

Module 13

Module 14 — Internal Database
Objectives
• understand and explain the concept of the IDB
• understand the architecture of the IDB
• perform IDB maintenance and administration tasks
• perform IDB backup and restore
• configure IDB related reports and notifications
• run a DR of the IDB
Contents
Module 14 — Internal Database 1
14–3. SLIDE: Concept 1/4 – Embedded database system ............................................................... 2
14–4. SLIDE: Concept 2/4 – DP IDB as embedded database............................................................ 3
14–5. SLIDE: Concept 3/4 – What is the IDB used for ...................................................................... 4
14–6. SLIDE: Concept 4/4 – PostgreSQL .......................................................................................... 5
14–7. SLIDE: Architecture 1/7 – Overview ....................................................................................... 6
14–8. SLIDE: Architecture 2/7 – Catalog database .......................................................................... 7
14–9. SLIDE: Architecture 3/7 – Media Management database ...................................................... 9
14-10. SLIDE: Architecture 4/7 – Detail Catalog Binary Files .......................................................... 10
14-11. SLIDE: Architecture 5/7 – Session Message Binary Files ..................................................... 13
14-12. SLIDE: Architecture 6/7 – Serverless Integration Binary Files ............................................ 14
14-13. SLIDE: Architecture 7/7 – Encryption Keystore ................................................................... 16
14-14. SLIDE: IDB Directory structure ............................................................................................. 18
14-15. SLIDE: IDB related Data Protector Services ......................................................................... 21
14-16. SLIDE: Internal Database Size Limits ................................................................................... 23
14-17. SLIDE: Administration tasks ................................................................................................. 25
14-18. SLIDE: Manage IDB grow 1/2 ................................................................................................ 26
14-19. SLIDE: Manage IDB grow 2/2 ................................................................................................ 28
14-20. SLIDE: IDB Maintenance 1/3 ................................................................................................. 30
14-23. SLIDE: Maintenance Mode 1/2.............................................................................................. 34
14-24. SLIDE: Maintenance Mode 2/2.............................................................................................. 37
14-25. SLIDE: IDB Backup ................................................................................................................ 38
14-26. SLIDE: IDB Backup objects .................................................................................................... 41
14-27. SLIDE: IDB Incremental Backups .......................................................................................... 42
14-28. SLIDE: IDB Restore - Overview ............................................................................................. 43
14-29. SLIDE: IDB Online Restore 1/4 .............................................................................................. 44
14-33. SLIDE: IDB Offline Restore.................................................................................................... 50
14-34. SLIDE: IDB Restore during Disaster Recovery ...................................................................... 52
14-35. SLIDE: IDB reports ................................................................................................................ 54
14-36. SLIDE: Notifications .............................................................................................................. 56
Module 14
Internal Database
14–3. SLIDE: Concept 1/4 – Embedded database system
Concept 1/4
embedded database system
… database management system (DBMS) which is tightly integrated with an application

software that requires access to stored data, such that the database system is “hidden”
from the application’s end-user and requires little or no ongoing maintenance.
Concept 1/4 – Embedded database system
This module will deal with HP Data Protector’s Internal Database (IDB). Before we start let’s have a
quick overview about databases and the specifics of the model DP is using.
A database is a collection of information that is organized so that it can easily be accessed,

managed, and updated.
A database management system (DBMS) is a program that lets one or more users create and
access data in a database. A DBMS can be thought of as a file manager that manages data in
databases rather than files in file systems. Such systems are very powerful, provide a lot of base
and extended functionality and sold as separate product. But lots of application need to store and
manage some data, but would like to hide the complexity of DBMS systems to the end users. Such
DBMS system with reduced feature set is called Embedded database system:
An Embedded database system is a database management system (DBMS) which is tightly

integrated with an application software that requires access to stored data, such that the database
system is “hidden” from the application’s end-user and requires little or no ongoing maintenance.
(http://en.wikipedia.org/wiki/Embedded_database)

Module 14
Internal Database
14–4. SLIDE: Concept 2/4 – DP IDB as embedded database
Concept 2/4
File Properties
Used Medias
Session Messages IDB

Used Devices
The Internal Database (IDB) is an embedded database, located on the DP Cell

Manager, which keeps information regarding what data is backed up, on which media
it resides, the result of backup, restore, object copy, object consolidation, object
verification, and media management sessions, and what devices and libraries are
configured.
Concept 2/4 – DP IDB as embedded database
The Data Protector Internal Database (IDB) is an embedded database, located on the Cell Manager,
which keeps information regarding what data is backed up, on which media it resides, the result of
backup, restore, object copy, object consolidation, object verification, and media management
sessions, and what devices and libraries are configured.
The Data Protector IDB as an embedded database is fully transparent to the end user, which
means:
• These automated IDB installation/upgrade/removal via DP utilities

• automated startup/shutdown during system startup/shutdown
• IDB read/write/query operation only via DP utilities
• IDB Backup/restore/recovery only via DP utilities
• Automated IDB maintenance and health check
• User notification in case special IDB maintenance tasks are required
Data Protector 8.00 and higher are using a PostgreSQL database as Internal Database .
The details of the PostgreSQL Database are explained later in this module.

Module 14
Internal Database
14–5. SLIDE: Concept 3/4 – What is the IDB used for
Concept 3/4
Fast and convenient restore:
Browse and select the files and directories to be restored. Required list of media
and restore devices will be provided
Features Backup management:

Information about performed backup, restore, copy and consolidation sessions
Media management:
Stores information about all used media in backup, copy and consolidation
sessions, manage protection of stored data and track location of backed up data on
media for fast restore as well as track location of medias in tape libraries
Reporting and Auditing

Support various reports about Data Protector operations as well as auditing about
IDB performed configuration changes
Encryption/decryption management
In case of encrypted backups operation encryption keys are stored in the IDB and
retrieved in case of a restore
Concept 3/4 – What is the IDB used for
The information stored in the IDB enables the following:
Fast and convenient restore: Browse and select the files and directories
to be restored. Required list of media’s and restore devices will be provided
Backup management: The information stored in the IDB enables you to check the details of
performed backup, copy, consolidation and restore sessions.
Media management: Stores information about all used media in backup, copy and consolidation
sessions, manage protection of stored data and track location of backed up data on medias for fast
restore as well as track location of medias in tape libraries
Reporting and Auditing: Support various reports about Data Protector operations as well as
auditing about performed configuration changes
Encryption/decryption management: In case of encrypted backups operation encryption keys are

stored in IDB and retrieved in case of a restore

Module 14
Internal Database
14–6. SLIDE: Concept 4/4 – PostgreSQL
Concept 4/4
Data Protector is using PostgreSQL as

Internal Database engine
Postgres kju el
• Developer(s): PostgreSQL Global Development Group
• Type: Object-relational database management system (ORDBMS)
• License: free, open source software
• Website: www.postgresql.org
• DP Support: Data Protector 8.0X and 8.1X and higher
• Used Version: PostgreSQL 9.1 (on all supported Data Protector Cell Manager OS)
• Replaced IDB: Raima Database System (RDS) version 6.0 (used until DP 7.X)
Concept 4/4 – PostgreSQL
Data Protector is using PostgreSQL as Internal Database engine.
PostgreSQL is an object-relational database management system (ORDBMS) derived from the

POSTGRES package developed at the University of California at Berkeley, starting in 1986.
(POSTGRES has undergone several major releases since then.) By 1996 it was renamed to
PostgreSQL to reflect its support for SQL. But many people continue to refer to PostgreSQL as
"Postgres".
With over two decades of development behind it, PostgreSQL is now the most advanced open-
source database available anywhere. Current used version in Data Protector is 9.1.
PostgreSQL is available for all common instruction set architectures and many platforms -
including Linux, HP-UX, FreeBSD, Solaris, Microsoft Windows and Mac OS X.
It implements the majority of the SQL 2008 standards, is ACID-compliant and fully transactional
(including all DDL statements, has extensible data types, operators, index methods, functions,
aggregates, procedural languages,) and finally provides multi-threating support for high parallel
operations.
More info about PostgreSQL can be read on Wikipedia and the documentation on
http://www.postgresql.org/docs/

Module 14
Internal Database
14–7. SLIDE: Architecture 1/7 – Overview
Architecture 1/7
Overview
► Catalog Database
► Media Management Database

COMPONENTS
► Detail Catalog Binary Files
► Session Messages Binary Files
► Serverless Integration Binary Files
► Encryption Keystore
Architecture 1/7 – Overview
The DP IDB consists of the following components:
• Catalog Database
• Media Management Database
• Detail Catalog Binary Files
• Session Messages Binary Files
• Serverless Integration Binary Files
• Encryption Keystore
Each of the IDB components stores certain specific Data Protector information (records),
influences IDB size and growth in different ways, and is located ether in datafiles that belong to
PostgreSQL Server or outside within flat files on the DP Cell Manager. The default location of the
IDB with its components is:
UNIX : /var/opt/omni/server/db80
Windows: C:\ProgramData\Omniback\server\db80
In this module DP_IDB is used to refer to the IDB location.

Module 14
Internal Database
14–8. SLIDE: Architecture 2/7 – Catalog database
Architecture 2/7
Catalog database (CDB)
The Catalog database keeps information about:
• Backed up client systems with their object names,

versions, copies, mirrors, replicas and key identifiers
(if encryption was used)
• Database and Application Integration object names, versions, copies,

mirrors, replicas and key identifiers (if encryption was used)
• Positions of backed up objects on media

The same is done for object copies and mirrors.
• All started Data Protector session ids

Architecture 2/7 – Catalog database
The Catalog database (CDB) keeps information about:
• Client name, Backed up objects, their versions, copies and

key identifiers (if encryption was used)
• Positions of backed up objects on media
The same is done for object copies and mirrors.
• All started Data Protector session ids
The default location of the CDB datafiles is:
UNIX : DP_IDB/idb
Windows: DP_IDB\idb
All CDB datafiles are part of the embedded PostgreSQL database.
Each Data Protector client system with its drive letters (e.g.: C:\, D:\..) on Windows or mount points
(e.g. : /opt, /var, /) on UNIX is creating together with contributing properties like client system
name, label/description and session ownership an unique object entry in the IDB (for details see

Module 14
Internal Database
Backup module). Each backup of these objects creates a new object version, which is also stored in
the IDB.
The position of each backed up component on the backup media is stored in the catalog segment
on the backup media and in the CDB. This information allows very fast single file restores, because
DP knows exactly the position were the data is stored on tape.
Every DP operation like backup, copy, consolidation, restore sessions are tracked under a unique
session-id. These session id, e.g. 2014/01/30-234 is stored together with additional metadata like
session owner and timestamp in CDB part as well.
Note: Detailed information about backed up files and their attributes are not stored in the
CDB part of the IDB, but in the so called Detail Catalog Binary Files (DCBF).These
DCBF are covered later in this chapter.

Module 14
Internal Database
14–9. SLIDE: Architecture 3/7 – Media Management database
Architecture 3/7
Media Management database (MMDB)
The Media Management database keeps information

about:
• All available and used Data Protector media

of different types
• Configured logical devices, libraries and slots
• Configured media pools and magazines
Architecture 3/7 – Media Management database
The Media Management database (MMDB) keeps information about:
• All available and used Data Protector media of different types

• Configured logical devices, libraries and slots
• Configured media pools and magazines
The default location of the MMDB datafiles is the same like for the CDB datafiles:
UNIX : DP_IDB/idb
Windows: DP_IDB\idb
All MMDB datafiles are part of the embedded PostgreSQL database.
Note: MMDB and Objects/Object versions from the CDB are also referred as IDB Core
component.

Module 14
Internal Database
14-10. SLIDE: Architecture 4/7 – Detail Catalog Binary Files
Architecture 4/7
Detail Catalog Binary Files (DCBF)
The Detail Catalog Binary Files :
• form the biggest part of the IDB
• are grouped into configurable DCBF directories, which are either filled up
with DCBF sequentially or in parallel (global parameter)
• contain all metadata information about backed up files, such as file name,
size, modification time, attributes/protection, ..
• are created for each medium, will be deleted after medium is exported and
will be recreated if medium is overwritten
Architecture 4/7 – Detail Catalog Binary Files (DCBF):
• form the biggest part of the IDB

• are grouped into configurable DCBF directories, which are either filled up with DCBF files
sequentially or in parallel (global parameter)
• contain all metadata information about backed up files, such as file name, size,
modification time, attributes/protection, ..
• are created for each media, will be deleted after media is exported and recreated if media is
overwritten
The DCBF are grouped by DCBF directories. The default location of the DCBF directories is:
UNIX : DP_IDB/dcbf
Windows : DP_IDB\dcbf
The size of such a DCBF directory is nearly unlimited – the current documented limit is 2PB. Each of
the created DCBF could also grow unlimited in space, the size is limited by the OS and depends on
the number of file to be backed up.
By using DP GUI/CLI the user is able to create and modify DCBF directories. A maximum of 100 DCBF
directories can be configured, even outside of the default db80 area on separate mount points or
drive letters for better IDB performance.

Module 14
Internal Database
There are two global parameters that have an impact on the DCBF behavior:
# MaxDCDirs
(default = 50, Min=1, Max= 100)
This option specifies maximum number of configured DCBF Directories.
# DCDirAllocation
(default = 1)
This global option control, which algorithm will be used to select the
directory for the creation of the new DCBF file:
0 - Fill in sequence
1 - Balance size
2 - Balance number
Especially the global parameter DCDirAllocation is quite important with regards to IDB
performance. Setting it to 1 or 2 will utilize all configured DCBF directories, which will cause a much
better performance than filling up DCBF directories up in sequence.
What is stored within the DCBF?

The DCBF contain all information about the backed up files and directories or Database &
Application Integration components that are stored on a particular backup medium, like filenames,
file attributes, ownership, access time, modification time, size and so on. In case of a large
Fileserver backup with Mio of Files and Backup Option Log All a single DCBF might grow up to
several GB in size. So ensure to have always enough space available on your IDB partition.
Each media that was used in a backup creates its own DCBF. If you run an object or media copy also
a new DCBF file is made for each of the newly created media’s. If you run an object consolidation
session also new DCBF are created for the medium that contains the consolidated data. If a backup
appends to a medium the belonging DCBF is appended as well. If a media is overwritten, first the
belonging DCBF gets deleted and a new DCBF with the same Medium-ID but different encoded time
stamp suffix get created.
The name of the DCBF consists of the medium-id of the media that contains the backed up data and
an encoded timestamp suffix with .dat extension.

Module 14
Internal Database
A typical name of a DCBF is 0900000a_531067eb_0874_003c_426A1053.dat
In order to identify the Data Protector Medium-ID from a DCBF name do the following:
• Replace the character “_” by a “:”

• Delete the 5th block (encoded timestamp) together with “.dat” extension.
Afterwards run
CLI omnimm –media_info -detail
Example:
Name of the DCBF: 0900000a_531067eb_0874_003c_426A1053.dat

Extracted Medium-ID: 0900000a:531067eb:0874:003c
CLI command to query media:

/opt/omni/bin/omnimm -media_info 0900000a:531067eb:0874:003c
Medium Label Medium ID Pool

================================================================
ita030_filelib_idb 0900000a:531067eb:0874:003c ita030_filelib_idb
The command return medium label and pool. With that

information it is possible to query for more information
using the DP GUI :
Devices and Media – Expand Media – Expand Pools
Expand the listed Pool and locate the medium within the pool.
Note: DCBF should not be manually created/modified/deleted. DCBF and DCBF directories
are linked into the CDB part and external manipulation will result in a corrupted
database. Use the appropriate IDB management tools (GUI/CLI) to maintain these
files and directories.

Module 14
Internal Database
14-11. SLIDE: Architecture 5/7 – Session Message Binary Files
Architecture 5/7
Session Messages Binary Files (SMBF)
The Session Messages Binary Files :
• store session messages in a binary format that

are generated during any Data Protector session
• are read by DBSM process and shown in DP GUI

(in Monitor window or in Internal Database-Session section)
• are created as file for each single Data Protector session

(Session ID is used as filename)
• are grouped by year and month in the filesystem
Architecture 5/7 – Session Message Binary Files
The Session Messages Binary Files (SMBF):
• are grouped by year and month in the filesystem

• are created as file for each single Data Protector session (Session ID is used as filename)
• store session messages in a binary format that are generated during any Data Protector
session
• are read by DBSM process and shown in DP GUI (in
Monitor window or in Internal Database-Session
section)
All DP session messages are stored within the SMBF in

the filesystem, grouped by year and month.
The default location of the SMBF is:
UNIX : DP_IDB/msg
Windows : DP_IDB\msg
The SMBF’s contain only messages codes, timestamps and system details, which supports localized
output of session messages on DP clients based on their Localization setting.

Module 14
Internal Database
14-12. SLIDE: Architecture 6/7 – Serverless Integration Binary Files
Architecture 6/7
Serverless Integration Binary Files (SIBF)
The Serverless Integration Binary Files :
• store metadata about each NDMP backup sessions
• are required to perform restore of NDMP objects
Architecture 6/7 – Serverless Integration Binary Files
Serverless Integration Binary Files (SIBF):
• store metadata about each NDMP backup sessions

• are required to perform restore of NDMP objects
NDMP backups require a special NDMP Media Agent (MA) , because the format of the data on the
media is actually following the NDMP standards and not the DP tape definitions, e.g. the catalog
information on a NDMP media is actually stored at the end of a media and not in the regular catalog
segments.
Catalog information in the IDB is handled in the same way like for normal filesystem backups.
For a successful NDMP backup or restore certain environment variables need to set to support
specific NDMP devices or activate filer specific functions. For details about these environment
settings consult the documentation of the configured NDMP filer.
Within DP these environment parameters can be entered in the NDMP environment window with
the DP GUI as shown below.

Module 14
Internal Database
NDMP environment variables
These environment settings are stored into the SIBF during the backup. The SIBF are located on the
Cell Manager under:
UNIX : DP_IDB/meta
Windows : DP_IDB\meta
Below an example for a SIBF file
Example:
TAPE_NAME netapp1
FILESYSTEM /vol/imtic_bbn_vol1
SMTAPE_DELETE_SNAPSHOT N
SMTAPE_ALL_SNAPSHOTS N
SMTAPE_MODE DR UPDATE Y
SMTAPE_BREAK_MIRROR Y
NDMP_VERSION 4 HIST Y
TYPE smtape
SMTAPE_NO_DISK_WRITE N
DEBUG N
LEVEL 0
These environment variables are required for NDMP restore as well and will be automatically read
and applied from the depending SIBF at restore time.

Module 14
Internal Database
14-13. SLIDE: Architecture 7/7 – Encryption Keystore
Architecture 7/7
Encryption Keystore
The Encryption Keystore :
• is the central store for all created encryption keys

(manually or automatically generated)
• keeps key identifiers used for Data Protector managed

hard- and software encryption of backed up objects
• contains a database that tracks the mapping

between encrypted object version and key identifier, in case
of hardware encryption it contains the mapping between
Object Version and Medium-ID
• DP CLI based administration only

Architecture 7/7 – Encryption Keystore
Encryption Keystore:
• is the central store for all created encryption keys

(manually or automatically generated)
• keeps key identifiers used for Data Protector managed
hard- and software encryption of backed up objects
• contains a database that tracks the mapping
between encrypted object version and key identifier, in case
of hardware encryption it contains the mapping between
object version and medium-id
• provides DP CLI based administration only
Data Protector is currently supporting software (AES-256-bit) encryption and drive based
encryption. All automated or manually created keys are centrally stored on in the IDB keystore.
Theses keys will also be used for object copy, object verification and restore sessions of encrypted
objects. In the case of software encryption, the key identifiers (each consisting of a KeyID and a
StoreID) are mapped to the encrypted object versions.
This mapping is stored in the CDB. It is required because different objects in a backup medium can
result from different backups or clients and therefore can have different software encryption keys.

Module 14
Internal Database
In case of hardware encryption, Data Protector activates the feature on the backup device and
managed the keys. The key identifiers are mapped to medium ID and these mappings are stored in
a keystore catalog file (not related to CDB).
This file contains the information required to allow an encrypted medium to be exported to another
cell. Refer to omnikeytool in the OLH to learn how to export keys to a csv file and how to import it.
Keystore location
The keystore is located in the following directory:
UNIX : DP_IDB/keystore
Windows : DP_IDB\keystore
Keystore catalog file location:
UNIX : DP_IDB/keystore/catalog
Windows : DP_IDB\keystore\catalog
Note: Currently Encryption Key Management (Encryption key creation, activation,

deactivation and key removal) is only possible from DP CLI via omnikeytool, there is
currently no DP GUI support available.

Module 14
Internal Database
14-14. SLIDE: IDB Directory structure
IDB directory structure
Note: IDB Directories required for storing ZDB/IR information are not shown here
IDB Directory structure
The slide shows the full IDB directory structure. All the IDB components that were discussed in the
previous slides are listed here. In addition it illustrates, which of the IDB components are stored
within the PostgreSQL database:
DP_IDB\idb
• Location of the CDB and MMDB
DP_IDB\jce
• Job Control Engine, used by Advanced Scheduler and Application server
DP_IDB\pg
• Location of the PostgreSQL system database, IDB configuration files
and Transaction Logs
and which components are stored in the filesystem:
DP_IDB\dcbf
• (default) location of the DCBF (can be modified via DP GUI or CLI)
DP_IDB\meta
• location of the SIBF

Module 14
Internal Database
DP_IDB\msg
• location of the SMBF
DP_IDB\keystore
• location of the Encryption keystore
As mentioned on the slide the directories for Zero Downtime Backup (ZDB) and Instant Recovery
(IR) are not shown in the Directory structure. Under the db80\ directory there are directories like
smisdb, vssdb or xpdb, which contain configuration information about specific DP supported disk
arrays integrations or ZDB/IR related data about created and kept replica volumes, which will not
explained in this module.
Other important files or directories under db80
IDB Offline Restore Log file

In case the IDB got corrupted and cannot be used anymore an IDB offline restore need to be
performed. All information about the last performed IDB backup (including full restore chain in case
of incremental backups) are logged into the obrindex.log file. The default location of that file is:
UNIX : DP_IDB/logfiles/rlog
Windows : DP_IDB\ logfiles\rlog
See the IDB Offline Restore chapter in this module for more information.
PostgreSQL configuration files

All configuration files for the embedded PostgreSQL DB are stored within the directory of the
System Database:
UNIX : DP_IDB/pg
Windows : DP_IDB\ pg
Important configuration files are:

• postgres.conf PostgreSQL startup file
• pg_hba_conf Access control file for the IDB
For daily operations it is not required to perform any modification within these files. Wrong entries
could have significant impact on the stability of the IDB, so apply changes only if HP support
instruct you to do so in case of an IDB issue.
The only exception is a MMDB merge into a CMMDB. In this situation the pg_hba_conf file needs to
allow access from the CMMDB server. See OLH for details.

Module 14
Internal Database
IDB Logfiles
In case of IDB issues it might be required to check the PostgreSQL logfiles for more information.
These PostgreSQL logfiles are located under:
UNIX : DP_IDB/pg/pg_log
Windows : DP_IDB\ pg\pg_log
IDB Transaction Logs

The used PostgreSQL database is writing transaction logs, which track all the performed changes
on the database files in order to undo operations or perform recovery operations to a specified
Point in Time in case of an IDB restore. These transaction logs are stored under:
UNIX : DP_IDB/pg/pg_xlog
Windows : DP_IDB\ pg\pg_xlog
As a default backed up transaction logs are truncated after backup. But this option can be switched
off, so transactions logs can be archived and kept for some time on disk to allow more complex
backup scenarios. In addition it will allow faster recovery, if archive logs are still available on disk
and can be used for recovery. The archived transaction logs are stored under:
UNIX : DP_IDB/pg/pg_xlog_archive
Windows : DP_IDB\ pg\pg_xlog_archive
Any next performed IDB backup with truncation option enabled will empty this archive folder after
backup completed successfully.
Reportdb
In addition there is a directory named reportdb, which was not covered in the previous chapter. This
folder is stores information about performed restore sessions that can be used to build up specific
statistics on restores.
The feature is not available as a default. For activation of restore tracking or reporting the
undocumented global parameter EnableRestoreReportStats need to be set to “1”. The reports can
be generated by the following DP command:
CLI omnirpt -report single_session -restore_session -session <session id>

Module 14
Internal Database
14-15. SLIDE: IDB related Data Protector Services
IDB related Data Protector Services
IDB Service
• name: hpdp-idb
• default port: 7112
• The IDB Service is the service account for the PostgreSQL database, so it starts and stops
the PostgreSQL server
IDB Connection Pooler
• name: hpdp-idb-cp
• The IDB Connection Pooler controls the IDB access. All Data Protector processes, who
want to write into or read from the IDB, e.g. all Session Managers, are connecting to the
IDB Connection Pooler to get a server connection to IDB assigned
Application Server
• name: hpdp-as
• The JBOSS Application Server provides web services for Data Protector components. It is
using the secure certificated based https protocol for communication
IDB related Data Protector Services
Introduced by Data Protector version 8.00 the proper function of the Internal Database requires
three Data Protector services to run:
• IDB Services hpdp-idb
• IDB Connection Pooler hpdp-idb-cp
• Application Server hpdp-as
IDB service – The service starts and stops the internal database
Default port number: 7112
Usually this service is accessed locally by processes on the Cell Manager system. Only while
information is transferred from the IDB on the CM to a central MoM Server, this port is accessed
remotely, for example when merging the MMDB to a central MOM Server MMDB database. (i.e. while
the administrative commands omnidbutil -mergemmdb or -cdbsync are executed to merge or
sync mmdb data from the IDB to a cmmdb on a Mom server.) During execution of these commands
this port needs to be open in a firewall for access by the processes running on the MoM Server
system.

Module 14
Internal Database
IDB Connection Pooler – The Internal Database Connection Pool service controls connections to the
Data Protector Internal Database:
Any Session Manager, who need to write information into the IDB or query the IDB for information
cannot connect to the IDB directly. The IDB Connection Pooler manages the access and ensures,
that all IDB access requests will be served and no request will get lost or time out, even under
heavy load. Only local processes on the CM access this service. There is no need to open this port in
a firewall configuration for external access.
Application Server – The Application Server service provides web services for components used by
Data Protector
Dedicated Data Protector components like the DP GUI based output filtering or the Advanced
Scheduler with priority based scheduling are powered by a JBOSS Application Server, that is running
on the DP Cell Manager.
All communication is using the secure https protocol. To allow GUI clients to connect to this port, it
has to be opened for external access in a firewall configuration.
All listed IDB services are started automatically during system boot and can be managed together
with the other Data Protector services via omnisv –start/stop/status

Module 14
Internal Database
14-16. SLIDE: Internal Database Size Limits
Internal Database Size Limits
DCBF • Stores up to 1 Trillion (1012) filenames with metadata

• Default 5 DCBF directory (max. 100 DCBF directories)
number of DCBF files and • Default 200 GB size limit per directory (maximum size limited
DCBF directories limited by FS limitations)
size of DCBF files and DCBF • Default 100,000 files per directory (max 500 000)
directories limited by OS
• Stores up to 100 Million (108) sessions

• Allows a maximum of 99 999 sessions a day
CDB • Default limitation of 100 concurrent running backup sessions
CDB size is limited by OS, (max 1000 possible)
number of Objects, Object versions • Stores 1 Million Backup Objects
and sessions limited
• 50 Million Backup Object versions
• Keeps up to 1 Billion (109) media positions
MMDB
MMDB size is limited by OS • 50 Million backup media
number of media limited • 200,000 backup media within one media pool
Internal Database Size Limits
With the evolution of Data Protector more and more IDB limits went away. So the majority of IDB
components can grow up unlimited, just limited by the underlying Operation System.
But limits still exists and have to be considered during DP Cell layout planning. While some of the
documented limits are just soft limits to guarantee a proper function of the IDB there are also limits
which cannot be exceeded at any time. Therefore it is suggested operating always within these
documented limitations to prevent IDB problems like performance issues or IDB corruption.
MMDB Limitations
The following limitations apply for the MMDB part:
• maximum number of media within one media pool: 200.000

• overall number of medias stored in IDB: 50 000.000
• maximum number of configured devices: unlimited
• maximum number of configured libraries: 1000
• maximum size of the MMDB: unlimited

Module 14
Internal Database
Typically MMDB part is very small in size compared to CDB and DCBF.
CDB Limitations
The following limitations apply for the CDB part:
• overall number of sessions stored in IDB: 100.000.000

• theoretical maximum number of sessions per day: 99.999
• parallel backup session in one DP Cell: 1000
• maximum number of Objects: 1.000.000
• maximum number of Object versions: 50.000.000
• maximum number of Media Positions: 1.000.000.000
DCBF Limitations
The DCBF part is the biggest part of the IDB. The following limitations apply:
• maximum number of file names: 1.000.000.000.000

• maximum number of DCBF directories: 100
• maximum size of one DCBF directory: limited by OS/filesystem
• maximum size of one DCBF file: limited by OS/filesystem
• maximum number of DCBF files in one
DCBF directory: 500.000
There a nearly no size limitations for DCBF anymore, so overall DCBF sizes of more than 1TB are
possible and supported and need to be considered in DP Cell Manager system sizing calculations.

Module 14
Internal Database
14-17. SLIDE: Administration tasks
Administration Tasks
Typical IDB tasks
Manage IDB grow
IDB Maintenance
Configure and run IDB backups
Configure and run IDB reports
Administration tasks
In general DP IDB is implemented as embedded database with processes in place to monitor health
and perform automated daily maintenance operations.
But there are still administration tasks the DP administrator needs to perform on a regular base.
In the following chapters we will explain these typical administration tasks:
• Manage IDB Grow

• IDB Maintenance
• Configure and run IDB backups
• Configure and run IDB reports

Module 14
Internal Database
14-18. SLIDE: Manage IDB grow 1/2
Manage IDB Grow 1/2

Add/Modify DCBF Directory
Detail Catalog Binary File
CLI: omnidbutil -add_dcdir Pathname [ -maxsize Size_MB ] …

omnidbutil -modify_dcdir Pathname [ -maxsize Size_MB ] …
Manage IDB grow 1/2
During DP Cell Manager installation 5 DCBF directory with an overall maximum size of 1TB are
created. Normally there should be no immediate need for the creation of new DCBF directories.
In order to get prepared for future grow it might be recommended to create more DCBF directories.
How to create or modify DCBF directories?
• via DP GUI
Open DP GUI and switch to “Internal Database” section. Expand “Usage” , right click on
“Detail Catalog Binary File” and select “Add Detail Catalog Directory ..”

Module 14
Internal Database
In the new window select the Allocation sequence (defines in which order DCBF directories are
used) select the path (need to differ from any exiting DCBF directory), select the maximum DCBF
directory size, the maximum number of DCBF within the DCBF directory and at which size a “low
space” notification should be send out. If the specified low space is hit the IDB switches to “No Log”
mode. At the end click on “Finish”.
Note: The Low Space limit for each DCBF directory is consolidated and this value is checked, so in
case of 5 DCBF with a Low Space limit of 2GB, overall 10GB free space is required on the IDB
partition. It is possible to modify the limit for existing DCBF directories as shown below.
In case of a modification of an existing DCBF is required just double click on the listed DCBF
directory in the “Detail Catalog Binary File” window and modify the parameters like “Maximum
Size” or “Low Space”.
Modify DCBF via DP CLI
On the Cell Manager system run the following command:

- For adding a DCBF directory:
CLI omnidbutil -add_dcdir Pathname [ -maxsize <size_MB> ]
[-maxfiles <number of files>] [ -spacelow <size_MB> ]
[ -seq <sequence number>]
- For DCBF directory modification:

CLI omnidbutil --modify_dcdir Pathname [ -maxsize <size_MB> ]
[-maxfiles <number of files>] [ -spacelow <size_MB> ]
[ -seq <sequence number>]
Query DCBF status from GUI
“Internal Database” section “Usage”  “Detail Catalog Binary Files”
Query DCBF status from CLI
CLI omnidbutil -list_dcdirs

Module 14
Internal Database
14-19. SLIDE: Manage IDB grow 2/2
Manage IDB Grow 2/2

IDB Grow factors
1. Logging Level
2. Catalog Protection
Note:
In DP versions before 8.00 the missing execution of offline IDB Maintenance jobs was another important
IDB grow factor. These offline IDB Maintenance jobs are no longer required with the current used IDB.
Manage IDB grow 2/2
The Internal Database will continue to grow, as more sessions are executed and as more data is
backed up within the cell. Data Protector stores all the details of successful as well as failed
sessions for a later restore query or reporting.
The major contributors to the growth and size of the Internal Database are:
• Logging Level
• Catalog protection
• Growing Backup environment
Logging Level
The number of files and directories backed up and the level of details held in the
database to describe them.
The following catalog logging levels exist:

• Log None
no information about backed up data is logged to the IDB
• Log All (default)
all details about backed up data is logged to the IDB, single file browsing and restore is
possible

Module 14
Internal Database
• Log File
all details beside file attributes are stored in IDB, single file browsing and restore is
possible
• Log Directory
only directory details are stored in IDB, no file browsing possible, only directories listed
The most significant influence on the growth of the IDB is the addition of new clients and new files,
as well as the amount of detail logged for each. During the initial configuration of the Data
Protector cell, the growth and dynamics of the data will be very high. Over time, however the
dynamics may average around 3%-5% per client. The selection of “Log File” or “Log Directory” will
prevent the unnecessary storage of file version information for dynamic files. The files will be
recoverable from tape, but their details will not need to be stored in the database, as they are
unlikely to be requested individually. Typically restore by object, or restore by directory is used to
put back the files onto the system.
Catalog protection
Defines, how long detail information about backed up data is to be kept in the database
(default is permanent protection)
Data Protector allows you to set protection for data backed up and backup catalog
information independently. This allows the physical data protection of backup objects on media to
be different from the related catalog information for the same objects stored in the Internal
Database. Setting the catalog retention time to a period lower than the physical protection time
can be useful. For example, if media is required to be kept for a long time span, but realistically, will
not be required for restore (archives, etc), the catalog can be kept for only one month, while the
data on tape is protected for 3 years.
If the catalog protection is set equal to that of the media protection, then the IDB will continue to
grow rapidly. Setting catalog protection to a higher value than data protection is possible, but
makes no sense, because catalog data is removed from IDB regardless of set catalog protection if
data protection expires and tape is overwritten. If tape is overwritten with new data, IDB stores the
new catalog data only and does not keep any obsolete catalog data about used media.

Module 14
Internal Database
14-20. SLIDE: IDB Maintenance 1/3
IDB Maintenance 1/3

DP IDB requires maintenance to ensure proper
function of all DP processes. IDB
There are two types of maintenance:
Automated IDB Maintenance

• IDB Maintenance is executed automatically every day by Data Protector as
part of the Daily Maintenance. Together with Daily Maintenance a set of
checks are performed in the Daily Health Check, including several IDB checks
Manual IDB Maintenance

• IDB Maintenance tasks that requires special attention, like running out of
disk space. Ensure to have DP notifications and reports configured to receive
the information, which IDB maintenance task should be performed.
IDB Maintenance 1/3
The Data Protector Internal Database requires maintenance to ensure the proper function of all DP
processes. There are two types of maintenance:
• Automated IDB Maintenance

A set of Maintenance tasks, scheduled executed every day by Data Protector in the
background without any impact on running operations
• Manual IDB Maintenance

Special IDB Maintenance tasks that are currently not automated and need to run manually
by the Data Protector administrator
Both maintenance types are explained with more details on the following slides.

Module 14
Internal Database
IDB Maintenance 2/3

Automated IDB Maintenance by Daily Maintenance and Daily Healthcheck
Daily Maintenance
• is running in the background and requires no IDB downtime
• controlled by global parameter DailyMaintenanceTime
• default start time: 12:00PM
• execute a set a purge operations: purge sessions, purge messages ,purge dcbf, purge mpos
• In addition it finds and de-allocates free unprotected media to the belonging free pool
Daily Healthcheck
• performs a list of checks, which will trigger Data Protector notifications
• controlled by global parameter DailyCheckTime
• default start time: 12:30PM
• executed checks: IDB Space Low, IDB Limits, IDB Backup Needed, IDB Reorganization Needed
(only every Monday), Not Enough Free Media, Health Check Failed, User Check Failed,
Unexpected Events, License Warning, License Will Expire,
• By default any triggered notification is send to the Data Protector Event Log
Note:
In DP8.00 and higher versions IDB downtime for maintenance operations like Filename Purge or IDB Export/Import is
21no©longer required
Copyright 2014 like it
Hewlett-Packard was in Company,
Development previous DPinformation
L.P. The versions. Allherein
contained maintenance operations
is subject to change without notice. can be performed while IDB is online.
IDB Maintenance 2/3
Automated IDB Maintenance by Daily Maintenance and Daily Healthcheck
Daily Maintenance
Daily Maintenance is running in the background and requires no IDB downtime. It is controlled by
global parameter DailyMaintenanceTime:
# DailyMaintenanceTime=HH:MM
# default: 12:00 (HH:MM)
# This option is used for starting daily maintenance tasks at
# first omnitrig run after the specified time each day. Valid
# values are hour:minute, using the twenty-four hour clock notation.
As listed the default Start Time is 12.00PM .During Daily Maintenance a set of purge operations are
executed, which typically last a few seconds. Mainly obsolete DCBF and SMBF files are removed for
media with expired protection.
The following components get purged at daily maintenance:

• -sessions
• -messages

Module 14
Internal Database
• -dcbf
• -mpos
•
by executing the CLI command:
CLI omnidbutil –purge <component>
The data that is removed by “-sessions” command is determined by the setting of the
KeepObsoleteSessions global variable, the data cleaned up by “-messages” command by the
KeepMessages global variable, and the purged records of the “-mpos” command are identified by
the QuickMediaFormat global variable.
In addition Daily Maintenance identified free unprotected media and de-allocates these media into
the belonging free pools. The CLI command is:
CLI omnidbutil –free_pool_update
For details, see the omnidbutil man page or the HP Data Protector Command Line Interface
Reference.
Daily Healthcheck
By default, Data Protector starts a check for a set of notifications once a day. Any triggered
notification is sent by default to the Data Protector Event Log, It is controlled by global parameter
DailyCheckTime:
# DailyCheckTime=HH:MM
# default: 12:30 (HH:MM)
# This option is used for starting daily checks at first
# omnitrig run after the specified time each day. Valid values
# are hour:minute, using the twenty-four hour clock notation
# Specifying 'None' disables starting daily checks.
The following checks are performed:

• IDB Space Low
• IDB Limits
• IDB Backup Needed
• IDB Reorganization Needed (executed only every Monday)
• Not Enough Free Media
• Health Check Failed
• User Check Failed (if configured)
• Unexpected Events
• License Warning
• License Will Expire
Note If you want to switch off Daily Maintenance or Daily Health check enter “none”
instead of a HH:MM.

Module 14
Internal Database
IDB Maintenance 3/3

The following situation Notification name Action
requires manual
maintenance
The IDB is running out of The IDB Space • Check for free disk space on the IDB
space Low notification partition
• Extend the DCBF Directory size
• Reduce the IDB Growth by tuning the
Logging level
• Reduce the IDB Current Size by
changing the Catalog Protection
The IDB does not work The IDB • Check the IDB Consistency
properly—might be Corrupted (omnidbcheck <-extended>)
corrupted notification • See OLH or contact HP Support for
information how to fix the corruption
IDB Maintenance 3/3
While the majority of the IDB maintenance tasks in Data Protector are automated there are still
tasks that require manual maintenance.
Two of those manual maintenance task are listed as an example on the slide with the notification
name and the required action:
• The IDB is running out of Disk Space

• The IDB does not work properly and might be corrupted
More information about possible IDB related Notification messages and how to resolve these
issues are listed in the Data Protector OLH (“Notification Types - Events that Trigger Notifications”).

Module 14
Internal Database
14-23. SLIDE: Maintenance Mode 1/2
Maintenance Mode 1/2

Purpose:
Special Data Protector cell maintenance tasks like a Cell Manager Patch installation or
fixing IDB corruption requires a running Data Protector environment, but beside the
maintenance activities no other tasks like backups or IDB queries should run.
This special mode is called Maintenance Mode
How to start and stop the Maintenance Mode:

Start Maintenance Mode: omnisv –maintenance [ GracefulTime | -mom
Stop Maintenance Mode: omnisv –maintenance –stop -mom_stop
Note:
Stopping the Maintenance Mode is also possible from DP GUI:
Clients context– Select Actions from Menu bar – Click on Stop Maintenance Mode
Purpose
Special Data Protector cell maintenance tasks like a Cell Manager Patch installation or fixing IDB
corruption require a running Data Protector environment, but beside the maintenance activities no
other tasks like backups or IDB queries should run. This special mode is called Maintenance Mode
If the Data Protector cell is running in Maintenance mode the Cell Request Service (CRS) is no
longer serving Session Manager startup requests, like the startup of a BSM for a backup or DBSM
for a report or DP GUI based IDB query. Instead the request is rejected, but logged into a special
maintenance.log file for processing after leaving the Maintenance mode.
Example: DP_CONFIG\log\maintenance.log
********************** vm9.dpdom.com **********************
28-Feb-14 9:22:44 AM CRS.10008.3976 ["/cs/mcrs/sessions.c $Rev: 39487 $ $Date:: 2013-10-14 16:26:07":141]
A.08.10 b154
CRS is in maintenance mode - session rejected
session id: R-2014/02/28-1
session type: bsm
session desc: Backup
start date: 2014-02-28 09:22:44
owned by: DPDOM\ADMINISTRATOR pid=0

Module 14
Internal Database
Getting into this single user mode was difficult to achieve in older versions of Data Protector and
required a lot of manual steps up to renaming DP binaries and directories on the Cell Manager to
ensure that no interactive or scheduled job could be started during the planned maintenance time.
How to start the Data Protector Maintenance mode?

On the Cell Manager open a CMD window with administrative rights and run:
CLI omnisv –maintenance [ GracefulTime | -mom
Option “-GracefulTime” allows to specify a timeout window before entering the Maintenance
Mode. Details are explained on the following page. In case of a MoM environment it is possible to
put the whole MoM with all client cells into the DP Maintenance mode by using the “-mom” option.
Example of a Maintenance mode activation:
omnisv -maintenance 20
HP Data Protector is entering maintenance mode

0 seconds left to abortion of all running sessions ...
No sessions to abort!
HP Data Protector will start terminating processes ...

Sending kill signal to DBSM process with PID: 1940
Sending kill signal to DBSM process with PID: 4184
Releasing locked resources (devices, media, VSS/ZDB, ...)
HP Data Protector is now in maintenance mode
The omnisv –status output will change and show that CRS is in Maintenance mode:
omnisv status
ProcName Status [PID]

===============================
crs : Maintenance [1456]
mmd : Active [2164]
kms : Active [2468]
hpdp-idb : Active [1724]
hpdp-idb-cp : Active [1732]
hpdp-as : Active [1468]
omniinet : Active [4908]
Sending of traps disabled.
===============================
Status: All Data Protector processes/services up and running.
How to stop the Data Protector Maintenance mode?

There are several ways to stop the DP Maintenance mode. If the Maintenance Mode was started by
accident and the omnisv command is still running the user can simply press Ctrl+C to abort it.

Module 14
Internal Database
If the Maintenance Mode is active open a CMD window with administrative rights and run:
CLI omnisv –maintenance –stop -mom_stop
In addition it is possible to stop it from the DP GUI:
Change to the Clients

context and select Stop
Maintenance Mode from
the Actions menu

Module 14
Internal Database
14-24. SLIDE: Maintenance Mode 2/2

Entering the Maintenance Mode
Starting Maintenance Mode is not an abrupt
mode switch. In order to allow ongoing sessions
to complete, but prevent new sessions from
start the administrator can configure two time
intervals, either by setting global variables or
via omnisv option:
Graceful Period
• Defined by global variable MaintenanceModeGracefulTime (default: 5min)
• Can be overwritten by omnisv –maintenance <gracefultime>
• No new sessions are allowed to start, but running sessions have predefined time to finish
Shutdown Period
• Defined by global variable MaintenanceModeShutdownTime (default: 5min)
• No omnisv option available
• IDB queries from CLI/GUI still possible
• Running sessions will be aborted and have predefined time to finish before getting cleaned up
Starting Maintenance Mode is not an abrupt mode switch. In order to allow ongoing sessions to
complete, but prevent new sessions from start the transfer into the Maintenance mode takes two
phases:
Phase 1 Graceful Period:

No new sessions are allowed to start, but running sessions have a predefined time to finish
Phase 2 Shutdown Period
IDB queries from the CLI/GUI are still possible, but running sessions will be aborted and have time
to shut down. After the end of Phase 2 all remaining sessions and depending processes will be
killed.
The user will get a [12:1176] error message as shown on the slide, if they try to kick off any session
during Maintenance. As a default entering the Maintenance Mode takes 10 min, but the
administrator can configure both phases by the following two global variables:
# MaintenanceModeGracefulTime=WaitForInMinutes
# default: 5 minutes
# Defines the length of Phase 1 Graceful Period
# MaintenanceModeShutdownTime=WaitForInMinutes
# default: 5 minutes
# Defines the length of Phase 2 Shutdown Period

Module 14
Internal Database
14-25. SLIDE: IDB Backup
IDB Backup
The IDB is a critical component and must be protected, therefore regular
IDB backups are essential! DP IDB backups are full online backups.
Switch to Backup context, right click on “Internal

Database” and select Add backup
Select the “Blank IDB Backup” template, click Next

on the Application Configuration window and select
the DPIDB object in the Source Windows
Special IDB Backup Options:

• Check the Internal Database (default: On)
• Delete backed up archive logs file (default: On)
CLI:
25
omnib –idb_list <name> -barmode <full/incr>
© Copyright 2014 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice.
IDB Backup
The Data Protector IDB is a very critical component and must be protected by regular backups like
your production data. Therefore regular IDB backups need to be performed.
What is backed up by an IDB backup?
• All previously explained IDB components:

MMDB, CDB, DCBF, SIBF, SMBF and the Encryption Keystore.
• Next it backs up the DP Configuration Files from DP_CONFIG, so backup specifications,

scheduler information, DP licenses, the cell_info file, the global and omnirc file and more.
• In addition it includes Auditing and Log files, DP Event Logs and the ZDB/IR databases
The embedded PostgreSQL database is supporting a “Hot backup mode”, which allows to perform
an IDB backup, while other backups/restores are still running, so no downtime is required while IDB
is backed up. Full functionality of Data Protector is available while IDB backup is running.
The Data Protector IDB backup is a separate backup type, so it cannot be mixed with the backup of
any other object. The creation of a separate Internal Database backup specification is required.

Module 14
Internal Database
For creation switch to the Backup context, click on Internal Database, select Add Backup to start
the Backup Specification configuration wizard. In the initial window go with the Blank IDB Backup
template, click Next to see the Application Configuration window. Everything is grayed out, so
nothing to configure for an IDB Backup, hit Next again to get to the Source window.
Only one object is shown under Source, an

DPIDB object for the current Cell manager
system, which cannot be expanded, no IDB
component can be deselected.
Select the Backup devices in the next window. It is recommended to configure a separate pool for
IDB backups to keep these media separated from other media for easy access in case of an IDB
issue.
Select the regular backup options like Data and Catalog Protection or Encryption.
Under Application Specific Options it is possible to enter

pre/post exec scripts for execution right before or right after
the IDB backup.
In addition it is possible to configure an IDB consistency check before the IDB is backed up. If this
check will find any issues with the IDB the session will be aborted. The executed command is:
CLI omnidbcheck -quick
A good rule is to backup the IDB twice, with and without check. In case, any IDB corruption is found
it is better to have at least a backup from the (corrupted) IDB, which might be restored and fixed
than having no backup at all.

Module 14
Internal Database
A second IDB Backup option triggers the truncation of backed up IDB Transaction log files.
Let’s have a deeper look on the IDB Transaction log handling to understand this option.
The PostgreSQL Transaction logs are stored in the folder:

DP_IDB\pg\pg_xlog
These logs are Write Ahead Logs, so logs are written before committed to the database. Data
Protector backs up these logs and deletes them. In addition it updated some metafiles to track,
which is the log from the last full backup (*.backup file) and what are the last 3 backed up log files
under: DP_IDB\pg\pg_xlog\archive_status
Transaction logs can be archived automatically, so a copy of each transaction log is available
under: DP_IDB\pg\pg_xlog_archive
Back to the IDB Backup options:

If option Delete backed up archive log files is checked all transaction log files from the above
mentioned pg_xlog_archive folder gets deleted after backup. Remember, the transactions logs
from pg_xlog are deleted in any case.
Note: Both explained IDB Backup options are checked by default
To start an IDB backup from the CLI use:
CLI: omnib –idb_list <backup specification> -barmode <full/incr>

Module 14
Internal Database
14-26. SLIDE: IDB Backup objects
IDB Backup objects

The IDB backup creates six different IDB objects to track all information about
the backed up IDB components within the IDB
1. DP Configuration Files: All files under DP_CONFIG

2. DatabaseLogs: PostgreSQL Archive logs
3. DatabaseFiles: PostgreSQL database files
4. SMBFs: Session Messages Binary Files
5. DCBFs: Detail Catalog Binary Files
6. DPSPECs: Specific IDB files (SIBF, Auditing files, DP Event Logs, Keystore DB, ..)
Note:
Depending on the available overall
device concurrency all IDB objects are
backed up in multiple streams (:0,:1,
…n) beside ConfigurationFiles
IDB Backup objects
During an IDB backup a minimum of 6 different Backup Objects are created:

DP Configuration Files:
It contains all configuration files from the DP_CONFIG folder, like backup specifications,
scheduler data, DP Licenses, including global and omnirc file
DatabaseLogs:
This object contains all backed up PostgreSQL Archive logs from pg_xlog folder
DatabaseFiles:
This object keeps all datafiles from DP_IDB\pg, DP_IDB\pg jce and DP_IDB\pg idb folder
SMBFs:
This object keeps the Session Messages Binary Files from the DP_IDB\msg folder
DCBFs:
The biggest object keeps all Detail Catalog Binary Files
DPSPECs:
This object keeps the Specific IDB files like the SIBF, Auditing files, DP Event Logs…
Depending on the overall available backup device concurrency all objects beside the Configuration
Files are backed up in multiple backup streams.
Example: In case two File Library writer are used, each having a concurrency of 3, an overall
concurrency of 6 is available. So each object is backed up in 6 parallel streams, seen by the :0, 1, 2,
3, 4, 5 suffix on each object, e.g. vm9.dpdom.com:DPSPECs:0, … vm9.dpdom.com:DPSPECs:5

Module 14
Internal Database
14-27. SLIDE: IDB Incremental Backups
IDB Incremental Backup

Incremental IDB backup
During an incremental backup of the DP Internal Database:
1. Configuration Files: full backup performed
2. DatabaseLogs: new PostgreSQL Archive logs backed up
3. DatabaseFiles: excluded from backup
4. SMBFs: incremental backup performed
5. DCBFs: incremental backup performed
6. DPSPECs: full backup performed
IDB Incremental Backups
The DP IDB can grow up to much more than 100GB in size, so an incremental backup might be
recommended for the everyday backup and a full backup just as weekly backup.
What is the difference?

• DatabaseFiles are not backed up at all, only the logs
• DatabaseLogs are backed up, but only the new logs, compared to the last full or incr.
backup
• Configuration Files are backed up like during a full backup performed, no difference
• SMBFs are backed up, but only the new session messages compared to the last full/incr
• DCBFs are backed up, but only the new DCBF compared to the last full/inc
• DPSPECs are backed up, but a full backup is performed
As mentioned DCBF are forming the biggest portion in the IDB. So backing up just the changes
makes a big difference than backing up 100GB or more in every backup.
During an offline or online IDB restore always the full backup chain is restored, even during Disaster
Recovery.
Note: Object Consolidation is not supported for IDB backups

Module 14
Internal Database
14-28. SLIDE: IDB Restore - Overview
IDB Restore - Overview

The Data Protector IDB can be restored using 3 different ways:
omniofflr -idb -autorecover -session 2014/03/03-34 –force
[Normal] From: OMNIOFFLR@vm1 "Offline Restore" Time: 3/3/2014 4:41:19

PM
Opening obrindex.dat:
C:\ProgramData\OmniBack\server\db80\logfiles\rlog\obrindex.dat ->
FAILED
C:\Data\obrindex.dat -> SUCCEEDED
…
[Normal] From: OMNIOFFLR@vm1 "Offline Restore" Time: 3/3/2014 4:46:54

PM
1) GUI based Online Restore Starting Data Protector services.
HP Data Protector services successfully started.
2) CLI based Offline Restore
3) IDB Offline Restore as part of the Cell Manager Disaster Recovery
IDB Restore – Overview
How to restore an IDB backup?
The slide shows the three possible ways to restore an IDB backup. All these ways are explained
with more details on the following pages.

Module 14
Internal Database
14-29. SLIDE: IDB Online Restore 1/4
IDB Online Restore 1/4

Internal Database tab
•Specify Restore Port used for IDB Recovery only

( Default: 7114)
1.
•IDB Restore will never overwrite existing IDB,

1 2. so new IDB location required
2 •Trigger IDB recovery

(Default: Yes)
3.
3
•Use Restored IDB as new IDB
(Default: Yes)*
4.
4
5
•Restore DCBF
(Default: Yes)
5.
6
•Restore to original or other location
(Default: other – type in the new location)
7 6.
•Restore to latest possible state or restore to a point in time

(Default: Latest possible state)
7.
*… IDB directories db80\pg, idb and jce will be replaced

by specified restore location after restore
The IDB Online Restore can be performed like any other restore by using the DP GUI. It is possible to
restore all IDB components within one restore session, online by using the GUI.
Switch to the Restore context, expand

Internal Database, click on your Cell
Manager system and mark Internal
Database to see the IDB Online
Restore wizard that will guide you
through the restore.
There are two Restore “Source” pages as show on the screenshot:

• Configuration Files
The Internal Database window let you configure the restore of all IDB components, besides the
Configuration Files. Configuration Files are backed up as part of the IDB backup, but do not actually
belong to the IDB, so they are kept separate here.

Module 14
Internal Database
In order to configure an IDB Online Restore perform the following steps:
1. Ensure that Restore Internal Database is checked (Default: Yes) and specify a Restore port
used for IDB Recovery only (Default: 7114). This port is reserved for “Production” restores
only, so in case you do not want to use this IDB later as new IDB (see point 4) you need to
specify another port than 7114. The restored IDB will continue to use the ports 7112, 7113
and 7116, so as mentioned this port is used for IDB recovery only.
2. The IDB Restore cannot overwrite the existing running IDB, so restore need to run into a
new location. Please specify this location here, but be careful – this location might be used
later as location for the new IDB (see point 4), so c:\temp might not be the adequate place
for this new location. All PostgreSQL databases (pg, idb and jce) will be restored into this
location. It is possible to specify another mount point or drive letter, but as mentioned only
PostgreSQL databases are restored into this location.
3. Before IDB can be started it needs to be recovered. Trigger IDB recovery here (Default: Yes)
4. Here decision need to be made, if restored IDB should become the new IDB. If this option is
checked (Default: Yes) the currently running IDB will be shut down after restore and the
restored database will be used. So ensure that specified location meets the requirements.
The PostgreSQL configuration file will be automatically updated to reflect this new
location.
Note: Restore Internal Database will restore PostgreSQL datafiles and logfiles,
SMBF and all data that belongs to the DPSECs object (e.g. SIBF, DP Event Logs, ..)
5. The DCBF can be restored together with the other IDB parts. (Default: Yes)
6. DCBF Restore can be performed into the original or another location

(Default: other – type in the new location).
Note: DCBF location is NOT updated in the IDB, if a restore to a new location is specified.
Ensure that DCBF are still available in their ORIGINAL location after restore or
modify the DCBF locations by using omnidbutil
7. At the end it is possible to specify the Restore Point in Time. (Default: Latest possible
state). Based on this selection DP will decide, which IDB backup session will be restored.
Important: An IDB Online Restore requires temporary twice system resources and disk space.
Depending on the restored components and options it could be very demanding
(especially in case of a DCBF restore into a new location).

Module 14
Internal Database

Configuration Files tab
1
•Include configuration file restore in IDB restore
( Default: Yes)
1.
2
•Use the same IDB Backup as used for the Database restore
or specify manually the IDB backup to restore (Default:
2. same)
3
•If required deselect directories and folders
(Default: all components selected)
3.
•Restore to original or new location (default: original)

4.
•Configure handling if a file to restore already exist

4 (Default: Keep most recent)
5.
The restore of the Configuration Files can be performed together with the IDB restore or without
the IDB part. Even in case of a combined restore a separate backup session can be selected for the
Configuration File restore.
1. First decide if configuration files should be restored together with the IDB restore
( Default: Yes)
2. Next select the IDB Backup session you want to restore, Either use the same session like
used for the IDB restore or specify manually the IDB backup session to restore
(Default: same like IDB restore)
3. Configuration file restore is a filesystem restore, so similar to a filesystem restore it is

possible to deselect directories and folders
(Default: all components selected)
4. It is possible to select a new location for the restore (default: original). Similar to the
restore of other IDB components DP will not update any internal pointer, if a new directory
is specified, so new IDB still expects the configuration files in the original location.

Module 14
Internal Database
5. Restored files and directories might already exist in the restored location. Similar to a
normal filesystem restore specify how DP should handle this situation
(Default: Keep most recent)
Now you could start the restore by clicking on Restore or check the other tabs, options, media and
devices tab for restore tuning.
Under Options it is possible to enter Pre/Post exec commands.
For Media and Device tab features see Module 10 Restore

Module 14
Internal Database

IDB Restore Granularity
• It is possible to restore all 6 IDB backup objects within one

restore session
• DP GUI based restore allows separate restores of the below
shown components or any combination of those components
IDB Restore Component1

• PostgreSQL Datafiles
• PostgreSQL Logfiles
• DPSPECs
• SMBF
Component2 Component3
• Detail Catalog Binary Files • Configuration Files
IDB Restore Granularity
It is possible to restore all 6 IDB backup objects within one restore session.
If you want to restore only part of the IDB, consider the following. The DP GUI based restore allows
only a separate restore of:
• Detail Catalog Binary Files

• Configuration Files
The other IDB components can only be restored together under Restore Internal Database:
• PostgreSQL Datafiles
• PostgreSQL Logfiles
• DPSPECs
• SMBF

Module 14
Internal Database

Usage of specified IDB Restore Locations
New
• It is required or PostgreSQL
location
Old db80\pg, idb and jce
optional to specify a Datafiles are save to delete
used
new location for the
restored IDB backup New
PostgreSQL Old db80\pg\pg_xlog is
objects location
Logfiles save to delete
used
• Depending on the
Old Components are restored
module either new DPSPECs location into original db80 folder
location or original used with an added suffix
location is used by
IDB, regardless if new Old Components are restored
location was specified. SMBF location into original db80 folder
used with an added suffix
• If not used the
New
specified location is Detail Catalog
location
Old DCBF directories are
just used as Binary Files save to delete
used
temporary restore
location, not as new Old Configuration Files are
Configuration
IDB location location restored into new location,
Files
used but not used
During an IDB restore it is possible to specify a new location for the restored IDB components.
While the data is restored into these locations it will not automatically becomes part of the
restored and activated IDB.
The slide provides an overview, which restored IDB components are actively used after an IDB
restore and which location is taken.
As shown only the PostgreSQL databases with logs can be restored into a new location and will be
used as new IDB after restore.
All other components will only be restored into the new location, but the new IDB is still expecting
the data in the original directories.
So either copy back the restored data back into the original folder or create links from the old
folder to the new location. DCBF locations can be modified by the omnidbutil –modify_dcdir
command, but such command does not exist for the other IDB components.
Note: Using IDB Online restore it is not possible to fully relocate an IDB.
Only the PostgreSQL DB and all DCBF folder can be relocated by an IDB Online Restore

Module 14
Internal Database
14-33. SLIDE: IDB Offline Restore
IDB Offline Restore

If IDB online restore is not possible or IDB needs to be restored into
the original location, IDB offline restore via omniofflr can be used
Prerequisites
Ensure that file obrindex.dat is available. Configure global variable RecoveryIndexDir to
get a second copy of that file created during IDB backup outside of the db80 folder.
Restore (standard)
• Trial run without restore to check available IDB backups:
omniofflr -idb -autorecover [-session ses-ID] –skiprestore
• Restore:
omniofflr -idb –autorecover [-session ses-ID] –force
Restore (advanced)
• Trial run without restore and output redirect into a file (here parm.txt):
omniofflr -idb -autorecover [-session ses-ID] –skiprestore
–save C:\tmp\parm.txt
• Modify the output file (e.g. change the restore device)
• Start the restore using the modified output file
omniofflr –idb –force –read c:\tmp\parm.txt
IDB Offline Restore
The IDB Online restore requires a running IDB for proper function. If the IDB is not usable anymore
or DP services are down only IDB Offline Restore is possible. The IDB Offline Restore is only
possible from the CLI via omniofflr.
For easy use all required information to perform an IDB Offline Restore are collected during an IDB
backup and stored outside of the IDB into a flat file named obrindex.dat
The default location of that file is:
UNIX : DP_IDB/logfiles/rlog
Windows : DP_IDB\logfiles\rlog
In case of a disk failure that impacts the IDB this file will also be lost. Using the global variable
RecoveryIndexDir it is possible to specify a path that will get a second copy of that file created.

Module 14
Internal Database
# RecoveryIndexDir=FullPathToTheBackupDir
# default: none
# This option sets backup directory for the obrindex.dat file.
# If this directory pathname is writable, the recovery index
# will be created/appended into this directory in addition to
# the default recovery index file.
To perform an offline restore run:
CLI: omniofflr -idb –autorecover [-session ses-ID] –force
It is possible to perform a preview to check if the restore will work:
CLI: omniofflr -idb –autorecover [-session ses-ID] –skiprestore
Note: In case the Media Agent is running locally on the Cell manager no DP service is required to
perform the IDB Offline Restore. In case a LAN restore is performed the DP Inet service need
to up and running on the Cell Manager.
The command omniofflr can be used in various restore scenarios that cannot be discussed here.
Starting point is to start a try run and save the used parameters in an output file:
CLI: omniofflr -idb –autorecover [-session ses-ID] –skiprestore

–save C:\tmp\parm.txt
Now modify the output file (e.g. change the restore device)
Start the restore using the modified output file:
CLI: omniofflr -idb –force –read c:\tmp\parm.txt
Note: There is no omniofflr option to specify the current obrindex.dat location. In case of
problems recreate the original path and copy obrindex.dat into this location.
Option “-read” is only working for the converted obrindex.dat file using the “-save” option.
For more information refer to the OLH or contact HP Support for assistance.

Module 14
Internal Database
14-34. SLIDE: IDB Restore during Disaster Recovery

IDB Restore during Disaster Recovery
• Disaster Recovery of a DP Cell Manager includes the restore and recovery of the IDB.
• Starting with DP8.00 IDB backup is a separate backup and needs to be combined with
a Filesystem backup during DR
Backup
• Both (File system & IDB backup) sessions are needed
for DR image creation
• In case of incremental backups similar to a filesystem restore the full chain is restored
• IDB needs to contain info of an earlier full file system backup
Restore/Recovery
• After file system restore is done, IDB restore sessions starts
• Configuration Files are always restored only once & only from the last session in the
chain
IDB Restore during Disaster Recovery
DR Preparation
For the complete recovery of the Cell Server, all critical objects have to be backed up in order to
insure that the disaster recovery (DR) procedure is valid. This includes a complete file system
backup and an IDB backup. It is important that the session of the IDB backup that is given to the DR
Wizard contains the
session from the earlier
made full file system
backup. It can be an
incremental or full
backup session. In this
way the IDB contains
information about that
restored FS backup.
DR Wizard

Module 14
Internal Database
During Disaster Recovery first the file system is restored (including full and all incrementals)and
next the IDB is restored with all IDB components and again with the full restore chain, so all full and
incremental backups are restored.
IDB components, which are backed up in full mode during an incremental backup, are restored from
the last incremental session only.

Module 14
Internal Database
14-35. SLIDE: IDB reports
IDB Reports
CLI: omnirpt –report db_size
IDB reports
Data Protector supports the creation of an IDB Size Report.
The IDB Size Report provides a detailed overview about with current size and the maximum limit for
all IDB components:
• Media Management database,

• Catalog database,
• PostgreSQL Archived Log files,
• PostgreSQL Datafiles,
• current and maximum size of all DCBF directories,
• SIBF and SMBF.
It is possible to add this IDB Size Report to a

Reporting Group and schedule it for automated
execution. All supported send methods e.g. email
or SNMP and output formats e.g. HTMP or ASCII are
supported for IDB reports as well.

Module 14
Internal Database
In addition the report is also

available as Interactive
Report (Reporting – Tasks)
The IDB Size Report can be executed from the CLI via omnirpt:
CLI: omnirpt –report db_size

Module 14
Internal Database
14-36. SLIDE: Notifications

Notifications
IDB related Notifications

Too many successive incremental IDB backups or
insufficiently frequent full IDB backup
• IDB Limits
Reaching the limit of any of the MMDB or CDB parts
• IDB Reorganization Needed

One or more IDB entities need to be reorganized due to
fragmentation or wasted space
• IDB Corrupted
One or more IDB parts are reporting a corruption
• IDB Space Low

Running out of disk space on IDB partition
(PostgreSQl DB+Logs Disk free or DCBF size limit)
Notifications
Data Protector allows the configuration of notifications, which will be send out if the
configured event occurred, like a start of a backup session or a backup failed.
There exist 5 IDB related notifications

Too many successive incremental IDB backups or insufficiently frequent full IDB backup
• IDB Limits
Reaching the limit of any of the MMDB or CDB parts
One or more IDB entities need to be reorganized due to fragmentation or wasted space
• IDB Corrupted
One or more IDB parts are reporting a corruption
• IDB Space Low
Running out of disk space on IDB partition
(PostgreSQl DB+Logs Disk free or DCBF size limit)

Module 14
Internal Database
As a default all IDB notification are sent to the DP Event Log in case an event triggered this
notification. So make sure to check the DP Event Log on a regular base for such events.
It is possible to tune these notifications. Within the DP GUI switch to the Reporting context, expand
Notifications and click on the notification you want to modify. Perform the modification and hit
Apply to save your changes.
Right an example for the IDB

Backup Needed notification.
It allows to define the number of

days of your last full IDB backup
(default: 7) and the number of
incremental IDB backups in a
row (default: 10). If any of these
limits are exceeded a
notification will be send out to
inform you to run a new full IDB
backup
The following checks are performed once a day as part of the Daily Healthcheck:

• IDB Limits
• IDB Space Low
The IDB Corrupted check is built into the omnidbcheck binary. So any time it is executed and a
problem is found a notification will be send out, e.g. during an IDB backup, if IDB consistency is
checked before backup.

Module 15 Deduplication
Objectives
• understand how Deduplication technology works
• know the different Data Protector Deduplication configurations
• configure a B2D device for HW and SW Deduplication in Data Protector
• configure a Backup specification with Deduplication
• configure an Object Replication between Deduplication devices
Contents
Module 15 Deduplication 1
15–3. SLIDE: Deduplication technology ............................................................................................ 2
15–4. SLIDE: How Deduplication works ............................................................................................ 3
15–5. SLIDE: Supported Deduplication Configurations .................................................................... 5
15–6. SLIDE: Target side Deduplication ............................................................................................ 6
15–7. SLIDE: Source side Deduplication ........................................................................................... 8
15–8. SLIDE: Server side Deduplication ............................................................................................ 9
15–9. SLIDE: Multi side Deduplication ............................................................................................ 10
15-10. SLIDE: Backup-to-Disk (B2D) devices .................................................................................. 11
15-11. SLIDE: Configure a Backup to Disk device 1/6 ..................................................................... 13
15-17. SLIDE: Gateway Configuration for Source Side Deduplication ............................................ 19
15-18. SLIDE: Gateway Configuration for Target Side Deduplication............................................. 20
15-19. SLIDE: Gateway Configuration for Server Side Deduplication ............................................. 21
15-20. SLIDE: Creating a backup specification ................................................................................ 22
15-21. SLIDE: Running Backup with Data Deduplication ................................................................ 26
15-22. SLIDE: Creating an Object Replication specification ............................................................ 27
Module 15
Deduplication
15–3. SLIDE: Deduplication technology
Deduplication technology
Deduplication …
identifies and eliminates redundancy by writing only unique data to storage
HP StoreOnce Backup …
• is HP’s federated Deduplication storage solution
• consists of an expanding range of physical and virtual
deduplication appliances (HP Store Once 4500, 6500, VSA, ...)
• supports the HP StoreOnce Catalyst Software Interface
HP StoreOnce Catalyst …
• allows the control of StoreOnce Deduplication functions
through the backup application for a single point of control
• HP StoreOnce Catalyst can be used with HW based solutions
(4500, 6500, VSA,..) or SW based solutions (HP Data Protector)
• supports Data Replication to other StoreOnce devices without
the process of data rehydration
Deduplication technology
Data Deduplication is a special compression algorithm that identifies and eliminates duplicate
data. Using the technology for Backups only unique data is written to the storage device. Besides
the aspect of cost reduction it also simplifies the backup concept of all the Branch and Remote
Offices, because only unique data blocks will need to be sent to the central Data Center.
HP StoreOnce Backup is a world leading federated deduplication storage solution. The flexible,
federated and very scalable architecture offers backup solutions for virtualized environments,
remote offices up to whole data centers. But it is more than Hardware. The main advantage over
other solutions is the build in HP StoreOnce Catalyst Software Interface.
Using HP StoreOnce Catalyst interface Data Protector is able to take control of all deduplication
functions during backup and restore and for data replication between different HP StoreOnce
Backup solutions.
In addition the HP StoreOnce Catalyst library was integrated into a Data Protector Software
deduplication solution that allows to run deduplication backups without using StoreOnce Appliance
systems.
More information about HP StoreOnce Backup solutions can be found on HP’s webpages under:
http://hp.com/go/storeonce

Module 15
Deduplication
15–4. SLIDE: How Deduplication works
How Deduplication works
Component 1 Component 2
Chunking and Hash-Key Calculation Hash-Index and Chunk Store
Hash Index
1001000110101001100110110101011 001010
#661254200943
Data Calculate Calculate Calculate #433209888765 
Stream the hash- the hash- the hash- #762384528937
key key key #094574857677
#198724683660
2
1 Chunk Store
Is this hash-key already known?
1011010111001
#433209888765
Yes: Store only the pointer 0011010100
No: Store the new hash-key + 110001111101
the data chunk
3
Location of Component1 depends on Deduplication Configuration Exist as HW/SW Store
How Deduplication works
This slide provides a high level overview about how HP StoreOnce deduplication solution is
working.
The backed up data shows up as data steam in the left side. The stream of data is independent of
file boundaries or file types. It’s a continuous stream of data provided by the Disk Agent. This
stream is divided in chunks of a variable size, between 2k and 10k with an average size of ~4k.
(1) A Hash-Key is calculated for every chunk

(2) The Hash-Key is compared with already stored Hash-Keys from a Hash-Index database
(3) If Hash-Key is unknown the Key is added to Hash-Index and the data chunk is saved in the
Chunk Store. If the Hash Key is known there is no need to save it a second time, just a
pointer is added that refers to the stored data chunk.
The process is more complex as shown on this slide and highly optimized, e.g. a set of compressed
hash-keys is sent to the Hash-Index for comparing it, instead of sending single items.

Module 15
Deduplication
This way of deduplication requires two components:
Component 1: The system that performs the Data chunking and hash-key calculation
Component 2: The system that stores the Hash-Index Database and unique Data Chunks
Between these two components only a low-bandwidth connection is required. The amount of data
is typically not high, because only unique data and hash-keys are transferred.
Component1 and 2 can be located on the same or on different systems. In case a StoreOnce
appliance system is used it is possible to send all the data to the appliance system and perform the
deduplication on the appliance, so both components will be located on one system.
Starting with Data Protector 6.21 the functionality of Component1 is part of the Data Protector
Media Agent.
In the same version the Data Protector Software

Deduplication module was announced, a StoreOnce
Catalyst based Software Store with Hash-Index that
now runs on Windows OS, Linux and HPUX servers.
The supported configurations are explained with more details on the following pages.

Module 15
Deduplication
15–5. SLIDE: Supported Deduplication Configurations
Supported Deduplication Configurations

Source Side Server Side Target Side
Application System Application System Application System
Data Protector Data Protector Data Protector

Disk Agent Disk Agent Disk Agent
Gateway System Gateway System
Data Protector Data Protector Data Protector

Media Agent Media Agent Media Agent
Deduplication Store Deduplication Store Deduplication Store
StoreOnce HW or StoreOnce HW or StoreOnce HW or

DP SW Store DP SW Store DP SW Store
Supported Deduplication Configurations
There are three supported Deduplication Configurations:

• Source Side Deduplication
• Server Side Deduplication
• Target Side Deduplication
The main separator between these configurations is the place where the deduplication occurs:
• Source Side Deduplication - Directly on the source or application system
• Server Side Deduplication -. On a separate system, called Gateway system
• Target Side Deduplication -. Directly on the StoreOnce Appliance or DP SW Store
The process of Data Deduplication is a CPU intensive process, which have impact on running
applications. This impact should be considered when selecting the configuration.
Another important separator is the network load. Depending on the configuration the backed up
data is send deduplicated or non-deduplicated over the network. This is indicated by the used
arrow icons on the slide. Thin arrow means deduplicated data transfer, broad arrow means data is
send not deduplicated over the network.

Module 15
Deduplication
15–6. SLIDE: Target side Deduplication
Target side Deduplication

Source system StoreOnce Appliance System
(Application System)
C
A
T
Data Protector A
Disk Agent L
Y
S
T
Gateway system Data Protector Client System

C
Data Protector A
Media Agent T
A
L
Y
S
Agenda:
Low Bandwidth T
Data Protector Data Protector Store Once Software Deduplication Agent
Agent
High Bandwidth Note: In case a Data Protector SW Store is used Media Agent and StoreOnce
SW Deduplication agent can run on one and the same system.
Target side Deduplication
Target side Deduplication is the easiest way to use the advantages of deduplication without much
changes to your backup concept is to use a StoreOnce backup appliance system or the
configuration of a Data Protector client system running a StoreOnce Software Store. The slide
illustrates both possibilities.
The deduplication takes place on the target, the StoreOnce appliance or DP SW Store, so a high
bandwidth connection is required to forward the data from the Source/Application system to a
Gateway system, which will transfer it again to the StoreOnce appliance or DP SW Store system.
Only in this setup, the Gateway system that runs the Data Protector Media Agent, is just forwarding
the data to the Appliance system without performing the Chunking and Hashing operations.
Disk and Media Agent can run together on the same system. In difference to a Source side
Deduplication configuration here the Media Agent just forward the data without performing a
deduplication.
Media Agent and Data Protector StoreOnce Software Deduplication Agent can run on the same
system.

Module 15
Deduplication
Both mentioned configurations would eliminate the need of a dedicated Gateway system and
sending non deduplicated data twice over the network (from Source system Gateway System
and from Gateway System  StoreOnce HW/SW Store).
Note: It is not possible to install any DP agent on a StoreOnce appliance system, so the Media
Agent need to run on a separate Gateway system or on the Source system
Target side Deduplication is used in Remote Office/Branch Office backup concepts.

In such a concept each Remote Office/Branch Office gets its own small/medium sized StoreOnce
appliance system for local backups and restores. In addition the backed up data is replicated over a
Low Bandwidth connection via Data Protector Object Replication to a larger StoreOnce appliance
system in the central Data Center.

Module 15
Deduplication
15–7. SLIDE: Source side Deduplication
Source side Deduplication

Source system StoreOnce
(Application System) Appliance System
C
Data Protector A
Disk Agent T
A
L
Y
Data Protector S
Media Agent T
Data Protector Client
C
A
T
A
L
Y
Agenda: S
Low Bandwidth T
DP StoreOnce Software Deduplication Agent
Data Protector
Agent
High Bandwidth
Source side Deduplication
Source side Deduplication is used when the application system is running Disk Agents and Media
Agents and the deduplication is performed locally on that system.
In this setup only deduplicated data is forwarded to the StoreOnce appliance or DP SW Store, so a
backup over low bandwidth connection is possible.
The deduplication will have an impact on the source system, so ensure to include the impact in your
server sizing.
Source side Deduplication requires the configuration of a specific Gateway in the Data Protector
B2D device. This Gateway is using localhost as client name and can be used as generic gateway for
all clients that perform Source side Deduplication. All other Gateways that are used for Target and
Server side Deduplication need to have a valid hostname configured as Client name within your B2D
device.
Important: A direct restore from the StoreOnce appliance or DP SW Store would require a
High Bandwidth connection. Consider the use of Object Copy, Replication or
Consolidation to get prepared for restores

Module 15
Deduplication
15–8. SLIDE: Server side Deduplication
Server side Deduplication

Source system StoreOnce
(Application System) Appliance System
C
Data Protector A
T
Disk Agent A
L
Y
Data Protector S
T
Media Agent
Gateway system
Data Protector Media Agent
Data Protector Client
C
A
T
A
L
Y
S
Agenda: T
DP StoreOnce Software Deduplication Agent
Low Bandwidth
Data Protector
Agent
Note: Gateway system can be used by multiple Application systems
High Bandwidth
Server side Deduplication
Server side Deduplication is most common used deduplication configuration. In this configuration
multiple source systems are forwarding their data to a dedicated Gateway system that deduplicate
the data and forward it over a low bandwidth connection to the StoreOnce appliance or DP SW
Store.
In this setup the deduplication load is offloaded to a separate server and has no impact to the
application system.
This setup is often used in Branch Office or Remote Office backup concepts.
Similar to the given example for Target side Deduplication, the Gateway system can forward the
deduplicated data to a local small/medium sized StoreOnce Backup appliance or virtualized
StoreOnce Virtual Storage Appliance (VSA), which transfers the backed up objects over a Low
Bandwidth connection via Object Replication to other StoreOnce appliances for DR preparation or
directly to a remote StoreOnce appliance, located in the central data Center.

Module 15
Deduplication
15–9. SLIDE: Multi side Deduplication
Multi Side Remote Office Backup

Office 1 Headquarter
Office 2 Standby DC
Note: Deduplication is done locally in the branch offices and replicated to Central Datacenter using Low Bandwidth Replication
Multi side Deduplication
The slide is just an example that illustrates the backup concepts from the previous pages.
Office 1 is using Server side Deduplication. Multiple application/sources systems are sending their
data to a dedicated Gateway system, which deduplicates the data and forward it via a Low
Bandwidth link to the StoreOnce appliance system in the main Data Center.
Office 2 is using a larger office that is using again Server side Deduplication. Multiple
application/sources systems are sending their data to dedicated Gateway systems, which
deduplicate the data and forward it to a local StoreOnce appliance system. The backed up data is
replicated via Object Replication into a larger StoreOnce appliance system, located in the main Data
Center.
In addition a second Object Replication replicates company critical data from the main Data Center
into a Standby DC for Disaster Recovery preparation.
There are many other possibilities with all their advantages and disadvantages.
Check the web under http://hp.com/go/storeonce or http://hp.com/go/dp for updated information
about StoreOnce and Data Protector

Module 15
Deduplication
15-10. SLIDE: Backup-to-Disk (B2D) devices
Backup-to-Disk (B2D) devices

• Backs up data to Disk devices
• Disk Devices can be located on
physical/virtual disks or on a Backup
Appliance System
• New Device interface types:
 StoreOnce software Deduplication
 StoreOnce Backup system B2D Device for a StoreOnce Backup Appliance
• Disk devices are partitioned into Stores
• A Store can be accessed through multiple
Gateways
• Gateway = DP client with installed
Media Agent component
• Explicit Gateway required Server or Target
Side Deduplication
B2D Device for a Data Protector Software Store
• Implicit Gateway for Source Side
Deduplication
• Requires AB2D license (Capacity based) Note: Each Store requires its own Backup-to-Disk Device in DP
Backup-to-Disk (B2D) devices
The support of StoreOnce Deduplication backups requires the introduction of a new Logical Device
type in Data Protector – the Backup to Disk (B2D) device.
A B2D device backs up data to disk based devices only. In this module we put the focus on the
StoreOnce Deduplication Integration, so usable disk storage is either managed by a DP SW Store or
by a HP StoreOnce Backup appliances. Refer to the Platform and Integration Matrix to get the list of
supported systems.
For separation two new Device Interface types are introduced:

 StoreOnce software Deduplication… Interface to a DP SW Store
 StoreOnce Backup system… Interface to a HP StoreOnce Backup appliance
The disk storage within a DP SW Store or HP StoreOnce Backup

appliance is partitioned into Stores and can be accessed via
Gateways.
A store can be accessed by multiple gateways, configured on

different systems, so B2D devices are supporting multi-host
configurations.

Module 15
Deduplication
Each B2D device contains only one store and

multiple gateways. In case multiple stores
are configured, you need to configure the
stores within separate B2D devices.
Multiple stores can be configured within a

HP StoreOnce Backup appliance and within a
DP SW Store.
A gateway system is a system with a Data Protector Media Agent installed, which performs the
deduplication and forwards the data to the store. Each host that is acting as gateway system for
Target and Server side Deduplication requires a dedicated gateway configuration for this host
within the B2D device.
In case Source side Deduplication is used only one gateway needs to be configured for each B2D
device. This implicit gateway is using localhost as client name and can be used for Source side
Deduplication on any host with a Media Agent installed.
Note: It is not possible to configure the same store within 2 different B2D devices
Licensing
B2D devices are licensed via a capacity-based licensing, similar to file library licensing.
B2D devices requires a capacity-based Advanced Backup to Disk LTU, based on the usage of
deduplicated data on disk.
The following licenses exist:
- B7038AA – 1 TB
- B7038BA – 10 TB
- B7038CA – 100 TB
For more information about capacity-based licensing, see the HP Data Protector Installation and
Licensing Guide.

Module 15
Deduplication
15-11. SLIDE: Configure a Backup to Disk device 1/6
Configure a Backup to Disk device 1/6

Provide Name
and Description
Select
Backup to Disk
as Device Type
In the
Devices & Media
context right click
on Devices
For SW Deduplication select:

StoreOnce software deduplication
For HW Deduplication select:
StoreOnce Backup system
Click Next to
continue
The following slides will explain the configuration steps of a Backup to Disk (B2D) device with the
focus on the StoreOnce Integration.
• In order to configure a B2D device start the Data Protector GUI and change to the Devices
and Media context. Right click on Devices and select Add Device
• Under Device Name specify a speaking name for the B2D device and add a description that
helps to identify this device
• Select Device Type : Backup to Disk
• Select the appropriate Interface type:
StoreOnce software Deduplication… Interface to a DP SW Store
StoreOnce Backup system… Interface to a HP StoreOnce Backup appliance
• Click Next to continue.
Note: The DP SW Store requires the installation of

the StoreOnce Software Deduplication module.
The module can be installed using the normal DP
GUI based Push installation

Module 15
Deduplication

B2D Stores and Gateway window
Store:
Configure the Store of a HP
StoreOnce Backup Appliance or
DP StoreOnce Software
Deduplication Client
Gateways:
Configure one or more
Gateway systems and their
Deduplication method (Source,
Server, Target Deduplication)
Next the Stores and Gateway window will show up.
This is the most import window that offers the creation/selection of the Data Store in the Store
section and the configuration of the Client gateways in the Gateways section
Depending on the Device Interface selection the DP SW Store
layout of the Store section will look a bit

different.
In case of a DP SW Store the Deduplication

system can only be selected from a pull down HP StoreOnce Backup appliance
menu while in case of a HP StoreOnce Backup
appliance any IP or hostname can be entered
and additional options can be configured
The Gateways section is identical for both

targets.

Module 15
Deduplication

B2D Store configuration
Enter the IP/Hostname of the
Appliance system (HW) or DP
Deduplication Client (SW)
Click on Select/Create Store to

open the Configuration window
Select and existing Store or

create a new Store
The B2D Store configuration will focus on the configuration wizard for a HP StoreOnce Backup
appliance, as it offers more complexity.
• Under Deduplication system enter the FQDN or IP address of the appliance system
• Enter Client ID and Password, if this was configured for your Backup appliance. As a default
no information is required in these two fields.
• Select the Select/Create Store button to open the Select store window
• Within the Select store window it is possible to create a new store or browse the existing
stores. The table inside displays exiting stores and the B2D device they belong to. Either
select an unallocated store or create a new one.
Filters settings help to reduce the selection.
Available filters are:
- Encryption list all encrypted stores
- Federation list all federated store
(new feature in DP9.00)
In case Create new store is selected specify the new store name and check Encrypted store,
if the new store should be encrypted on StoreOnce Backup appliance level.

Module 15
Deduplication

B2D Gateway configuration Click on Add to configure a new
Gateway
List with configured Gateways
Under General specify Gateway

Name and Description and hit OK
Note: Check/Configure additional parameters under Settings

and Policies (e.g. Media Pool, Block Size, ..)
The B2D Gateway configuration section allows the configuration of the implicit Source side
Deduplication gateway and the hostname dependent gateways used for Target and Server side
Deduplication. The detailed Gateway setup of each Gateway type is explained later in this module.
The Add Gateway window will show up after clicking the Add Button. It looks pretty similar to a
device property window and allows the configuration of a Gateway Name and Description, but also
options like Block Size or Media Pool.
Advanced Options allow the configuration of the

parallel streams, similar to a device concurrency
(concurrency option is grayed out for B2D devices). Up
to 100 streams can be configured for each gateway. In
addition it is possible to specify a limit for the used
network bandwidth, which is important for low
bandwidth connections.

Module 15
Deduplication
B2D Settings window
Optional:
Limit the Number of Media Agents
that can connect to this Store
Optional:
Define Soft Quota (not enforced) for
Backup Size and Store Size
Optional:
Define a size for the virtual medium
within the Store (Default: Unlimited)
Optional:
Select to enable one object per
virtual Store medium
Next a B2D Settings window shows up.
Max Numbers of Connections per Store limits the number of Media Agents that can connect to that
store. The default is unlimited. An Object consolidation of one full and 8 incrementals that are
stored in that store would require 10 connections (plus one connection for the synthetic full), so in
case a limit is set ensure that it is able to support the planned backup concept.
Backup Size Soft Quota and Store Size Soft Quota are soft limits that will trigger a message in the
session report, if the specified quota value is exceeded. These settings are not enforced, so session
will continue.
Store Media Size Threshold will limit the size of the created store internal media to the specified
setting. The default setting is unlimited.
Single Object per Store Media will cause the creation of separated media per object, e.g. C-Drive, D-
Drive or Configuration. It is similar to a non appendable medium on an object level.
Note: All listed options in the B2D Settings window are optional, no input is required.

Module 15
Deduplication
B2D Summary window
Hit Finish to trigger the

creation of the B2D device
Note: A B2D Device can only manage one Store. In case multiple stores exist,
a B2D device is required for each configured store.
The B2D Summary window lists the configured store, no configuration is possible.
The large table accidently indicates that multiple stores can be configured for a B2D device.
This is not possible, only one store can be configured as Data Store for a B2D device, regardless if a
DP SW Store or HP StoreOnce Backup appliance is used.
In case multiple stores exist and should be used for Deduplication backups, multiple B2D devices
needs to be configured.

Module 15
Deduplication
15-17. SLIDE: Gateway Configuration for Source Side Deduplication
Gateway Configuration for Source Side Deduplication

For configuration check option:
Source-side Deduplication
localhost is used as generic

name of the Gateway system
Note: Only one Source-side Deduplication Gateway needs

to be configured. It can be used for all client systems.
Gateway Configuration for Source Side Deduplication
Source side Deduplication requires only the configuration of one gateway. This is the reason, while
only a check box exists that enables a Source side Deduplication gateway.
The Source side Deduplication properties window allows the configuration of the Gateway name
and Description. Gateway system is set to localhost. This option is grayed out and cannot be
changed.
As stated before this gateway can be used for all clients and will cause a Source side Deduplication
on all selected Backup objects.

Module 15
Deduplication
15-18. SLIDE: Gateway Configuration for Target Side Deduplication
Gateway Configuration for Target Side Deduplication
Target Side Deduplication:

• Gateway setting: Server side deduplication = No
• default Gateway configuration after adding a new Gateway
Note: Mark each configured Gateway and click on Check to validate connection.
Gateway status need to be listed as OK.
Gateway Configuration for Target Side Deduplication
Target and Server side Deduplication require the configuration of explicit gateways. The selection
box lists all DP client systems with a Media Agent installed. Select the client system that should act
as a Gateway within a Server or Target
side Deduplication configuration and click
on Add to configure it.
As long as there are still un-configured

Media Agents the Add button remains
active.
Target side Deduplication is the default gateway configuration. There are no additional
configuration steps required. The gateway shows up as Server side deduplication=No in the
gateway table.
Check the connection to that gateway. Mark the gateway and click on Check to validate the
connection. If it shows up with Status =OK in table the check succeeds.

Module 15
Deduplication
15-19. SLIDE: Gateway Configuration for Server Side Deduplication
Gateway Configuration for Server Side Deduplication
Server Side Deduplication:

• Gateway setting: Server side deduplication = Yes
• For activation mark the Gateway and select
Server-side deduplication from the popup menu
Note: Server Side Deduplication option can be switched on/off within a Backup
specification under Device Properties
Gateway Configuration for Server Side Deduplication
After the configuration of all Gateways for Target side Deduplication identify gateways that should
be used for Server side Deduplication. Mark these gateways and select Server side deduplication
from the menu.
To complete the configuration proceed with the other gateways in the same way.
Note: An explicit gateway configuration can be

reconfigured for Target or Server side
Deduplication within a backup specification
under Device Properties. In addition the Number
of parallel stream can also be overwritten.

Module 15
Deduplication
15-20. SLIDE: Creating a backup specification
Creating a Backup specification

Creating a Backup specification using Deduplication targets:
• very similar to a normal Backup specification configuration
• select gateways instead of device/writers
• only Server/Target side or Source side deduplication can be used within one backup
• DP Filter option automatically activate/deactivate appropriate gateways
Source side deduplication option activated
Note: Source side deduplication filter option is also

available under Backup options Source side deduplication option deactivated
Creating a backup specification
Creating a backup specification that will use deduplication devices is very similar to the
configuration of a normal backup specification, beside the fact that gateways need to be used
instead of tape drives or writers.
Please consider the following two points before creation:

1. Before starting the configuration have a clear understanding what deduplication
configuration will be used for backup the selected objects.
2. It is not possible to mix Source side Deduplication and Server/Target side Deduplication
within one Backup specification, Server and Target side Deduplication can be mixed.
As a consequence of Point (2) only all configured

Gateways for Source side Deduplication are
deactivated by default and cannot be selected as
targets. For activation see instructions below.

Module 15
Deduplication
Backup using Target side Deduplication
1. Expand Backup Specifications.

2. Right-click Filesystem and select Add Backup.
3. In the Create new Backup window click OK to continue.
4. Under Source select the Objects for backup and click Next
5. Under Destination select the Gateways that belong to the B2D device you want to
use for backup, mark them individually and select Properties. In the Property
window ensure that Server-side deduplication option is not checked.
6. Continue with the Backup specification configuration like in case of a regular

backup specification.
Backup using Server side Deduplication
1. Repeat step 1-6 from Target side Deduplication, just ensure that Server-side
deduplication option is checked.

Module 15
Deduplication
Backup using Source side Deduplication
1. Expand Backup Specifications.

2. Right-click Filesystem and select Add Backup.
3. In the Create new Backup window select option Source side Deduplication and click
OK to continue
4. Under Source select the Objects for backup and click Next
5. Under Destination select the implicit Source side Deduplication Gateway that
belong to the B2D device you want to use for backup. Note that all other gateways
are grayed out and under Properties Server side deduplication option is
deactivated
6. Continue with the Backup specification configuration like in case of a regular

backup specification.

Module 15
Deduplication
Note: In case the checkbox Source side Deduplication was missed in the Create new
Backup window the option can be still checked in the Options window under
Backup to Disk Device options as shown below

Module 15
Deduplication
15-21. SLIDE: Running Backup with Data Deduplication
Running Backup with Data Deduplication
Used Gateway with Gateway ID
Session Deduplication Ratio
Object Deduplication Ratio
Running Backup with Data Deduplication
Start the backup as usual and check the session report. The main difference compared to a normal
backup are the used gateways with their gateway-id. To keep a good overview it is highly
recommended to use “speaking” gateway names for identification that contains details like the used
B2D device, configured store and gateway hostname.
The most important thing for a deduplication backup is the deduplication ratio, the ratio between
backed up data and stored data. The deduplication ratio is listed in the session report:
• for each object and
• for the whole session.
In case the B2D option Single Object per Store

Media was used each object will be backed up
on its own media. So in case 6 objects are
backed up 6 media are created as listed
under Sessions in der Internal Database
context.

Module 15
Deduplication
15-22. SLIDE: Creating an Object Replication specification
Creating an Object Replication specification

Object Replication
• allows replication of objects from one store to another store in the same or
different deduplication appliance without the need of data rehydration
• is using Object Copy wizard for configuration
Filter out all device not

supporting replication
Use Object Copy Wizard

for Configuration
Activates replication
Creating an Object Replication specification
Depending on the used Backup concept there might be a need to replicate the backed up data into
another StoreOnce Backup appliance, like in an environment, where backed up data from a remote
office should be replicated into the central data center. This feature is called Object Replication
and can be configured by using the Object Copy configuration wizard. The main benefit of Object
replication over a normal Object Copy operation is the fact that the data does not need to be
dehydrated/un-deduplicated during transfer.
For the configuration of an Object Replication specification change to the Object Operations context
and click on Add on any of the available automated or interactive Object Copy types.
Follow the wizard like for a normal Object Copy specification configuration. In the Destination
Devices window it is possible to show only devices capable of replication, as Object Replication is
only working between StoreOnce appliances. Under Options activate the option Use Replication as
shown on the slide above. This will trigger the start of an Object Replication instead of an Object
Copy. Notice the difference in the session report sample on the slide.
Important: Object Replication is only working between HP StoreOnce Backup appliances.

For any other combination use Object Copy functionality.

Module 16 — Access control and Security
Objectives
• Control user access to the cell
• Manage user groups in the cell
• Configure user restrictions
• Manage network access to the cell
Contents
Module 16 — Access control and Security 1
16–3. SLIDE: Access control and security levels .............................................................................. 2
16–4. SLIDE: Access Control ............................................................................................................. 3
16–5. SLIDE: User Rights .................................................................................................................. 4
16–6. SLIDE: User Groups ................................................................................................................. 7
16–7. SLIDE: The Admin Group ......................................................................................................... 8
16–8. SLIDE: The Operator Group .................................................................................................... 9
16–9. SLIDE: The User Group .......................................................................................................... 10
16-10. SLIDE: Custom Groups .......................................................................................................... 11
16-11. SLIDE: Default group permissions ....................................................................................... 12
16-12. SLIDE: Add User Group ......................................................................................................... 13
16-13. SLIDE: Add Users .................................................................................................................. 15
16-14. SLIDE: User Restrictions ....................................................................................................... 16
16-15. SLIDE: LDAP user integration ............................................................................................... 19
16-16. SLIDE: Client and Cell security .............................................................................................. 21
16-17. SLIDE: Certificate based DP GUI connection ........................................................................ 23
16-18. SLIDE: Network Access—INET (HP-UX) ............................................................................... 24
16-19. SLIDE: Network Access—INET (Windows) ........................................................................... 25
16-20. SLIDE: Inet User Impersonation ........................................................................................... 26
16-21. SLIDE: Creating Impersonator Users .................................................................................... 28
16-22. SLIDE: Changing the Web Password .................................................................................... 32
Module 16
Access control and Security
16–3. SLIDE: Access control and security levels

Access Control & Security Levels
Local User access to the DP GUI
Remote DP GUI access to the Cell Manager
Access to the Web Reporting Interface
User Restriction
Remote Access of DP Clients
Access control and security levels
Out of the box, Data Protector is both secure and un-secure from different perspectives. By default,
the only user that is able to use the Data Protector GUI and CLI is the user who installed the product
– typically root on UNIX and Domain or Local Administrator on WINDOWS. All other user need to be
configured into Data Protector group’s that own certain privileges to be able to perform designated
operations in Data Protector.
On the other hand, the installed Data Protector Agents (Disk Agent, Media Agent...) are configured
to respond to any Session Manager that attempts to connect to it. What appears to be a huge
security hole can be easily closed or restricted in a way that only the current Cell Manager or a set
of defined systems are able to access these clients within a defined disaster recovery, site failover
or load balancing concept.
This module will address all of the topics listed above.

Module 16
Access Control and Security
16–4. SLIDE: Access Control

Access Control
Access to Data Protector's functional areas is strictly controlled

• Data Protector user groups are allocated specific permissions
• Data Protector User Restriction file allows to restricted user access to
certain DP Client systems
Access Control
Access to Data Protector’s functional areas, such as Client Installation, Device Configuration,
Backup, and Restore, is strictly controlled by the allocation of specific permissions to Data
Protector User Groups.
Dedicated operating system users, such as root, Administrator or Oracle DBA accounts, etc. who
either directly start sessions or own sessions need to be configured as members of Data Protector
User Group.
The Data Protector operations that the users are able to perform depend on the capabilities
assigned to the User Group to which they belong.
You can complement the user security layer provided by Data Protector user groups with
restrictions of certain user actions to certain systems of the cell. Such restrictions can be
configured in the user_restrictions file. They apply only to members of Data Protector custom user
groups other than the admin and operator group.

Module 16
16–5. SLIDE: User Rights
User Rights
Clients User Device Media

configuration configuration configuration configuration
Reporting
Start backup Save backup
and Start backup
specification specification
notifications
Switch
Back up as
session Monitor Abort
root
ownership
Mount Restore to Restore from

Start restore other users
request other clients
See private Restore as KMS key

objects root generation
User Rights
Data Protector provides a rich set of user rights to implement advanced security functionality. The
following user rights are available:
• Clients configuration: This user right allows the user to install and update Data
Protector software on client systems.
• User configuration: This user right allows the user to add, delete, and modify users
and user groups. Note that this is a powerful right!
• Device configuration: This user right allows the user to create, configure, delete,
modify, and rename devices. This includes the ability to add a mount request script to a
logical device.
• Media configuration: This user right allows the user to manage media pools and the
media in the pools and to work with media in libraries, including ejecting and entering
media
• Reporting and notifications: This user right allows the user to create Data Protector
reports. To use Web Reporting you also need a Java user under the applet domain in
the admin user group.

Module 16
• Start backup: This user right allows users to back up their own data as well as monitor
and abort their own sessions.
• Start backup specification: This user right allows the user to perform a backup using a
backup specification, so the user can back up objects listed in any backup specification
and can also modify existing backups.
• Save backup specification: This user right allows the user to create, schedule, modify,
and save any backup specification.
• Back up as root: This user right allows the user to back up any object with the rights of
the root login on UNIX clients. This user right is effective only for UNIX clients. Backups
on Windows always run in the context of the Data Protector Inet service. See the
section Inet Impersonation to see how the DP Inet Service can run under another user
credentials
• Switch session ownership: This user right allows the user to specify the owner of the
backup specification under which the backup is started. By default, the owner is the
user who started the backup. Scheduled backups are started as root on a UNIX Cell
Manager and under the Cell Manager account on Windows systems. This user right is
appropriate if the Start backup specification user right is enabled.
• Monitor: This user right allows the user to view information about any active session in
the cell and to access the IDB to view past sessions.
• Abort: This user right allows the user to abort any active session in the cell.
• Mount request: This user right allows the user to respond to mount requests for any
active session in the cell.
• Start restore: This user right allows users to restore their own data as well as monitor
and abort their own restore sessions. Users that have this user right are able to view
their own and public objects on the Cell Manager.
• Restore to other clients: This user right allows the user to restore an object to a
system other than the one from where the object was backed up.
• Restore from other users: This user right allows the user to restore objects belonging
to another user. It is effective only for UNIX clients.
• Restore as root: This user right allows the user to restore objects with the rights of the
root UNIX user. Restores on Windows always run in the context of the Data Protector
Inet service. See the section Inet Impersonation to see how the DP Inet Service can run
under another user credentials.
• See private objects: This user right allows the user to view and restore objects that
were backed up as private.

Module 16
• KMS Key generation: This user right is required to manage the KMS Key database via
the omnikeytool binary.

Module 16
16–6. SLIDE: User Groups
User Groups
• A user group is a collection of users who have the same rights

• Data Protector provides three pre-defined, default user groups: Admin,
Operator and User
• Member of admin group are eligible to create new user groups
User Groups
A Data Protector User Group is a set of access rights that permit execution of certain portions of
Data Protector Functionality. Each Data Protector user is member of a User Group. Each User Group
has a set of user rights that are given to every user in that User Group. The number of User Groups
with their associated user rights can be defined as desired.
Data Protector provides three default user groups that provide the typical level of delegation and
control required by most customers:
• Admin
• Operator
• User
In addition it is possible to create custom user groups that own sets of privileges that perfectly fit
the needs of the managed environment.

Module 16
16–7. SLIDE: The Admin Group
The Admin Group
• complete control of all DP functions,

including installation and configuration
• By default, the Administrator/root account on the Cell Manager is always a

member of the admin group
• The admin group cannot be deleted, and its permissions cannot be
modified
The Admin Group
The Admin Group is all-powerful. Members of this group have complete control of all Data
Protector Operations on the whole cell. When Data Protector is installed, the user account that was
used for installation is added to the Admin group.
Overall 4 accounts are configured in the admin group on WINDOWS after installation:
• "Initial cell administrator" (Account used at installation time)
• "CRS service account" (can be specified at Installation time, default account is the
same account that is configured as "Initial cell administrator")
• "Local System account on the Cell Manager" (SYSTEM user)
• "WebReporting"
Overall 2 accounts are configured in the admin group on UNIX after installation
• "root" (Cell Manager root account)
• "WebReporting"
If you require other users to have full control of the Data Protector Cell, they must be added to the
Admin group.
The Admin group can neither be modified in any way nor deleted, as it must always have full-
control. It is not possible to apply any user restrictions to members of the admin group.

Module 16
16–8. SLIDE: The Operator Group
The Operator Group
• complete control of all DP functions,

excluding installation and configuration
and reporting/notification
• Owns all required permissions to run daily backup and restores

• Operator group permissions may be customized as necessary
The Operator Group
The Operator group has fewer capabilities than the Admin group. The members of the Operator
group are prevented from executing the following operations:
• Client system installation
• User Configuration
• Logical Device configuration
• Reporting and Notification configuration
Operators have admin group user like privileges through Backup and Restore!
The main purpose of the Operator group is to provide operators the ability to perform the day-to-
day operation of the Data Protector Cell. This is why the Operator group does not have any
Configuration permissions, as these are functions typically performed by the system
administrator.
By default, there are no users configured into the Data Protector Operator Group.
The permissions of the default Operator user group can be modified if required.

Module 16
16–9. SLIDE: The User Group
The User Group
• Owns only permission to initiate

restores only
• Only restore of own (private) data from own system possible

• By default no user configured into this group
• User group permissions may be customized as necessary
The User Group
The User Group has permission only to initiate a restore of the user's own data. Those responsible
for backup must assign ownership of the backup job to allow a member of the user group
permission to see the data available for restore within the restore GUI.
Any media requests that accompany the restore session must be satisfied by the members of the
Operator or Admin groups.
Giving users the ability to restore their own data may be desirable in environments where users
have access to their own tape drives or libraries or where data is always available like stored on
large disk arrays.
No intervention on the part of the Admin or Operator group members is required to satisfy mount
requests, if the correct media is loaded in the device specified by the restoring user. By default,
there are no users configured into the Data Protector User Group.
The permissions of the default, User’s user group can be modified.

Module 16
16-10. SLIDE: Custom Groups
Custom Groups
Customize user groups to suit the local environment by :

• Customizing the existing groups
(admin group cannot be customized!)
• Create a new custom group from scratch
(User group permissions may be customized as necessary)
Custom Groups
In addition to the predefined default groups, Data Protector allows you to create your own groups.
You may choose to create custom groups that match the structure and requirements of your IT
department.
Example
The default Operator user group has all access rights, except client configuration, User
configuration, Device configuration, and Reporting and Notification. The default User group user
has only the Start restore access right.
An IT organization may require some sort of a hybrid solution where more senior users can format
tapes (media configuration), monitor, start backups, start backup specifications, mount prompt,
abort, and restore. In this case, a custom group can be created to satisfy this requirement. The
relevant users are then added to (or modified in) this group.
There are two ways to create custom user groups allowing more flexibility:
1. Modify one of the default user groups (Operator or User)

2. Create a new user group from scratch (see “dev_team” on the slide)

Module 16
16-11. SLIDE: Default group permissions
Default group permissions
Admin Operator User
Default group permissions
The above slide displays the complete set of Data Protector Permissions, as mapped to each of the
default user groups offered
Many of the permissions will allow super-user capability indirectly, and are considered very
powerful rights. (e.g. Restore as root)
For complete definitions of each of the above user rights, see the chapter “User rights”.

Module 16
16-12. SLIDE: Add User Group
Add User Group
• select Users context

1
1 • right click Users
2 2
• select Add User Group
3
3
• assign Name & Description
4
4
• select User rights
5
• Click Finish
6
5
6
Add User Group
Users and Groups can be created, modified, and deleted from the Data Protector GUI. Alternately, if
no GUI is available, modifications can be made directly to the configuration files.
Modifications directly to the users file are NOT supported. If no GUI is available, you can use the
omniusers command to add, modify, or remove users
The “*” is displayed in the GUI as <Any>; this is a wildcard that may be used in any of the first 4
fields.
Example:
DP_CONFIG/users/UserList
"Frank Black" "fblack" "users" clustd11.atl.hp.com "admin"

"WebReporting" "java" "applet" webreporting "admin"
"root" "root" "*" ita030.hp.com "admin"

Module 16
Fields in the UserList file
• Field 1 = Real name

• Field 2 = Operating system user name (user id)
• Field 3 = Operating system group name, or domain name for Windows users
• Field 4 = System name (hostname)
• Field 5 = Data Protector user group
The <DP_CONFIG>/users/ClassSpec file is somewhat more complex, and therefore, it is best not to
modify it manually. The ClassSpec contains the user rights assigned to each Data Protector group.
Each of the user rights is assigned a numeric value. The total of all of the numeric values for each of
the user rights added to the group is stored along with the group name in the Class Spec file.
Additional Users — Special Situations

A Data Protector Administrator will need to add users to the configuration in any of the following
circumstances:
• Someone wishes to use the Graphical User Interface on a remote system

• A Manager-of-Manager configuration will be generated
• Integration with HP Operations Manager software will be performed
In these situations, the following steps are required:
• The User Interface component must be installed on the remote client

• The appropriate user must be added to the relevant group on the Cell Manager
Additionally, the integrations with third party databases, such as Oracle, typically require that a
special user be added to the admin group or operator group to allow the backups to be performed
by the database administrator's user id. This will require that the backup specifications are "owned"
by that user as well.

Module 16
16-13. SLIDE: Add Users
Add Users
• select Users context
1
1
• right click the desired User
2 2 Group
5
3 • select Add/Delete Users
3
• Type in Type, Name,
Group/Domain,
4 4 Description & Client
• Click “>>” Button

5
• Finally, click Finish

6
6
Add Users
All operations in Data Protector are only permitted if a Data Protector user account exist for the
logged in OS user account and the Data Protector group this account belongs to owns the privilege
to perform this operation. As a default only members of the Data Protector admin group are
eligible to create new Data Protector users for existing OS accounts.
The easiest way to configure a user for Data Protector is to use the Data Protector GUI.
1. Switch to the Users Context and expand Users

2. Right-click the user group to which you want to add a user
3. Click Add/Delete Users to open the wizard
4. In the Add/Delete Users dialog, enter the specific user properties. When entering Name and
Group/Domain or UNIX Group, make sure you enter information about an existing user on
your network
5. Click the arrow button ">>" to add the user to the user list (Important!!)
6. Click Finish to exit the wizard
Note: All GUI input fields accept <any> as a white card to ease the user configuration in
large environments, but remember that using white cards might compromise your
Cell security.

Module 16
16-14. SLIDE: User Restrictions
User Restrictions
Configured Data Protector users can perform granted Data Protector

operations only on systems listed in a user restriction file
Example:
#user_restrictions file
#Users from following user groups are allowed
#to access hosts listed below as soon they belong
#to the same system group
group1: core_group
group2: net_group mail_group dba_group
#hostnames, that users have the right to access

group1: w28kdev21.vm2.com
group2: w28kdev22.vm2.com clus2.vm2.com
FRANK owns After creation of

privilege to backup user_restrictions file,
ALL clients in the Cell FRANK can
as member of the only backup
core_group w28kdev21.vm2.com
User Restrictions
You can complement the user security layer provided by Data Protector user groups with
restrictions of certain user actions to certain systems of the cell. Such restrictions can be
configured in the user_restrictions file. They apply only to members of the Data Protector user
groups other than the admin and operator group. When configured, the file is located at the
following location on the Cell Manager:
UNIX: DP_CONFIG/cell/user_restrictions
WINDOWS: DP_CONFIG\cell\user_restrictions
As a default the file does not exist. In order to create a template file in the mentioned directory
execute the following command on the command line:
CLI : omnicc -create_userrestrictions_tmpl
The created file is just a template file. It contains one system group that owns all configured Data
Protector client systems and all Data Protector groups. This setting ensures that there is no
unexpected problem after activation. For activation, rename the file to user_restriction.

Module 16
If the user_restrictions file does not exist, all users are allowed to perform all actions for which
they have user rights. If an empty user_restrictions file exists, nobody from the user groups is
allowed to perform any action. Only users from the admin and operator user groups are always
allowed to perform actions for which they have user rights.
If the user_restrictions file exists, the action that you requested is executed only if the system on
which the action is to be performed and the Data Protector user group to which the user belongs to
are assigned to the same system group. In order to restrict users from certain systems remove the
client system from the system group the user belongs to.
As a default there is no restriction to certain clients for configured Data Protector users, so in case a
user owns the Start Backup specification right all backup specification could be started. A
restriction file allows limiting the right to certain systems only.
In the example below 4 Data Protector groups are assigned into 2 system groups (group1, group2).
All Data Protector users who belongs to Data Protector group core_group are now restricted to
access only Data Protector client system w28kdev21.vm2.com.
Example:
#user_restrictions file
#Users from following user groups are allowed

#to access hosts listed below as soon they belong
#to the same system group
group1: core_group
group2: net_group mail_group dba_group
#hostnames, that users have the right to access

group1: w28kdev21.vm2.com
group2: w28kdev22.vm2.com w28kdev23.vm2.com
Basic and Advanced User Group Rights
After activation the restriction are enforced for the following user rights, called BASIC rights:
• Start Backup
• Start Backup Specification
• Start Restore
• Restore as Root

Module 16
Additionally, if the global option CheckAdditionalUserRestrictions -is set to the value 1, Data
Protector checks for restriction of user actions covered by the following user rights (referred to in
the global options file as additional user rights) in addition to the BASIC ones:
• Monitor
• Abort
• Restore to other client
• See private objects
Parameter CheckAdditionalUserRestrictions as listed in Data Protector global file:
# CheckAdditionalUserRestrictions=0 or 1
# default: 0
# This option enables (1) or disables (0) the check for restrictions of user
# actions covered by additional user rights. The effect of this option is as
# follows:
# a. If the option is set to the value 0:
# - If the user_restrictions file does not exist, user actions are not
# restricted at all.
# - If the user_restrictions file is properly configured, only user actions
# covered by basic user rights are checked for potential restrictions.
# - If the user_restrictions file is empty, only user actions covered by
# basic user rights are unconditionally restricted, and user actions
# covered by additional user rights are allowed.
# b. If the option is set to the value 1:
# - If the user_restrictions file does not exist, user actions are not
# restricted at all.
# - If the user_restrictions file is properly configured, user actions
# covered by basic and additional user rights are checked for potential
# restrictions.
# - If the user_restrictions file is empty, user actions covered by basic
# and additional user rights are unconditionally restricted.
# For information which user rights are basic and which ones are
# additional (this distinction is used only for the purpose of the
# CheckAdditionalUserRestrictions option), see the Data Protector
# online Help index: "user restrictions".

Module 16
16-15. SLIDE: LDAP user integration
LDAP user integration

Configured LDAP users and groups can be configured as Data Protector users.
LDAP Integration is described in the Data Protector Installation Guide and in OLH.
Log in using the LDAP

credentials(*)
Select Type LDAP and

LDAP User/LDAP Group
(*) … no LDAP support for DP CLI
Important: DP GUI Authentication window always shows up, if the user cannot be found in
the DP user configuration, regardless if LDAP Integration is configured or not.
LDAP user integration
Introduced with Data Protector 8.10 it is now possible to configure existing Windows Active
Directory based users and groups as Data Protector users using the LDAP protocol. The Data
Protector LDAP Integration does not exist after installation and requires a configuration with the
existing LDAP server. See the Data Protector Installation Guide or refer to the OLH for details how
to configure the integration.
Once configured it is possible to add LDAP configured users and groups within the DP GUI. As
described before run Add User and select User Type LDAP and User Entity LDAP Group or LDAP
user. The LDAP user or group name needs to be entered using the Distinguished Name as shown on
the sample below (e.g. copied from the MS ADSI Edit tool).

Module 16
In case a LDAP group is configured as a member of the DP Operators group, all members of this
group will own Operators group privileges in DP. If users are added to this group or removed from
this group within Active Directory no changes are required within DP.
As a member of a configured LDAP group you will be prompted for Username/Password during DP
GUI startup.
If the default LDAP Integration was used for configuration the User Principal Name of the user is
expected under User Name, together with the user password, for User Authentication.
Important: DP GUI Authentication window always shows up, if the user cannot be found in
DP user configuration, regardless if LDAP Integration is configured or not.
The current implementation provides LDAP user authentication support only for the DP GUI, not for
the DP CLI.

Module 16
16-16. SLIDE: Client and Cell security
Client and Cell security
Secure a
particular
Client
Secure
all Clients
in the Cell
Location of the allow_hosts file on the client system:

UNIX: /etc/opt/omni/client/allow_hosts
WINDOWS: DP_HOME\config\client\allow_hosts
Client and Cell security
Data Protector default installation allows any (foreign) Cell Manager, Installation Servers, or
Session Manager to access any Disk Agent and Media Agent, even those that are not members of
the same cell.
This designed-in feature allows a remote recovery of data from one cell to another. Although this
may be a very valuable feature for some environments, it is also a security risk!
DP Cell Administrators may want to totally prevent access by external systems to members of a
Data Protector Cell, or at least regulate access to only known, trusted systems. This may be
accomplished by configuring external systems that are authorized to access specific Data Protector
Clients of the cell by using the Secure feature shown above.
Securing Data Protector Clients can be achieved at two levels. At:
1. Data Protector Client Level: You can select one or more DP Clients Secure at a time
(Shift+Control) from the GUI and securing them by selecting the Secure option
2. Data Protector Cell Level: You can select all DP Clients of a cell, and secure all of them in
one convenient operation by selecting the Cell Secure option

Module 16
Using the Data Protector GUI, enter the names of the external systems (foreign Cell Manager or
Installation Server etc) that you want to authorize to connect to specific or all Data Protector
Clients of your Data Protector Cell. The resulting list of configured (external) hosts is stored in the
following file, on the cell manager:
UNIX /etc/opt/omni/client/allow_hosts
WINDOWS DP_HOME\config\client\allow_hosts
This file is created on the cell manager, and distributed to each cell client automatically when the
entire Data Protector Cell is secured.
The allow_hosts file is not created on the cell manager if specific Data Protector Client/s are
secured! In this case, the allow_hosts file is only created on specific Data Protector Client/s!
Alternatively, each DP Client may be independently secured. By default the Cell Manager is always
able to access the client, as the Cell Manager is registered in the /etc/opt/omni/client/cell_server
file on Unix and in the registry on a Windows system.
The list of external system/s that will be afforded exclusive access to a specific DP Client may
include remote managers, such as Standby or Recovery Site Cell Managers.
To remove exclusive access by external system/s to a particular Data Protector Client, either
modify the allow_hosts file on the affected Data Protector Client, or alternatively use the Data
Protector GUI to unsecure the cell or the affected DP Client.
The screenshot below shows the dialog windows offered when you attempt to unsecure a specific
Data Protector Client:

Module 16
16-17. SLIDE: Certificate based DP GUI connection
Certificate based DP GUI connection

DP GUI is using a certificate based SSL protocol for encrypted communication with
the DP Cell Manager. A self signed certificate is automatically stored on the DP Client
during first DP GUI startup.
Note:
Use omnigencert.pl for Certificate Management,
located on the DP Cell Manager in DP_HOME\bin
Certificate based DP GUI connection
Any time a DP GUI is started on a client system a secure certificate based SSL communication is
established with the DP Cell Manager. The Cell Manager is acting as standalone root Certificate
Authorization (CA), which is installed as a default during the Cell Manager installation.
If a DP GUI is started the first time on a client system a CA certificate is installed on the client
system for each user that starts the GUI. Using the SSL protocol with public/private keys the
communication with the DP Cell Manager is now encrypted.
If the DP Administrator want to replace the certificates the command omnigencert.pl can be used.
The command is located on the Cell manager only under:
DP_HOME\bin
Refer to the Data Protector Installation Guide for details how to use the omnigencert.pl
command.
Note: The encrypted SSL communication via Certificates is activated as a default and cannot
be switched off

Module 16
16-18. SLIDE: Network Access—INET (HP-UX)
Network access—inet (HP-UX)
/var/opt/omni/log/inet.log /sbin/init.d/inetd
1
6
/opt/omni/lbin/inet 2 /etc/services:
omni 5555/tcp
5
inetd checked at startup

/var/adm/inetd.sec 3
omni allow <IP-Range> 4
/etc/inetd.conf:
omni stream tcp nowait root DP request
/opt/omni/lbin/inet (Port 5555)
18
-log /var/opt/omni/log/inet.log
© Copyright 2014 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice.
Network Access—INET (HP-UX)
Any Data Protector service request to a UNIX system is handled by the inet-Demon inetd. This
demon is started at boot time and is waiting for incomming connections.
1. The inetd is started when the operating system starts

2. The inetd reads the configuration file /etc/services to get the configured ports and
services
3. A client service requests come to port 5555, e.g. a request from a Cell Manager to a client
to start a disk or media agent
4. Inetd reads the /etc/inetd.conf file to get the name of the binary to start – in this case
/opt/omni/lbin/inet. In addition it checks /var/adm/inetd.sec file if client connect is
permittet
5. If the remote system is authorized inetd starts /opt/omni/lbin/inet as root user and
passes all the communication data to the Data Protector Inet.
6. Data Protector Inet logs the connection with timestamp, requestor name and requested
process to start (e.g. Media Agent bma). In addition Data Protector Inet checks if connection
is permitted (allow_hosts) and finally starts the requested process. All arguments are now
passed forward to the new process (e.g bma) for execution.

Module 16
16-19. SLIDE: Network Access—INET (Windows)
Network access—inet (Windows)
Default:
Local system
account
Network Access—INET (Windows)
When Data Protector is installed on Windows systems the Data Protector Inet (also referred as
omniinet ) service is configured to start automatically when the system starts. The service is used
to intercept requests from the Cell Manager on port 5555. These requests are used to start the
local Disk, Media or Integration Agents.
By default, the Data Protector Inet service logs on as the Local System account, which is sufficient
to run filesystem backups. For Data Protector Integration backups like Oracle database backups or
Microsoft Exchange online backups or for Windows 8 or and higher backups Local System account
is not sufficient, here Data Protector Inet service need to run under a specific user account to start a
session. See the next slide on how to configure Data Protector Inet service user impersonation.

Module 16
16-20. SLIDE: Inet User Impersonation
Inet User Impersonation
Enables Data Protector Inet service to impersonate other users on

integration clients, instead of running under local System account
Impersonation user accounts

• User impersonation configuration via DP GUI or CLI
• User must belong to DP admin or operators group
• User owns permission on the respective integration
• Configured user will become owner of the backup
• Configuration is saved locally on client
Required for Windows 2008 backups and selected Integration backups like SharePoint or SAP
Inet User Impersonation
Impersonation is a security concept that allows a server application to temporarily "be" the client in
terms of access to secure objects. To employ impersonation, you need to know the password of the
user you want to impersonate. Impersonation is like logging in on a Windows machine. On Windows
systems, backup and restore sessions are started by the Data Protector Inet service, which by
default runs under the Local System account, also called SYSTEM. Consequently, a backup or
restore session is performed using the same user account. Majority of Data Protector integrations
on Windows require Data Protector Inet service to run under a different username/Windows
Domain account instead the system account. Examples are:
- MS SharePoint
- MS SQL
- Oracle/SAP
- Informix
Lotus, DB2 and Exchange (Server and single-mailbox) and others do not require running Data
Protector Inet service on a special account.
In Windows Server 2003 this can be achieved by simply restarting the Data Protector Inet service
under a different user account. For other supported Windows operating systems, like Windows
Server 2008, this in no longer allowed!

Module 16
Windows 2008 recommends that inet be run under system account at all times!
Otherwise it may cause problems if it runs under a username that has insufficient privileges for
running others of the various tasks the inet process has. Therefore, Data Protector uses alternative
concept: User Impersonation. It means that, although the Data Protector Inet service runs under
the Windows local user account SYSTEM, the service can impersonate a Windows domain user
account and can consequently start the integration agent under that user account.
Although impersonation can be applied to several OS versions, Data Protector supports it only on
Windows 2008 or higher.
To enable the Data Protector Inet service impersonation, Windows domain user account must be
specified in the backup specification or in the restore wizard and the user account (including its
password) must be (prior to backup or restore) saved in the Windows Registry under hidden key,
passwords in encrypted form. The user account must be configured, and hence saved locally in the
registry subsequently, on client where it will be invoked by Data Protector Inet service for
impersonation during backup or restore operations.
Impersonation in Cluster Environment

In a cluster, you must configure the Data Protector Inet service for all cluster nodes. The Windows
domain user account that is used must be given the following Windows operating system Security
Policy privileges:
• Impersonate a client after authentication

• Replace a process level token

Module 16
16-21. SLIDE: Creating Impersonator Users
Creating impersonator users

Right click client
Required information to access
impersonation
username, domain, and password menu
GUI:
• Change to Clients context
• Right click on client
• Select Add Impersonation
• Follow the wizard
CLI: Local on DP Client : omniinetpasswd –add

Central on CM : omnicc -impersonation -add_user –user
Creating Impersonator Users
User account names that will participate in impersonation in backup or restore operations must be
created prior before deploying them. They can be configured in two ways, using the:
1. Data Protector GUI

2. Data Protector CLI
Impersonation Prerequisites
Data Protector Inet service needs to have the following information in order to impersonate a user:
• Username
• Domain
• Password
The passwords are encrypted and stored in the Registry of the client systems! If user passwords
are changed (e.g. due to policies) then Data Protector Inet service user configuration on clients
must be changed accordingly.

Module 16
Moreover, the user account that will participate in impersonation must have the following
properties:
• Grant the user appropriate permissions to access data (for example,

application data)
• Ensure that the user is added to the Data Protector admin or operator user
group
Configuring Users via GUI to Impersonate

Follow the steps below to configure user accounts that will be used to impersonate, via GUI:
1. In the Context List, click Clients

2. In the Scoping Pane, expand Data Protector Cell and then Clients
3. Right-click the client and click Add Impersonation
To modify or delete a user, click Modify Impersonation or Delete Impersonation,

respectively
4. In the Select Client Systems page, select the client systems for which you want to
configure the Data Protector Inet service user impersonation and click Next

Module 16
In the Add, delete or modify impersonation page, add a new user account, or modify or
delete an existing one, and click Finish
A confirmation message, as shown below, appears confirming that the user account has been
added (to the registry) that will take part in potential impersonations:

Module 16
Verify that the user has been created by issuing the omniinetpasswd command, on CLI, as
follows:
CLI: omniinetpasswd -list

SAPCER@ERP
Configuring Users via CLI to Impersonate

Follow the steps below to configure user accounts that will be used to impersonate, via CLI using
the omniinetpasswd or omnicc command.
The user account that will potentially be used to impersonate can be created locally on the client
where it will be deployed.
Log in to the DP Client and, from the DP_HOME\bin directory, run:
CLI: omniinetpasswd –add <User@Domain> <Password>
Besides the local configuration directly on the client there is also a command to set up a user
account for the user impersonation on multiple Data Protector clients, use the omnicc command
Log in to the Cell Manager and, from the DP_HOME\bin directory, run:
CLI: omnicc -impersonation -add_user

-user <User@Domain>
-host <ClientName1> -host <ClientName2>
-host <ClientName3> -passwd <Password>
For details on the omniinetpasswd and omnicc commands, see the HP Data Protector Command
Line Interface Reference.

Module 16
16-22. SLIDE: Changing the Web Password
Changing the Web Password
No old
password by
default
Password encrypted and saved on DP Cell Manager

in DP_CONFIG\users\WebAccess
Changing the Web Password
When Data Protector is installed on the Cell Manager, there is a web user called java inserted into
the Admin group. There is no password required to access the Web Reporting applet by default! To
provide more security it is recommended to password protect the web functionality. The protection
requirement is largely due to the fact that through the web interface, notifications and report
groups may be modified, as well as the cell data is available. To set the Web User Password open
the Data Protector GUI, change to the Users context and select Set Web User Password from the
Actions menu on top. If you configure the password the first time leave the Old password filed
empty and just specify the new password. Press OK to confirm.
The Web password will be encrypted and stored in the file
WINDOWS : DP_CONFIG\users\WebAccess
UNIX : DP_CONFIG/users/WebAccess
on the Cell Manager. This file exists as an empty file by default! Removal of the file will prevent a
new password from being created, so create a new empty file in case old password got lost.

Module 16

Module 17 — Auditing
Objectives
• understand and explain the available auditing methods
• activate and configure backup auditing
• create an backup audit report for a defined interval
• activate and monitor enhanced event logging
Contents
Module 17 — Auditing 1
17–3. SLIDE: Auditing overview ........................................................................................................ 2
17–4. SLIDE: Backup session auditing .............................................................................................. 3
17–5. SLIDE: Enhanced Event logging .............................................................................................. 7
Module 17
Auditing
17–3. SLIDE: Auditing overview
Auditing overview
Note : Both methods are deactivated as default

Auditing overview
Data Protector provides two independent auditing methods:
• Backup session auditing

• Enhanced Event Logging
Backup session auditing was mainly driven due to administrative concerns and the Sarbanes-
Oxley regulation (see: http://en.wikipedia.org/wiki/Sarbanes-Oxley_Act)
A need arose for Data Protector to be able to store information about all backup tasks that were
performed over extended periods for the whole cell backup environment, and to be able to provide
this information on demand of a member of the DP admin group.
Enhanced event logging is a security feature that tracks all GUI based modifications on
specifications (backup, copy and consolidation), on devices and media, user configurations and
tracks all client agent installations/upgrades/removals in the Data Protector Event Logs.
Note: Both methods are deactivated after a Data Protector Cell Manager installation and
need to be manually activated by setting global file parameters like explained on
the next pages.

Module 17
Auditing
17–4. SLIDE: Backup session auditing
Backup session auditing

Located under :
Internal Database - Auditing Select Interval to Audit
Backup session auditing …

keeps track all backup
sessions independent from
configured DP IDB Data and Activation via global file parameter :
Catalog protection AuditLogEnable=1
Backup session auditing
Backup session auditing stores information about performed backup session, used media and
Backed up objects outside of the Internal database in encodes files. These files are non-tamper
able to prevent direct alteration of the stored information and backed up as part of a Data
Protector IDB backup.
To activate backup session auditing set the parameter AuditLogEnable in the global file to 1:
# AuditLogEnable=0 or 1
# default: 0
# This option enables or disables the logging of auditing
# information. By default, the auditing information is not logged.
# If the value is set to 1, the auditing information is logged.
No restart of the Data Protector services is required.

Module 17
Auditing
After activation Data Protector starts logging information about performed backups in encrypted
format into special files named:
• Session related information> <YYYY>_<MM>_<DD>.ses

• Object related information> <YYYY>_<MM>_<DD>.obj
• Media related information> <YYYY>_<MM>_<DD>.med
that are located in the following location:
Windows : DP_VAR\log\server\auditing
UNIX : DP_VAR/server/log/auditing
Example:
These files are backed up as part of the IDB backup without any special configuration.
The default retention time of these audit files are 90 month. This retention time can be configured
via global file parameter AuditLogRetention:
# AuditLogRetention=0 or NumberOfMonths
# default: 90
# Specifies how long (number of months) audit log files are kept
# before being purged. Audit logs are purged on a monthly
# basis, meaning that the session information for an entire month
# is removed after the specified number of months.
# By default, the audit log is retained for 7,5 years (90 months).
# If the value is set to 0, audit log purging is disabled.

Module 17
Auditing
Backup audit report creation from the GUI
In order to create a backup audit report open the DP GUI and change to the Internal Database
context and extend Auditing. Choose a Search Interval from the drop down menu or select
Interval and define your own Start and End date.
Search interval selection
After search interval selection click on the Update button to get the list of performed backup
sessions. Click on a session to see the used media and backed up objects of that session.
Backup audit report

Module 17
Auditing
Backup audit report creation from the CLI
Audit report generation can also be triggered from the CLI via the omnidb –auditing command and
can be used for scripting or 3rd party tool integration.
CLI: omnidb –auditing </timeframe StartDate EndDate>

<-since Date –until Date> <-last NumberOfDays>
<-detail
Example:
omnidb -auditing –last 10 -detail
2013/10/16-3 Quick Start2 Completed full 2012-10-16 13:50 2012-10 -16 13:50
VMW39201\ADMINISTRATOR@vmw39201.deu.hp.com c9272e10:507bf7dc:09f4:0005
Default File_68 7488 WinFS vmw39201.deu.hp.com:/C "C:" Completed
Option description:
auditing display auditing information

timeframe StartDate EndDate specifies the time frame that will be considered
for the audit report.
since Date until Date specifies the start and end date of the time frame
last NumberOfDays specifies the duration of the time frame
starting from the current date.
detail displays session details: IDs of media used during a
particular session, object names, and object completion
status

Module 17
Auditing
17–5. SLIDE: Enhanced event logging
Enhanced event logging

Located under :
Reporting – Event Log
Tracks all GUI based user operations with

timestamp, event description and
username@<domain/system name>
Activation via global file parameter :

EventLogAudit=1
Enhanced event logging
The Data Protector Event Log represents a centralized event management mechanism, dealing
with specific events that occurred during the Data Protector operation. This event logging can be
enhanced to track all GUI based user operations as a Data Protector event.
In detail the following modifications are tracked>
• specification modifications (backup, copy, consolidation)

• logical device modifications (creation, modification, deletion)
• media and pool changes
• user management changes
• client push installation actions *add, upgrade, check, delete, export(
As previously mentioned the feature is not activated as a default.
To enable the enhanced Data Protector Event Logging set the following global parameter to 1:

Module 17
Auditing
# EventLogAudit=0 or 1
# default: 0
# This option enables (1) or disables (0) logging of GUI-related user actions
# into the Data Protector event log. Logging is disabled by default.
Note: A restart of the Data Protector services is required after global parameter
EventLogAudit was changed.
The data being logged in case of an event of type User Operation is:
• the name of the operation, or multiple operations separated with a comma
• username and host from which the GUI user triggered the operation
• description of performed operation
Example1:
Backup specification deleted by administrator
Example2:
Device FJ_Drive5 deleted by administrator

Module 17
Auditing
Any of the following specification modification will cause an event in the Data Protector Event log:
• Schedule Reset operation

Message: Operation “Schedule Reset” was performed by user <USER> on backup
specification(s) <SPECIFICATION>.
• Schedule Disable operation
Message: Operation “Schedule Disable” was performed by user <USER> on backup
• Delete a specification
Message: Operation “Delete” was performed by user <USER> on backup specification(s)
<SPECIFICATION>.
• Specification modifications
Message: Operation “Specification Modification” was performed by user <USER> on backup
• Change group of a specification
Message: Operation “Change Group” was performed by user <USER> on backup
• Apply template to a specification
Message: Operation “Apply Template” was performed by user <USER> on backup
Event Logs are stored on the Cell Manager in the following location:
Windows : DP_VAR\log\server
UNIX : DP_VAR/log/server
and named OB2EventInfo.dat, OB2EventLog.dat and OB2EventLog.txt.
Note: Data Protector Event Logs are not backed up as part of the IDB backup.
In order to get a backup of the Data Protector Event Logs include the log directory
in the Data Protector Cell Manager Filesystem backup

Module 18 Disaster Recovery
Objectives
• List the Data Protector methods to perform a Disaster Recovery
• Explain the four phases to recover a system from a disaster
• Perform a Disaster Recovery using EADR
Contents
Module 18 Disaster Recovery 1
18–3. SLIDE: Overview Disaster Recovery ....................................................................................... 2
18–4. SLIDE: Disaster Recovery Phases ........................................................................................... 4
18–5. SLIDE: DRM for EADR and OBDR ............................................................................................. 5
18–6. SLIDE: Phase 0 a: Perform a full backup ................................................................................ 6
18–7. SLIDE: Phase 0 b: Create DR Image 1/4.................................................................................. 7
18–8. SLIDE: Phase 0 b: Create DR Image 2/4.................................................................................. 9
18–9. SLIDE: Phase 0 b: Create DR Image 3/4................................................................................ 10
18-10. SLIDE: Phase 0 b: Create DR Image 4/4 ............................................................................... 11
18-11. SLIDE: Phase 1: Booting the recovery image ....................................................................... 13
18-12. SLIDE: Recovery Method/options GUI .................................................................................. 14
18-13. SLIDE: Recovery progress monitor GUI ................................................................................ 16
18-14. SLIDE: DR on Dissimilar hardware........................................................................................ 17
Module 18
Disaster Recovery
18–3. SLIDE: Overview Disaster Recovery
Disaster Recovery (DR) methods

(1) (1)
Enhanced One Button
Automated DR DR
(EADR) (OBDR)
(2)
Assisted Automated
Manual DR System Recovery
(AMDR) (ASR)
(3)
Disk Delivery
DR
(DDDR)
1 … preferred method
2 … supported on older Windows version only
3 … supported on Unix only
Overview Disaster Recovery
A disaster is any situation in which a system does not function properly, whether due to human
error, hardware failure, or natural disaster. In these cases, the root (boot) partition of the system is
not available, and the environment needs to be recovered before the normal restore operation can
begin. This includes a Hardware recovery, followed by re-partitioning and re-formatting the boot
partition. Afterwards recover the operating system with all the configuration information that
defines the environment. This step must be complete before any user or application data can be
recovered.
Disaster recovery cannot be purchased as a predefined, easy-to-use solution. It is a complex task

that involves extensive planning and preparation before execution. You must have a well-defined,
systematic process in place to prepare for, and recover from, disastrous situations
Preparing for a Disaster Recovery

Carefully follow the instructions in this section to help you prepare for disaster recovery.
Preparation is necessary, regardless of the chosen disaster recovery method.

Module 18
Disaster Recovery
There are three components of the Data Protector architecture that may require recovery:
• Client System
Recovery of a client system may be necessary because of hardware failure, or corruption or
loss of critical system software or configuration.
• The Data Protector Database
It may be necessary to recover the Data Protector database if it becomes corrupted and
beyond repair with normal database maintenance tools. The database must also be
recovered as a part of the cell manager recovery procedures if the cell manager fails.
(The IDB recovery is covered in the Internal Database module of this course)
• Cell Manager System

The cell manager system recovery is more complicated than a client system, as it holds the
Data Protector database and software. This database is not available during disaster
recovery of the Cell Manager, so offline recovery is necessary.
Data Protector Disaster Recovery methods

• One Button Disaster Recovery (OBDR) is a LTO tape devices functionality that allow a system
to boot from a tape media that was previously prepared by Data Protector
• Enhanced Automated Disaster Recovery (EADR) is a Data Protector Disaster Recovery method
that allows automated or semi-automated recovery of a failed system. In difference to OBDR
no special hardware is required.
• Automated System Recovery (ASR) was the preferred DR method for Windows XP and 2003
and provides for automated operating system recovery for those Operating systems. It is no
longer supported by Microsoft in newer Windows versions
• Assisted Manual Disaster Recover (AMDR) assists the user while performing a manual disaster
recovery in performing a post-operating system installation recovery. Data Protector provides
a “mini-server/agent” installation with automated tools.
• Disk Delivery Disaster Recover (DDDR) is a Data Protector Disaster Recovery method that
utilizes the “Restore into” feature to perform a full restore of the recovery data onto a new
disk that is later connected to the failed system. This method is currently only supported for
UNIX systems.
Note This module focuses mainly on EADR as the current preferred DR method that is
supported on Windows and Linux OS.

Module 18
Disaster Recovery
18–4. SLIDE: Disaster Recovery Phases
Disaster Recovery Phases
4 phases to bring the system back:
Full client backup and IDB backup (CM only). Prepare and update
Phase 0: Preparation the System Recovery Data File. Prepare DR OS image.
Boot the system from the DR CD or over the network or from the
Phase 1: Configuration USB drive and select the scope of recovery.
Automatic restore of critical volumes.

Phase 2: Re-activation
Additional steps are required to perform advanced recovery tasks.
Restore user and application data using the standard Data

Phase 3: Restore Protector restore procedure.
Disaster Recovery Phases
The disaster recovery process requires 4 phases:
Phase 0: Preparation
• Perform full client backups and IDB backup (Cell Manager only)
• The backup creates a System Recovery Data (SRD) that contains information about the used
backup device and media. In case of a CM recovery the IDB is not available and the SRD file is
used. Make sure you have a copy of the SRD file outside of the CM for usage if CM is down.
• Update the DR OS Image after hardware/software changes
• In case AES encryption is used, it is necessary to export the encryption key on a removable
media, so that it is available during the DR process.
Phase 1: Boot the DR OS
• Replace any faulty hardware and boot the system from the DR Image
• Select the scope of the recovery
Phase 2: OS configured and Data Protector installed
• Critical volumes are automatically restored
• (including the boot partition, OS, and the partition containing Data Protector)
Phase 3: Restore missing data
• Restore any data not restored from the Phase 1 and 2 using Data Protector

Module 18
Disaster Recovery
18–5. SLIDE: DRM for EADR and OBDR

DP Disaster Recovery Module (DRM)
EADR and OBDR requires installation of DPs
Automatic Disaster Recovery Module
on the DP client system
Local Disaster Recovery Module Configuration Files

• for DR special configuration files exist on the DP client: drm.cfg and kb.cfg
• Location: <DP_HOME>\bin\drim\config
• drm.cfg file contains tunable parameters that affecting the DR process
• kb.cfg file list additional drivers that should be loaded at DR time
• for drm.cfg activation copy existing template file drm.cfg.tmpl to drm.cfg
DP Disaster Recovery Module for EADR and OBDR
To prepare the system for Disaster you need to install a special Data Protector component on the
client, the Automatic Disaster Recovery Module (DRM). The module supports EADR and OBDR. The
component can be push-installed via DP GUI together with the other modules.
The module contains configuration files that allow changing the recovery process:
• drm.cfg- configuration file with setting for the recovery process
• kb.cfg configuration file that allow to specify additional drivers for DR
Both file are located on the client that got the DRM module installed under:
Windows: DP_HOME\bin\drim\config
These files do not exist on Linux, while OBDR and EADR are supported on Linux as well.
While kb.cfg file is available on the client after DRM installation the drm.cfg file only exist as a
template file (drm.cfg.tmpl) and need to be copied/renamed as drm.cfg to become active.

Module 18
Disaster Recovery
18–6. SLIDE: Phase 0 a: Perform a full backup
Phase 0 a Preparation: Perform a full client backup
Phase 0a:
1. Run a full backup of your DP client that
includes all Mount points/Drive letters
2. Specify option:
Backup share information for directories
3. Optional: Specify option

Copy Recovery Set to disk
if bootable image should be created during backup
DR image is placed on the CM as:

<DP_CONFIG>\dr\p1s\<hostname>.img
Phase 0 a: Perform a full backup
In Phase 0 the Data Protector EADR process collects all relevant environment data automatically at
the time of backup. During a full client backup the data required for temporary DR OS setup and
configuration is packed in a single large DR OS image file.
The DR OS image file contains all of the necessary information and files to install a minimal
operating system which is later used for full restore session; included information is the data about
partition type, size and all operating system boot, necessary driver files.
This information may be stored on the Cell Manager in the DP_CONFIG\dr\p1s directory and is also
stored on the on the backup tape or disk device.
To store the full DR image on the Cell Manager,

a WinFS file-system option must be enabled:
Copy full DR Image to disk
By default is option is not checked.

Module 18
Disaster Recovery
18–7. SLIDE: Phase 0 b: Create DR Image 1/4
Phase 0 b Preparation: Create DR Image 1/4

Phase 0 b.
Use the Enhanced Automated Disaster Recovery wizard to prepare a DR CD ISO image
from the DR OS image file of the affected system
• Select the Host to be recovered

1.
• Select the system used for DR
2. Media Creation(*)
1 • Select EADR
3.
2
• Select Source for DR Media Set
3 4.
• Click Next to continue

5.
4
(*) Recovery Media Creation Host requires:

5 • Same OS as Host to be recovered
• DA+ DR Module installed
• Windows AIK/ADK installed
Phase 0 b: Create DR Image 1/4
b. Within the DP GUI change to the Restore context, click on Tasks at the bottom to start the
Disaster Recovery wizard. The wizard will guide you to the process to create a bootable DR ISO
image that can be used for recovery.
Note: The Disaster Recovery wizard can be used for DP Image creation of any DP Client after the
disaster occurs. The client does not have to be available for the a successful image creation
The client needs to fulfill the following requirements before the wizard can be used:
• The client has/had the DP Disaster Recover (DR) Module installed
• A full backup (plus incremental) backups was performed after the DP DR Module was
installed
On Windows Vista/7, Windows Server 2008/2012 (incl. R2 versions) systems, you can create a
bootable network image or a bootable USB drive version instead of a bootable CD.
On the initial page of the wizard perform the following steps:

1. Select the client system you need to recover
2. Select the creation system that should be used for the image creation, as the original
system might not be available anymore.
The creation host need to fulfill the following requirements:

Module 18
Disaster Recovery
• Same OS installed as used of the host to be recovered

• Data Protector Disk Agent and Disaster Recovery Module needs to be installed
• Windows AIK/ADK needs to be installed (see Slide 18-10 for more information)
3. Select EADR as Disaster Recovery Method.
4. Select the Source for the DR Media Set that can be one Backup session with all objects
included or a set of different sessions you want to pick up individually for each object.
5. Hit Next to continue with the wizard
If the full client backup was encrypted, the encryption key has to be stored on a removable
medium. For details see HP Data Protector Disaster Recovery Guide

Module 18
Disaster Recovery

Option: Backup session
Option: Volume List
Select a whole session or

individual sessions for each
objects for the DR Media Set
Depending on the made selection on the initial page of the wizard you either need to select a
session that will be restored on the failed client (Option Backup session) or a select a set of
sessions to restore if client objects were backed up in different sessions (Option Volume List).
Click Next to continue with the wizard.

Module 18
Disaster Recovery

The DR Images requires access now to the Recovery Set ,
DR related data that was collected during backup.
Recovery Set created

at Backup Time
Option: Path to the recovery set file loads the

Option: Restore recovery set file from a backup
<hostname>.img file from the specified location
starts a restore session
(input required, no default configured)
In the next window make the selection about how Data Protector should attempt to get access to
the Disaster Recovery information that were collected during the last CONFIGURATION object
backup of that client. A session sample from such a CONFIGURATION backup is shown below:
[Normal] From: VBDA@vm2.dpdom.com "CONFIGURATION:" Time: 8/15/2014 2:08:08 PM

Successfully collected system recovery data.

Storing phase 0 log file into the Recovery Set archive.

Starting the verification of the Recovery Set archive.

Successfully collected Automatic DR data.
The information was backed up together with the system data on your selected target device. If
you specified the backup option Copy Recovery Set to disk in your used backup specification the
information was copied in addition to the Data Protector Cell Manager under DP_CONFIG\dr\p1s.
In this window specify, if Data Protector should extract the Recovery Set from the CONFIGURATION
backup (This selection triggers a restore!) or read from the specified location. Hit Next to continue.

Module 18
Disaster Recovery
18-10. SLIDE: Phase 0 b: Create DR Image 4/4
• Select the Image Format

1.
• Select the Destination Folder

2.
1
• Optional: Specify a Password 3
3.
• Check/Add required drivers 2

4.
• Click Finish to start ISO Creation

5. 4
Note: DRM needs Windows AIK/ADK installed on the Creation host
In the last DR wizard windows specify the Image Format and Destination Folder of the bootable
image. The created image file is named recovery.iso.
Note: Data Protector only creates the bootable iso file. Afterwards you need to manually record it
to a CD or copy it to the USB drive or Network share.
To create a DR OS image for Windows Vista and later releases, you must install the appropriate
version of Windows Automated Installation Kit (AIK) or Assessment and Deployment Kit (ADK)
on the selected creation system:
• Windows Vista and Windows Server 2008:

Automated Installation Kit (AIK) for Windows Vista SP1 and Windows Server 2008
• Windows 7 and Windows Server 2008 R2:

Windows Automated Installation Kit (AIK) for Windows 7

Module 18
Disaster Recovery
• Windows 7 and Windows Server 2008 R2 SP1:

Windows Automated Installation Kit (AIK) Supplement for Windows 7 SP1 (optional, for
Microsoft Windows 7 SP1 and Windows Server 2008 R2 SP1)
• Windows 8 and Windows Server 2012:

Assessment and Deployment Kit (ADK 1.0) for Windows 8 and Windows Server 2012
In case a bootable USB drive will be used for DR:

• the size of the USB storage device is at least 1 GB
• the target system supports booting from the USB device. Older systems may require a BIOS
update or might not be able to boot from an USB storage device at all.
In case a bootable Network image will be used for DR:

• On the target system, the network adapter is enabled to communicate through the PXE
protocol. The BIOS of this system should be compliant with the PXE protocol.
• Windows Deployment Services (WDS) server is installed and configured on the Windows
Server 2008 and later Windows systems. WDS server must be either a member of an Active
Directory domain or a domain controller for an Active Directory domain.
• A DNS server and a DHCP server with an active scope are running in the network.
• To back up the IIS configuration object residing on a Windows Vista and later releases,
install the IIS 6 Metabase Compatibility package.
Insert Drivers
This field contains a list of drivers the user selected to be injected into DRMiniOS. The user has the
possibility to specify missing driver(s) thus enabling them to be injected into DRMiniOS.
Note: Click on Inject to include the default drivers in the bootable image.
Starting with Data Protector 9.00 default drivers are automatically included.
The .iso file has been created in the specified destination folder (approx. 200-300MB)

Module 18
Disaster Recovery
18-11. SLIDE: Phase 1: Booting the recovery image
Phase 1 Configuration: Booting the recovery

Phase 1:
a. Replace the faulty hardware
b. Boot the target system from the disaster recovery CD, USB flash drive, or through the
network and select the scope of recovery. This is a completely unattended recovery.
The very first BMDR GUI element

kicks in during Phase 1, right after DR
MiniOS is loaded
Phase 1: Booting the recovery image
The new BMDR GUI is invoked in Phases 1 and 2a of the Disaster Recovery process. By showing up
during these DR phases, it has effectively replaced the previously used Command Line Interface
that was used until DP 6.2.
The screenshot above shows the first GUI dialog window that is presented right after successfully
loading DR MiniOS.
Special: Virtual - to – Virtual (V2V) DR :

The .iso image can be stored on a Datastore (VMware environment). In case of a DR, the VM is
created (only the virtual HW!) and the .iso image is mounted. After powering on the VM it starts
booting from the DR image.

Module 18
Disaster Recovery
18-12. SLIDE: Recovery Method/options GUI
Recovery Method/options GUI
After system environment

initialization process
successfully concludes the
Recovery Options window “Full Recovery” triggers all
is shown necessary restores after the
miniOS reboot
Dissimilar HW allows to
restore with different
Select the appropriate:
HW then the original
• Recovery Method and system had.
• Recovery Options
To start recovery of the
target client, click Finish
Recovery Method/options GUI
After the target DP Client system has been initialized, the Recovery Method as well as Recovery
options must be selected, in the Recovery Options GUI dialog box, as shown above. Click Finish
after selecting both options.
The following is a list of what the various Recovery Method options mean:
• Default Recovery: Recover the boot, system and Data Protector volumes
• Minimal Recovery: Recover only the boot and system volumes
• Full Recovery: Recover all volumes in the Restore Set
• Full with Shared Volumes: The option is displayed only for cluster nodes. In such case all
volumes in the Restore Set including cluster shared volumes will be recovered. If any other
option is selected, shared volume restore is excluded.
The following is a list of what the various Recovery Options mean:
• Restore DAT (checkbox): Restore VSS writer files (COM+, License, Registry, Profile and
WMI). By selecting this option user can choose if and when the writer files should be
restored.
• Restore BCD (checkbox): Restore Boot Configuration Data (BCD) data. By selecting this
option user can choose if the BCD data should be restored or not.

Module 18
Disaster Recovery
• Dissimilar Hardware: To enable dissimilar hardware functionality user has to select one of
the available methods from list “Generic” or “Unattended”. It is recommended to use
“Generic” only if “Unattended “ fails.
• Remove Devices: This checkbox is enabled only if dissimilar hardware functionality is

enabled. This option, if checked, will remove original device entries from the restored OS
registry.
• Manual Map Cluster Volumes: Enabled only for cluster environments. Enables user to
manually map cluster volumes.

Module 18
Disaster Recovery
18-13. SLIDE: Recovery progress monitor GUI
Recovery progress monitor GUI
After hitting Finish, the

Recovery Progress monitor
GUI shows the target client
recovery progress
The Progress windows

displays progress of each
system reconfiguration
task, in sequence
Note:
You can follow the restore process in the “Monitor” context in the DP GUI.
Recovery progress monitor GUI
After selecting the Recovery Method as well as Recovery options and hitting Finish, the, recovery
process commences and its progress can be monitored in the GUI window, as shown above.
Data Protector GUI during the recovery process

Module 18
Disaster Recovery
18-14. SLIDE: DR on Dissimilar hardware
DR on Dissimilar Hardware
DR on Dissimilar Hardware support enables restore of a system backup to
partially or completely different type of hardware
• physical to virtual, or virtual to physical, are supported
• DISSHW restore does NOT have any chip-manufacturer dependencies (Intel or AMD), thus enabling
cross platform restores as:
X86 (AMD or Intel) to X86/X64 (AMD or Intel)
X64 (AMD or Intel) to X64 (AMD or Intel)
DR on dissimilar hardware use-cases

• boot-critical hardware (e.g., motherboard, processor, etc.) fails and must be replaced with non-identical
hardware
• no matching hardware can be procured due to limited budget or original HW is too old to replace
• moving a physical machine to a virtual environment or vice versa (P2V or V2P)
Note: Dissimilar HW DR support is enabled by default

To disable it on a client: Before backup edit the file drm.cfg and set enable_disshw = 0
DR on Dissimilar hardware
When a system is in a non-bootable state for any reason (e.g. hardware failure) or when the user
wants to restore the system to dissimilar hardware, Disaster Recovery to Dissimilar Hardware
helps the user to recover the corrupted/moved system.
DR on Dissimilar HW is supported in both directions, i.e., from physical to virtual, and virtual to
physical! Moreover, DP 6.2 DR on Dissimilar HW is independent of chip-manufacturer (AMD or Intel)
technology. This facilitates straight forward cross-platform restores as in the following cases:
1. X86 (AMD or Intel) to X86/X64 (AMD or Intel)

2. X64 (AMD or Intel) to X64 (AMD or Intel)
The following brief description provides some common use cases of dissimilar hardware restore
Hardware failure
In cases where some of the boot critical hardware (i.e. Storage Controller, Processor, Motherboard)
fail and must be replaced with a non-identical hardware, the only restore option would be a restore
to dissimilar hardware.
Disaster
In total machine disaster scenarios where:

Module 18
Disaster Recovery
• no matching machine hardware can be found (because of limited budget, the crashed
machine’s age, or other causes)
• down time cannot be afforded, and system must be up and running immediately
In these situations the only restore option would be to resort to dissimilar hardware recovery.
Deploying dissimilar hardware restore would probably mean lower budget cost since no exact
clones of the original systems are needed.
Migration
Migration scenarios applicable are:
• moving to another machine (i.e. to faster or newer hardware) where OS reinstallation and
reconfiguration is not an option
• moving to or from virtual environment. Dissimilar hardware restore would be the only
option in cases where user would like to move physical machine to virtual environment or
via versa. One of the reasons why user would move to virtual environment is the cost
benefit, whereas migrating to physical environment is primarily done for reasons of
performance
From DP’s point of view, a virtual environment is just another hardware platform, for which the
correct critical drivers must be provided in order to restore a system backup taken on some other
virtual or physical platform.
Dissimilar Hardware DR support is enabled by default! In order to disable the functionality on a

machine, set the enable_disshw option to 0 in the DRM configuration file drm.cfg.

Module 18
Disaster Recovery

Module 19 — Patching
Objectives
• understand and explain the Data Protector strategy to address product issues and limitations
• download and install Data Protector GR Patches on Cell Manager, Installation Server and Data
Protector Clients
• query Data Protector Clients to get a list of installed GR Patches
Contents
Module 19 — Patching 1
19–3. SLIDE: Data Protector Enhancements and Fixes .................................................................... 2
19–4. SLIDE: How to download Fixes and Enhancements................................................................ 4
19–5. SLIDE: Download from Software Support Online (SSO) ......................................................... 5
19–6. SLIDE: GR Patch Installation ................................................................................................... 8
19–7. SLIDE: Step 1: Update the Installation Server (IS) .................................................................. 9
19–8. SLIDE: Step 2: Update the Client ........................................................................................... 10
19–9. SLIDE: List installed Data Protector Patches ........................................................................ 11
Module 19
Patching
19–3. SLIDE: Data Protector Enhancements and Fixes
Data Protector Enhancements and Fixes
General Release
(GR) Patches
Site Specific
Patches (SSP) Scheduled cumulative fix
bundle, build for each
Tested Patch Pre- Data Protector agent on
Release to address all supported Cell
urgent issues in a Managers/ Installation
Test Modules short timeframe Server
Result of a Support Call
to fix an isolated
customer problem
Data Protector Enhancements and Fixes
HP Data Protector is a powerful product that offers a lot of functionality on nearly all the available
Operating Systems. Before release each version of Data Protector is extensible tested in large and
complex test environments, but it is not possible to validate all possible combinations of supported
Hard- and Software components. If you discover any malfunctions contact HP Support or search on
the Software Support Online portal for existing fixes or solutions.
In Data Protector there are three different types of fixes:

• Test Modules (TM)
• Site Specific Patches (SSP)
• General Release (GR) Patches
A Test Module is generated in the Product Support labs as a result of a Support call to fix an
isolated Data Protector issue that was reported by the customer. This fix is created for a specific
Operating System, Processor type and Data Protector version to address the customer needs.
Typically it consists of one or more binaries that need to be manually installed on the customer
system. Once the customer has validated the fix in his environment, this fix is ported to other Data
Protector versions and OS releases if they are impacted by the reported problem as well.
Together with other Test Modules that were built for other customers to address different product
issues, these fixes are released within General Release Patches.

Module 19
Patching
Beside fixes, these GR Patches are also used to introduce new product features like the support of
new Backup devices, Operating system or Database Integration versions. GR Patches are created
for each Data Protector module (e.g. Disk Agent Patch, Media Agent Patch, SAP Integration Agent
Patch ...), for each supported Data Protector version and always contain a complete Data Protector
agent. All GR Patches are cumulative patches, so every GR Patch contains all the fixes from the
previous GR Patches and there is no need to apply older version of the patch first. They are built as
packages including an installation routine and installation instructions. Some GR-Patches have
dependencies to other Data protector GR Patches. Check the patch installation instructions for
details.
GR Patches have committed release dates and typically rolled out 3-4 times a year. In order to
provide a fast solution for critical Data Protector issues before the rollout data of the GR Patch a
Site Specific Patch can be created by HP Support. A Site Specific Patch contains validated Test
Module(s) with installation instructions and documentation and considered as official fix for
reported problems that impact a large number of customers. Similar to Test Modules also Site
Specific Patches are consolidated by GR Patches. Which Site Specific Patches and Test modules are
consolidated within a certain GR Patch is listed in the respective Patch documentation.
GR Patches can be bundled as Patch Bundle for a One-Step installation. Data Protector Patch
Bundle BDL901 is the most recent example for such a bundle. In difference to regular GR patches
the Patch Bundle has to be installed first in the environment before newer GR Patches, Site Specific
Patches or Test Modules can be applied to the Data Protector cell, regardless to whether the new
patched component was part of the Patch Bundle or not.

Module 19
Patching
19–4. SLIDE: How to download Fixes and Enhancements
How to download Fixes and Enhancements
• No public download possible

• Contact HP Support to obtain the fix
TM
• No public download possible

SSP • Contact HP Support to obtain the fix
• Public download possible via SSO Portal

GR- • HP Passport account and SAID required
Patch
How to download Data Protector fixes and enhancements?
Test Modules (TM) and Site Specific Patches (SSP) cannot be directly downloaded. If such fixes are
referred to in the Data Protector Internet forum, Knowledgebase articles or Security Bulletins
always contact the HP Support Line. First HP Support has to verify if the found fix applies for the
concrete customer found issue. In addition they are able to query for updated fix versions and
provide assistance if the SSP or TM for the same problem, but different OS, Architecture
(32bit/64bit) or Data Protector version is required.
General Release (GR) Patches can be directly downloaded for HP Software Support Online (SSO)
portal. The details are explained on the next page.

Module 19
Patching
19–5. SLIDE: Download from Software Support Online (SSO)
Download from Software Support Online (SSO)

Link: https://softwaresupport.hp.com/group/softwaresupport/
1 1. Select Data Protector

with your version and
OS from the list of products
and hit View
2. Select the DP Patch

from the shown Patch List
3. In the Patch Description

click on the Download link
2
Download from Software Support Online (SSO)
Software Support Online (SSO) is the central place for all support related information around Data
Protector. It provides access to a searchable Knowledge base with technical solutions, product
manuals and whitepapers, support matrices and GR Patches.
The SSO portal main entrance is accessible under:

https://softwaresupport.hp.com
Access to Data Protector GR Patches requires a HP Passport

registration and a SAID Support identifier.
GR Patches for all HP Software products can be found under:

https://softwaresupport.hp.com/group/softwaresupport
Note: The SSO Dashboard page provides access to support information about all products that
are part of the configured SAID Support identifier in your HP Passport user profile.

Module 19
Patching
Use the following steps to access and download the GR Patches:
1. Under My Products select “data protector”, select your Data Protector version and OS and
click on View
2. The Software Patch table in the SSO Dashboard now lists all Data Protector patches for the
above made selection.
Click on the Data Protector patch/patch bundle you want to install to get access to patch
description and download link

Module 19
Patching
3. The new windows contains the Patch details and a direct download link.
Click on the highlighted link next to Download Patch to initiate the download
Direct Patch download link
4. Repeat this step for all patches you need to install.

Module 19
Patching
19–6. SLIDE: GR Patch Installation
GR Patch Installation
2-Step Installation
Step 1: Update the Installation Server

• Install GR Patch on Installation Server (except Cell Server Patch)
• Installation replaces push-able Data Protector Agent Depot file
Step 2: Update the Client

• Use the Data Protector GUI based “Update Client” feature to update
the client with the new agent binaries
GR Patch Installation
Data Protector GR Patch installation is always a 2-Step installation:

1. Update the Installation Server
2. Update the Data Protector client
1. Update the Installation Server

Data Protector is using a special Installation server for client installation. In order to install a
patched agent module to a client the existing agent module on the installation server need to
be replaced by the patched one. Therefore the GR Patch needs to be installed on the system
that runs the Data Protector Installation server, typically the Cell Manager system or a separate
system. Caused by the fact that a Cell Manager installation is always a local installation, the
Cell Manager GR Patch cannot be installed on the Installation Server, it has to be installed
directly on the Cell Manager system
2. Update the Data Protector Client

The updated Data Protector agent package needs to be pushed to the client system. This client
update can be started from the Data Protector GUI, using the Update Client feature.
Both steps are explained on the following pages.

Module 19
Patching
19–7. SLIDE: Step 1: Update the Installation Server (IS)
Step 1: Update the Installation Server (IS)

• Install each Patch separately on the IS
(exception: Patch Bundles like 8.13 or 9.02)
• In case of a MS Cluster setup install the
patch on the active node only, which will
automatically update the passive node
Installation Server directory:

WINDOWS : <DP_CONFIG>\DEPOT
UNIX : /opt/omni/databases
Step 1 Update the Installation Server
Before patch installation on the Installation Server run a system backup. Afterwards install all Data
Protector Patches by executing them one by one following the installation instructions that are
bundled with the patch. On Windows OS simply start the <Patch>.exe file, e.g. execute the patch
file DPWIN_00614.exe. On Linux or HPUX OS use the OS bundled installation utilities rpm and
swinstall.
Note: In a Windows Cluster environment the patch need to be installed on the active
node. In an UNIX Cluster environment the patch need to be installed on the node
that owns access to /opt/omni and /etc/opt/omni/IS.
On the Installation Server the directory with the Data Protector agent packages is located under:
UNIX: /opt/omni/databases
WINDOWS: DP_CONFIG\DEPOT (as default shared as OmniBack)
In case of multiple Installation Servers repeat the procedure for all configured Installation servers.

Module 19
Patching
19–8. SLIDE: Step 2: Update the Client
Step 2: Update the Client
2. Select the Installation server
1. Mark the DP Client and select

Upgrade from the context 3. Select Clients to update and
menu click on Finish
Step 2 Update the Data Protector Client
In order to update the Data Protector clients open the Data Protector GUI and switch to the Clients
context. Right click just one client system and select Upgrade from the context menu.
In the Upgrade Client system wizard first select the Installation Server and click on Next.
The following window shows all Data Protector clients that can be served by the chosen Installation
server, e.g. for a Windows Installation Server only Window clients are shown.
Select the clients you want to upgrade and click on Finish to start the upgrade.
Note: Make sure that there are no running Data Protector operations during Upgrade on
the selected clients. These operations (Backup/Restore, open GUI window) prevent
the upgrade process to replace all components on the client systems, so open files
cannot be replaced and remain unpatched.
Installation progress is shown in a special

window similar to the client installation
window.

Module 19
Patching
19–9. SLIDE: List installed Data Protector Patches
List installed Data Protector Patches
Mark the DP Client and

click on Patches in the
property window
CLI : omnicheck –patches -host <client>
List installed Data Protector Patches
To get a list of installed patches on a Data Protector client start the GUI, change to the Clients
context and select the client system to check. In the client system property window click on
Patches to see the list of installed patches on that selected client system.
If you want to get the patch level of the configured Installation servers select the Installation
server and similar to the client query click on Patches in the Installation Server property window.
If you want to script the Patch query use omnicheck from the CLI:
CLI: omnicheck –patches –host <hostname
Each Data Protector client maintains a local list of configuration files, located in DP_HOME, one file
for each Data Protector module patch. If a GR Patch is pushed to this client the associated
component file got updated during upgrade. In case of a Data Protector GR Patch query these files
are read.

Module 20 — Troubleshooting
Objectives
• Find the various HP Data Protector log files
• Enable the debug option
• Collect and pack debug files
• Use the HP Data Protector health check
• Do basic troubleshooting
Contents
Module 20 — Troubleshooting 1
20–3. SLIDE: Log files ........................................................................................................................ 2
20–4. SLIDE: Debug (Execution Tracing) ........................................................................................... 5
20–5. SLIDE: Debug Log Collector ..................................................................................................... 8
20–6. SLIDE: Message Details ......................................................................................................... 11
20–7. SLIDE: Network Connectivity................................................................................................. 12
20–8. SLIDE: Services ...................................................................................................................... 14
20–9. SLIDE: Backup Devices .......................................................................................................... 17
20-10. SLIDE: Backup and Restore .................................................................................................. 19
20-11. SLIDE: omnihealthcheck....................................................................................................... 22
20-12. SLIDE: HealthCheckConfig file .............................................................................................. 23
20-13. SLIDE: omnitrig –run_checks ............................................................................................... 24
Module 20
Troubleshooting
20–3. SLIDE: Log files
Log Files
Valuable troubleshooting information
can be obtained by examining the
HP Data Protector log files, located on the
Data Protector CM and Client systems
DP Log Files
DP CM only
• media.log
• omnisv.log
• sm.log
• trace.log
• HealthCkeck.log
DP Client
Location of DP Log Files • debug.log
• inet.log
DP CM only : DP_VAR\log\server • ctrace.log
DP Client : DP_VAR\log • oracle8.log,..
Log files
Data Protector operations are always flagged as business critical operations. If a backup failed or a
database cannot be restored, in any case the root cause needs to be quickly identified and resolved
in order to bring services back to normal operations. Therefore Data Protector needs to provide
valuable troubleshooting information – apart from the session reports – that can be analyzed in
order to identify and fix observed hitches.
In case of trouble, checking the Data Protector log files is always a good approach. Data Protector
writes log files on its clients and on the Cell Manager system.
The directory in which Data Protector log files are kept depends on which operating system you are
using. The following list shows the directories where the log files can be found:
UNIX:
DP Cell Manager : DP_VAR/log/server

DP Client : DP_VAR/log

Module 20
Troubleshooting
Windows:
DP Cell Manager : DP_VAR\log\server

DP Client : DP_VAR\log
The following list shows the Data Protector log files and describes their contents (not all files are
present for every version; some files have become obsolete):
debug.log Unexpected conditions are logged into this file. While some can be
meaningful to the user, it is used mainly by the HP support organization. Do
not confuse it with the DP Debugging feature that is explained in this
chapter
inet.log Requests made to Data Protector’s inet program (a program that starts
agents) are logged to this file. It can be useful to check the recent activity
of Data Protector on client systems.
media.log This is a very important file. Each time a medium is used for backup,
initialized, or imported, a new entry is made to this log. Media that contains
the Data Protector IDB backup is also marked. For this reason,
media.log can be used after disaster recovery to find the tape where
that database was backed up and what media were used after the last IDB
backup.
IS_install.log This file contains the trace of the remote installation and is located on the
installation server.
omnisv.log This file is updated when the Data Protector services are stopped and
started.
sm.log This log file contains errors that occur in backup and restore sessions, such
as errors in parsing the backup specifications.
HealthCheck.log Log file of the Daily Health check, a daily operation that performs certain
checks on the Cell Manager. Details about that check are explained later in
this module.
trace.log/ctrace.log Log file on Cell Manager (tracle.log) and on client (ctrace.log) that keeps
track of Data Protector debugging sessions, used by Debug Collector, which
is explained later in this module
oracle8.log, .. Application specific logs that contain traces of Data Protector Integration
agent backups, like Oracle log backups or Exchange server backups. These
log files are always located on the application or database systems.

Module 20
Troubleshooting
Special log files
• Internal Database log files
Logfiles of the Internal Database are not written into the default Data Protector log
directory. Any time the PostgreSQL database is started a new logfile is created with a
timestamp in the filename. So in case of a problem check also the previous logfiles.
These logfiles is are located within the Internal Database directory under:
Windows: DP_VAR\server\db80\pg\pg_log
• Installation log files
During installation Data Protector directories do not exist, so logfiles are written outside
of Data Protector within system temp directories, such as:
UNIX /tmp
WINDOWS %TEMP%
(e.g. C:\Users\<user>\AppData\Local\Temp)
For installation issues troubleshooting on Unix check also the logfiles from OS based
software installation utilities, like swagent.log on HPUX. Data Protector is silently using
these native tools for Cell Manager and client installation.

Module 20
Troubleshooting
20–4. SLIDE: Debug (Execution Tracing)
Debug (Execution Tracing)

Debug files provides highly detailed information. It can be used to trace any HP Data
Protector command, daemon, or service across the DP cell
Activation via GUI :
• File  Preferences  Debug

• Specify Debug Range
(traced functions, modules)
• Specify Debug Suffix
(debug file grouping)
• Select option
Use these settings for next restart only
Activation via CLI : add options –debug <range> <suffix> to any DP command
Example: omnib –oracle8_list DATA1_arch –debug 1-200 RMAN_01.txt
Debug (Execution Tracing)
Data Protector processes may be started in a special mode called the "debug" mode to allow for
extensive tracing of their execution. This execution tracing produces voluminous data sets which
may consume a significant amount of disk space; use with caution.
When to Enable Debugging

You should collect debugs only when the support organization requires them to resolve a technical
issue. When Data Protector run in debug mode, trace files are created for all involved Data
Protector processes on all involved clients and depending on overall run time and involved
processes these debug files will consume a large amount of disk space. Consult the support
organization about specific options you should use for the debug session, because debugging can
be limited to certain processes and client systems and debug files can be limited in space (circular
debugging).
How to Create Execution Traces

There are several methods that may be used to trace various components within Data
Protector. Below are several common methods:
• Debugging Using the Data Protector GUI (recommended)

Module 20
Troubleshooting
• Debugging Using the Trace Configuration File

• Debugging as a Command Line Option
Debugging Using the Data Protector GUI

To set the options for debugging using the Data Protector GUI, in the File menu, click
Preferences, and then click the Debug tab. Specify the debug options and restart the GUI.
The GUI will be restarted in the debug mode. Now reproduce the problem and at the end
close the GUI to stop debugging.
Debugging Using the Trace Configuration File

Edit the trace configuration file, located in:
UNIX : DP_CONFIG/options/trace
WINDOWS : DP_CONFIG\options\trace
Restart the Data Protector services for activation. To stop debugging undo the changes in
the trace file and restart services again.
Debugging as a Command Line Option

Nearly all of the Data Protector commands can be started with an additional -debug
parameter to activate debugging:
<DP command> -debug <range> <suffix>

Where:
<range> Debug range – Each Data Protector module and function own a
specific debug number and will only generate debugs if the assigned number is part of
configured debug range. Smaller ranges will cause fewer modules to generate debug
information, so the amount of debug information is small, but causes the risk of missing
important information. The default range is 1-99, unless requested otherwise by HP
Support
<suffix> String extension that is added to each debug file. It allows an easy
identification of generated trace files that belong to one debug set
Debugging ends if the command ends and the command prompt returns.
trace.log/ctrace.log
Data Protector creates a log file called trace.log on the Cell Manager whenever tracing is
enabled. This trace log contains information about when and where debug traces were
generated within the cell. On each client, a ctrace.log file keeps track of all debug sessions
on that particular client. These files are used by DP debug collector tools like the GUI based
Debug collector or the CLI based omnidlc binary to identify files to be collected for a
particular debug session (session-id based) or a particular suffix string.

Module 20
Troubleshooting
These trace files are located in the previously explained Data Protector log directory.
Default Debug file location:

UNIX : /tmp
WINDOWS : DP_VAR\tmp
Debug files are uncompressed ASCII files and named:
OB2DBG_<DID>_[<SID>]_<Program_Name>_<Host>_<PID>_<Postfix
Where:
DID is the debug ID; this is the PID of the first process that accepts
the debug parameter; all debugs are “children” of this process
SID is the session id added by backup and restore agents (MA, DA)
Program Name is the program name of the Data Protector program writing the
trace
Host is the system name where the trace file is created
PID is the process ID.
POST is the postfix as specified in the -debug parameter.
Note: The command omnicc –debug 20 Global.txt creates a Debug file that lists all active
global parameter settings

Module 20
Troubleshooting
20–5. SLIDE: Debug Log Collector
Debug Log Collector

Specific debug files from all clients and all involved processes are collected
and packed into container file on DP Cell Manager
Full GUI Integration
Specify additionally option for debug collection
Monitor progress of debug file collection
Debug Log Collector
Troubleshooting problems in a Data Protector environment can be very challenging.

In many problem cases, it is important to obtain problem details from created debug files, log files,
system and configuration data to be able to do a problem analysis, identify the root cause and fix
the problem. In order to resolve a problem in a reasonable timeframe and to avoid problems by
collecting the required information in several cycles, it is critical to collect all required problem
details (if possible) in the first cycle of collecting data. Especially in large Data Protector
environments and when dealing with complex problems this might be difficult to achieve, since
debug files and log files are spread on the various client systems in a Data Protector cell and in
various locations on these systems.
To support customers in the debug collection process Data Protector offers a CLI utility called
omnidlc, which allows the debug file collection from the CLI. This utility is also available through
the Data Protector GUI, which allows debug collection and management in a much more
comfortable way. After a problem was reproduced with debugs enabled there are two ways to
collect the generated debugs within the Data Protector GUI:
1. From the Client context by ether right click on a client name and select
Collect debug files or highlighting a client name and click on
Actions  Debug Files in the Menu Bar

Module 20
Troubleshooting
Debug Collection from Clients context
2. From the Internal Database context by ether right click on a session and
select Collect debug files or highlighting a session-id and click on
Actions  Debug Files in the Menu Bar
Debug Collection from Internal Database context
Any of the above mentioned selections will open the Debug File Collector wizard.
The wizard offers different option and filters depending if it is started from Clients or Internal
database context. In the last way a session id was already marked before, so debug collection will
focus on that particular session id and while started from Clients it is possible to specify ether by
session-id, debug-id or suffix what debugs should be collected.

Module 20
Troubleshooting
Available filter when started from Clients context
Based on the selection, the wizard will identify and include all involved client systems, will allow
the selection of additional directory or no default debug directories collected in the next window
and offers supported options and output file settings in the last window. After pressing OK the
debug file collection will start. The output file will be created on the Cell Manager system.
Include additional directories Options and Operations
A Monitor window will show the overall progress and the performed actions. It also shows the full
omnidlc command string that is executed in the background by Data Protector
After successful debug file collection the same wizard can be used to clean up all involved clients
from the generated debug files – just select Delete Debug Files from the menu to perform this
action.
Because of the large files sizes of debug files the defined target destination for the output file
might not big enough to keep the output file, so it is possible to run a preview by selecting the
Calculate debug File space option from the menu.

Module 20
Troubleshooting
20–6. SLIDE: Message Details
Message Details
2. Click on Details to see a description and

suggested actions
1. Click on Message ID to open message box
Message Details
In case of difficulties during the operation, Data Protector provides additional information with an
interactive troubleshooting dialog. You can get a detailed explanation of messages that occur
within a running session by selecting the message ID number.
An example of the error message ID number format is: [x:y]. When displayed during a session,
the message number may be selected to reveal the troubleshooting utility dialog window. The
dialog window consists of four text fields:
Message Text You will see the message as displayed in the session.
Details A check box to view the message description and action.
Description Detailed description of the error message.
Actions Possible action(s) that may be taken to solve or avoid the problem.
All error messages are stored in an ASCII file called trouble.txt that is located in the following
folder:
UNIX : DP_HOME\help
WINDOWS : DP_HOME/help/C

Module 20
Troubleshooting
20–7. SLIDE: Network Connectivity
Network Connectivity
Data Protector relies heavily on networking

Connectivity and name resolution issues are potential problem areas.
Tools: telnet <client> 5555
omnicheck -dns
DP GUI
Network Backup Local Backup
TCP/IP Disk Agent

Disk Agent TCP/IP TCP/IP
Cell Manager
TCP/IP Shared Memory
Session Session
Manager Manager
Media Agent TCP/IP TCP/IP Media Agent
Network Connectivity
Data Protector relies heavily on a proper network configuration.

During a normal backup or restore operation the Cell Manager is communicating with Media and
Disk Agents, so connection to and from the DP Agents to the Cell Manager need to work properly. In
case of a Network backup Media and Disk Agents are in direct communication with each other as
shown on the slide. If a tape library is used the robotic might be managed by a third DP client
system. Things easily gets complicated if there are multiple LAN in the customer environment and
the company request to use a dedicate Backup-LAN for all backup restore operations. In such a
setup make sure that only the FQHN/IP belonging to the Backup-LAN are configured in the DP cell.
To prevent communication or network resolution issues make sure that a consistent network
configuration is used, so tools like nslookup return the same FQHN/IP for a client query on all
involved systems.
In case of a local backup or SAN Backup Media and Disk Agent are running on the same system. In
such a setup Shared Memory is used for Data transfer from Disk to Media Agent.

Module 20
Troubleshooting
Troubleshooting DNS
In order to troubleshoot DNS problems the following command may be used to check for DNS
mismatches:
CLI: omnicheck –dns –host <client> -verbose
CLI: omnicheck –dns –host <client> -verbose
example1: checking an individual client
# omnicheck -dns -host r848c61 -verbose

DNS check: checking connection between r848c61.dow.edunet.hp.com and dlthost.atl.edunet.hp.com
DNS check: checking connection between r848c61.dow.edunet.hp.com and r848c76.dow.edunet.hp.com
DNS check: checking connection between dlthost.atl.edunet.hp.com and r848c61.dow.edunet.hp.com
DNS check: all checks completed successfully.
Example-2 checking all cell clients:

# omnicheck -dns -full -verbose
DNS check: checking connection between dlthost.atl.edunet.hp.com and r848c61.dow.edunet.hp.com
DNS check: all checks completed successfully.
Unable to connect to Inet
Data Protector Inet service needs to be available on all clients in order to perform normal
backup/restore operations. As a default the service is running on port 5555 on all OS, so in case of
connection problems check if it is possible to connect to port 5555 on that problematic client, check
also the reverse connection.
CLI: telnet <hostname> 5555
example:
telnet vmw39201 5555
Trying...
Connected to vmw39201.deu.hp.com.
Escape character is '^]'.
HP Data Protector A.07.00: INET, internal build 100, built on Sunday, July 22, 2012, 7:21 PM
Connection closed by foreign host.

Module 20
Troubleshooting
20–8. SLIDE: Services
Services
Important: All Data Protector services must be up and running!
How to check on Windows:

Check Windows Services
How to check on UNIX:

Check running processes
Windows and UNIX :

Run omnisv status
Services
Services are critical components on Data Protector systems. They are used for communication of
Data Protector components and unattended systems tasks like scheduled backups.
Due to maintenance and other system tasks, it can occur that Data Protector services are stopped
or are not installed on the Data Protector client you are targeting for backup. First, make sure that
name resolution is not a problem; see “Networking and Communication Problems.”
Data Protector Inet Service

Data Protector Inet Service is the initial contact for all Data Protector operations on a client system.
In case of a client connection issue ensure that the service is running. Connection can be validated
via telnet as shown in the previous chapter. If case of an error like connection refused, potential
reasons are:
• Data Protector Inet service is not running on the remote system.

• Data Protector is not installed on the remote system.
• Firewall or other security settings blocking access to the service port.

Module 20
Troubleshooting
Problems starting Data Protector Daemons on UNIX
The following daemons run on the Data Protector UNIX Cell Manager system:
CRS daemon /opt/omni/lbin/crs

Media Management daemon /opt/omni/lbin/mmd
Key Management Server daemon /opt/omni/lbin/kms
IDB Service /opt/omni/idb/bin/postgres
IDB Connection Pooler /opt/omni/idb/bin/pgbouncer
IDB Application Service /opt/omni/AppServer/bin/standalone.sh
These daemons are started automatically during the system’s startup.

To manually stop, start, and get the status of Data Protector daemons use the omnisv command,
that is located under
UNIX : DP_HOME/sbin
WINDOWS : DP_HOME\bin
Make sure you have the appropriate permission to run this tool.
omnisv –stop Stopping DP Services

omnisv –start Starting DP Services
omnisv –status Check Services Status
The Data Protector Inet program (/opt/omni/lbin/inet) does not run all the time like the Data
Protector Inet service on Windows. It is started by the system inet daemon (inetd) when an
application tries to connect to the Data Protector port, which, by default, is port 5555.
Problems starting Data Protector Services on WINDOWS

Data Protector runs services on both client and server systems.
The following services run on a Data Protector client:
• Data Protector Inet
The following services run on Data Protector Cell Manager:
There are many possible reasons why Data Protector services may fail to start. The majority of the
problems are often caused by permission problems, like insufficient privileges, incorrect users or
expired passwords of configured users.

Module 20
Troubleshooting
As a default CRS is running under a user account (administrator), in certain setups – if Database
Integrations like Oracle or SAP are configured - the Inet service as well. If the user password was
changed make sure that service password was changed as well and service was restarted
afterwards.

Module 20
Troubleshooting
20–9. SLIDE: Backup Devices
Backup Devices
Can another utility access the device?

tar, dd, cpio, HP L&TT.
Can the system access the device?

devbra, ioscan, Device Manager
Is the library device configured correctly?

uma
Backup Devices
When you encounter a device problem in DP, you may jump to the conclusion that it is a DP
problem. The best practice is to eliminate Data Protector as the source by accessing the device with
another utility, such as HP Library & Tape Tools (L&TT) or other non DP utilities, like tar, dd or
cpio. If the utility is unable to access the device, the problem is not with Data Protector. However, if
the utility can access the device, the problem may be with Data Protector, and further investigation
is required.
Can the system access the device? On HP-UX, use the ioscan –fnCtape command to verify
connectivity and device files. On Windows use the Data Protector command: devbra –devices, in
addition to verifying that the device is available in the Windows Device Manager.
Supported Devices (SCSITAB)
Data protector provides support for devices of many types from HP and other vendors. On the Cell
Manager is a file named “scsitab” which provides a list of all supported models. Periodically new
devices are added to this list by HP. Download the most recent scsitab from HP to add support for
the newest devices. Do not modify this file manually.

Module 20
Troubleshooting
Media Problems
Is the media bad, does the operation work with other media? Use the Data Protector verify function
to verify existing backups.
Library Devices
The most common error message for an improper configuration is, “Cannot access exchanger
control device.” This implies a problem with the robotic control device file. Verify the robotic
configuration and use DP uma command to validate the configuration.
Library Device Drive Index Problems

When using libraries with multiple drives, a very common problem is mismatched drive indexes in
the library drive configuration. Symptoms of drive index problems are seen when loading a tape in
a drive, but backup fail and it turned out that that tape was loaded in the wrong drive. You might
also see the error "Cannot load medium."
Configure your drives as follows:
• Check the drive indexes as they appear on the library’s control panel.
• Verify that they match the drive index number assigned to them in Data Protector.
• Configure your drives one at a time.
• After configuring each drive, verify that it is configured correctly: Select the drive, and click
Scan from the Actions menu.
Testing Library Device Robotics with UMA (Utility Media Agent)

The uma program is a standalone utility program provided on both – UNIX and Windows. It controls
the robotics of DP managed tape libraries. UMA is part of the Media Agent package and located
under:
UNIX : DP_HOME/lbin/uma
WINDOWS : DP_HOME\bin\uma.exe.
Uma can be started interactively or in batch mode. The only option that needs to be specified is the
pathname of the device file that controls the robotics of the target library:
CLI uma –ioctl <device name>.
Within uma type in “help” to get the list of available commands. Type in “stat” to get the inventory
of the library with all drives and slots. For testing you could move a tape from a slot to a drive and
back and check with “stat” if it is working fine. Use the “move” command for this operation, e.g.
move S20 D1 Move a tape from slot 20 to Drive1
move D1 S20 Move tape back from Drive 1 to slot 20

Module 20
Troubleshooting
20-10. SLIDE: Backup and Restore
Backup and Restore
• No previous full backup?

• Object description has changed?
• Backup owner is different?
Full instead of Incremental
• Non appendable media?
• Media from wrong pool?
Unexpected mount requests • Strict allocation policy?
• Pre-allocation list sequence?
• Library device not scanned?
Backups not working: • Missing permissions?

Scheduled/Interactive • Licenses available?
• omnitrig entry in crontab?
Restore not possible • Backup protection?

• Missing permissions?
Backup and Restore
This chapter deals with typical problems around backup and restore and how to resolve these
problems. Typical issues are
• Unexpected full backups
• Unexpected mount requests
• Backup did not start
• Restore failed
Full backups are performed instead of incremental backups

An incremental backup should be performed, but Data Protector automatically switches to a full
backup. Reasons are:
• No previous FULL backup found
Before performing an incremental backup of an object, Data Protector requires a full
backup. Data Protector uses a full backup as reference point to determine what files have
changed (and thus needs to be included in the incremental backup). If a protected full
backup is not available for this comparison, a full backup will be performed, so check if full
Backup is still available and protected.

Module 20
Troubleshooting
• The description has changed.

The host (system), disk, and description define an object. If any one of these three change,
Data Protector considers this a new object, even if the host and disk are the same. In this
case, Data Protector performs a full backup instead of an incremental.
• The backup owner is different.

If your backups are configured to run as Private, the person starting the backup is the
owner of the data. For example, if root performs a full backup, and USER1 tries to start an
incremental backup, the incremental backup will become a full backup, because the data
for root is private, and cannot be used as a base for USER1’s incremental backup. To
resolve this issue, ether mark the backup as public, make sure that always the same user is
running the backup sessions or configure a session ownership in the backup specification
under Options – Backup Specification Options – Advanced. This will make this user owner
of all backups, regardless of who actually starts the backup session.
Unexpected Mount Requests

Unexpected mount requests are caused by lots of different events, like
• Non appendable media selected?
In case a non-appendable pool is used always a new media is pulled from the pool
• Media pulled from wrong pool?

During creation each logical device got a default pool assigned. This pool need to be
replaced with the new pool name under device properties in the backup specification.
• Strict allocation policy?

If strict allocation is configured for the defined pool and no DP formatted media is available
in the library, Data Protector will issue a mount request. If you want DP to automatically
format unformatted media set the media pool policy to Loose.
• Pre-allocation list sequence?

If you are using a Prealloc list of media in combination with the strict media policy, the
exact media specified in the Prealloc list must be available in the device when backup is
started. If the exact media is not available, a mount request is issued.
• Library device not scanned

New media were added to the Library but DP does no use them and issues a mount request.
Reason is that DP is simple not aware that new media were added. Run a barcode scan of
the library to update the inventory before backup.
Data Protector Fails to Start a Scheduled Session

Backup were scheduled to run unattended, but no session was started, Reasons are:
• Missing permissions
The DP session owner, who is ether configured in the backup spec or runs the Data
Protector Inet service needs the appropriate user rights to start a backup. Ether put the
user in the DP admin/operator group or in a customized DP group with similar permissions

Module 20
Troubleshooting
• Licenses available?
Make sure that the required DP licenses are available at start time and not used by other
parallel running sessions. To check the licenses ether click on Help – About
in the GUI or run omnicc –query from the Command Line. See the HP Data Protector
Licensing and Installation Guide for licensing details.
• omnitrig entry in crontab? (Unix only)

Check that the omnitrig entry is included in the crontab file. To verify this, enter the
following command: crontab –l
crontab –l
# omnitrig entry was automatically added by Data Protector
* * * * * /opt/omni/sbin/omnitrig
• If the line does not appear, restart Data Protector (omnisv stop/start), which will rebuild
the crontab entry:
Restore not possible

• Backup Protection Expiration
To restore an incremental backup object, you need both the full backup and ALL the
incremental backup object versions. In many cases, backup schedules are configured in
such a way that incremental backups are protected for the same duration as the
corresponding full backup. Consequently, your data will actually be protected only until the
full backup expires. Even if a new full backup was performed the old incremental backups
still require the old full backup in place for restore. So make sure that the whole backup
chain is protected until the last performed incremental backup expires.
• Missing permissions
The user, who runs the restore need to have the appropriate DP user permissions, like
Start Restore, Restore to other clients, Restore from other users or Restore as root. In
case private objects are configured the user might not even see the performed backups,
because of insufficient permissions, the user right See private objects is required. So make
sure the restore user belongs to a DP group with the appropriate permissions.

Module 20
Troubleshooting
20-11. SLIDE: omnihealthcheck
omnihealthcheck
• Run as notification “HealthCheckFailed” as part of the daily check
• Execute commands listed in HealthCheckConfig file and stores all output in
HealthCheck.log file and in case of failure in Event Log
Binary located on DP CM under: DP_HOME\bin

Log File located on DPCM under: DP_VAR\log\server
omnihealthcheck
The omnihealthcheck command reads the HealthCheckConfig file and executes the listed
commands from that configuration file.
As a default omnihealthcheck command checks:
• whether the Data Protector services are active

omnisv –status
• list of Data Protector media pools

omnimm -list_pools
• check Data Protector Cell manager name

omnidbutil -show_cell_name
The command is executed as check for the notification Health Check Failed.
This notification is checked together with other notifications within the so called Daily
Check – see also slide 20-13 – but it can be started directly from the CLI.

Module 20
Troubleshooting
20-12. SLIDE: HealthCheckConfig file
HealthCheckConfig File
HealthCheckConfig … Configuration file for omnihealthcheck command
OPTIONS:
Timeout=200
COMMANDS:
# Checks DP Services
omnisv -status
# Checks Pools and Media
omnimm -list_pools
# Checks DP Internal Database
omnidbutil -show_cell_name
Located on Cell Manager only under:
Unix/Windows : DP_CONFIG
HealthCheckConfig file
The HealthCheckConfig file may be modified to include additional checks to the defaults provided;
operating system commands may also be used.
If you want to use other non-Data Protector commands, then full path must be used to run a
command. Commands used in HealthCheckConfig file run under administrator / root account during
omnihealthcheck command execution. On Windows, commands are executed under the system
account; which is the user associated with the Data Protector CRS service.
Running omnihealthcheck with default HealthCheckConfig does not have any impact on the
performance of Cell manager. Also, there is almost no impact on running backup / restore sessions.
A timeout variable in HealthCheckConfig file determines time for execution of each command in
HealthCheckConfig file. If this time is exceeded then return error code for this command and
execute next command. Timeout variable is defined in seconds (by default this is 200 seconds).

Module 20
Troubleshooting
20-13. SLIDE: omnitrig –run_checks
omnitrig -run_checks
• by default executed every day at DailyCheckTime (configurable global file parameter)
• Possible to run omnitrig -run_checks directly from CLI
• Starts checks for a list of predefined notifications
• any triggered notification is send to Data Protector Event Log (default)
Checked Notifications
- IDB Space Low
- Not Enough Free Media
- Unexpected Events
- Health Check Failed
- IDB Limits
- IDB Backup Needed
- IDB Reorganization Needed
- License Will Expire
- License Warning
- User Check Failed (if configured)
omnitrig –run_checks
By default every day at 12:30PM the command omnitrig -run_checks is executed automatically as
part of the Data Protector Daily Health Check. The start time can be changed by setting the global
file parameter DailyCheckTime. The following notifications are checked:
• IDB Space Low

• Not Enough Free Media
• Unexpected Events
• Health Check Failed
• IDB Limits
• License Will Expire
• License Warning
• User Check Failed (if configured)

Module 20
Troubleshooting
As a default any triggered notification is shown in the Data

Protector Event log, but delivery method can be customized
within the Reporting context in the DP GUI.

Notes
Notes

DP120 9.0X S v1.2 PDF

Uploaded by

Document Information

Original Title

Copyright

Available Formats

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

Available Formats

DP120 9.0X S v1.2 PDF

Uploaded by

Copyright:

Available Formats

DP120 Data Protector 9.

Module 2 — HP’s Adaptive Backup and Recovery Solutions 1

4–5. SLIDE: Localization .......................................................................................................................................4

Module 5 —Upgrade and Migration 1

Module 6 — Licensing and Product Structure 1

II Data Protector Essentials

6–8. SLIDE: License reporting and checking.......................................................................................................12

Module 7 — Backup Devices 1

Module 8 — Media Management 1

Data Protector Essentials III

8-15. SLIDE: Multiple free pools ......................................................................................................................... 21

IV Data Protector Essentials

10–6. SLIDE: Concept of Parallel Restore ............................................................................................................. 6

Module 11 — Monitoring, Reporting, Notification 1

Module 12 — Media and Object Copy and Verification ...................................................1

Data Protector Essentials V

12-22. SLIDE: Media and Object verification ....................................................................................................... 33

Module 13 — Object Consolidation ..............................................................................................1

Module 14 — Internal Database 1

VI Data Protector Essentials

14-28. SLIDE: IDB Restore - Overview .................................................................................................................43

Module 16 — Access control and Security 1

Data Protector Essentials VII

Module 18 — Disaster Recovery 1

VIII Data Protector Essentials

Data Protector Essentials IX

1–3. SLIDE: Welcome

Welcome to HP Software Education, and the

DP120 HP Data Protector 9.0X Essentials

1-2 Data Protector Essentials

1–4. SLIDE: Overview

VMware Advanced Windows

The following courses for HP Data Protector software are available:

HP Data Protector software DP120 Essentials course – 4 days

HP Data Protector software DP121 Update course –2 days

Data Protector Essentials 1-3

HP Data Protector software DP200 Advanced Windows Integration course – 4 days

HP Data Protector software DP220 VMware Integration course – 2 days

1-4 Data Protector Essentials

1–5. SLIDE: Agenda

Day 1 Day2 Day 2 Day3 Day 3 Day 4

• Introduction • Backup Devices • Restore • Deduplication

The main chapters of this course are listed on the slide.

Data Protector Essentials 1-5

1–7. SLIDE: Additional Resources

• Data Protector product documentation

• Visit Data Protector on the web:

• Data Protector Consulting & Support services

• Data Protector on hp.com http://hp.com/go/dataprotector

1-6 Data Protector Essentials

• Data Protector on autonomy.com http://www.autonomy.com/products/data-protector

• Consulting and Support services

Selected courses are now available as Self-Study Course.

Data Protector Essentials 1-7

2–3. SLIDE: HP Adaptive Backup and Recovery concept

HP Adaptive Backup and Recovery

HP Adaptive Backup and Recovery concept

2-2 Data Protector Essentials

2–4. SLIDE: HP Adaptive Backup and Recovery Suite

HP Adaptive Backup and Recovery Suite

HP Adaptive Backup and Recovery Suite

Integrated / Aware Granular Control

HP Adaptive Backup and Recovery Suite