Netbackup - Desktop and Laptop Option (DLO) may occasionally fail to delete or groom the temp file xxxx.xxxx.upload.tmp on the Network Storage location.

Article:TECH148565  |  Created: 2011-01-19  |  Updated: 2013-11-07  |  Article URL http://www.symantec.com/docs/TECH148565
Article Type
Technical Solution

Product(s)

Subject

Issue




Error



There is no specific error message because the backup may complete successfully, however the temp file lingers on the Network User Data Folder (NUDF) long after the backup has completed.

Ideally the temp file should delete immediately after completion of the PST file backup (success or failure). However you may notice multiple temp files, some as big as the original PST file and / or multiple copies of the same PST file, each with a file-size that is almost the same as the original PST, thus leading to excessive disk space utilization.


Environment



Netbackup DLO version 6.1 MP5a or later

DLO Profile is set to perform a VSS enabled backup of Outlook PST files every 30 minutes.


Cause



  1. Network User Data Folder (NUDF) of DLO is not correctly configured.
  2. The permissions on the NUDF are incorrect set.
  3. The "DLO maintenance service" is not installed (and thus not running) on the remote Windows server that hosts the Network User Data Folder (NUDF) of DLO.
  4. The remote Windows server that hosts the Network User Data Folder (NUDF) of DLO has not been configured for delegation.
  5. The specific appliance (Filer / NAS device) that has the NUDF is not configured correctly for delegation.

 


Solution



  1. If the storage location of DLO happens to reside on a NAS / SAN device, ensure that the volume desired to be used as a Storage location has been assigned a drive letter.

In other words the LUN on the remote filer or NAS device needs to be assigned a drive letter and mapped as a local drive on the DLO Maintenance server (as shown below).

Reference: Symantec NetBackup (tm) Desktop and Laptop Option Version 6.1 Administrators Guide for Windows
Article URL http://www.symantec.com/docs/TECH49507
Refer Page # 79 : Configuring a Remote Windows Share or NAS Device for DLO Storage Locations

Note: DLO also support the use of hidden shares (for example; “Share$”) as Storage Locations (configured manually) however with DLO version MP5, these are not supported for the VSS enabled backup of Outlook PST files.

  1. If the Storage location of DLO resides on a remote Windows server, ensure that the "DLO maintenance service" is installed and is running under local SYSTEM account. 
  2. The SHARE and SECURITY permissions on NUDF needs to be configured as follows ..

Note: To avoid conflicts with permissions, the Inheritable permissions from the parent folder should not propagate to the NUDF folder

Share Permissions on the root NTFS folder defined as the NUDF
Administrators (group) Full Control
Everyone:                      Full Control
DLO Service account:  Full Control

Security Permissions on the root NTFS folder defined as the NUDF
Administrators (group) Full Control
Everyone:                      Read and Execute
SYSTEM:                       Full Control
DLO Service account:  Full Control

Security Permissions on the NTFS sub-folder of the specific user
There is no need to configure this manually as DLO does it automatically once the user is added to DLO.

  1. Configure the DLO Maintenance server for Delegation.

This process verifies that the account used to run the maintenance server process is allowed to delegate client accounts.

a) Launch Active Directory Users and Computers on the Domain Controller
b) Click on “Computers” tab. This will give a list of all the Computers present in that particular domain
c) Right click on the computer which is acting as Maintenance Server for DLO, select properties
d) Select “Delegation” tab from Properties window
e) Select “Trust this computer for delegation.

Note: If using a filer or a NAS device: Choose the option to “Trust this computer for delegation to specified services only” as shown below. We may choose either of the 'Use Kerberos only’ or ‘Use any authentication  protocol’ options. If we choose 'Use Kerberos only' then the service type should be 'cifs'






Article URL http://www.symantec.com/docs/TECH148565


Terms of use for this information are found in Legal Notices