Video Screencast Help

Netapp filer, some NDMP backups and some CIFS -- not possible?

Created: 04 Apr 2013 • Updated: 05 Apr 2013 | 2 comments
This issue has been solved. See solution.


I have backups that I have to complete on a Netapp filer. I've been doing NDMP backups for years. Now, we need to encrypt while backing up some of that data. Not all of it. Just two directories in a TB of data.

So, I found out that BE 2010 can't support encrypted backups for NDMP backups. Cool.

So I want to set up a CIFS backup for just the two directories that need to be encrypted during backup. I found this page:

Notice that the last line in the "solution" says that you have to turn off NDMP for the filer that is sharing the data:

"2. Stop the NDMP protocol on the server that is hosting the share."

I can't do that, because I need to continue to back up all but those two directories via NDMP.

I tried mapping the drive locally on the backup server and making it persistent, thinking I could back up the mapped drive and leave myself logged in. But the mapped drive doesn't show up in the selection list.

Ideas, suggestions? Can what I want to do be done, or is that tech note above telling me this isn't do-able?

-- JR

Operating Systems:

Comments 2 CommentsJump to latest comment

Colin Weaver's picture

Mapped drives don't operate at a service level, they operate at a logged in user level and as such cannot be used by Backup Exec

If you can't disable NDMP on the Netapp - then you could use a software fireall on the media server itself

It would have to allow blocking of Port 10000 outbound to IP address of the Netapp and also provide a way to script turning on and off the firewall rule so that you can use the rule when doing CIFS backups and disable the rule whilst doing NDMP backups

wuchgwan_dunow's picture

Heh.. Yeah, hence the "thinking I could back up the mapped drive and leave myself logged in." part. But I guess that's not possible?

Thanks for the response. It sounds intelligent and like you understand exactly what I'm trying to do. I'll look into the firewall and script, but it's more likely I'll encrypt the data at rest.