CoBMR Block Based Recovery gflags

Block Based Recovery settings

When recovering a Block-Based backup with CoBMR, changes are required to be set on the Cluster to allow full access to the VHDs for recovery. This is due to adjustments in the way Cohesity manages access to smb shares.

Please set the view and gflag options below using the Cohesity iris_cli:

  1. Start the Cohesity DataPlatform CLI remotely or locally as described in Cohesity knowledgebase article: How to access the Cohesity DataPlatform CLI (Iris CLI)#:
    https://support.cohesity.com/s/article/How-to-access-the-Cohesity-DataPlatform-CLI-Iris-CLI.

  2. Enable the option bridge_smb_portal_auth_local_authentication_enabled (one line): as per: https://support.cohesity.com/s/article/How-to-enable-local-user-authentication-to-a-Cohesity-SMB-View

cluster update-gflag gflag-name=bridge_smb_portal_auth_local_authentication_enabled
service-name=bridge effective-now=true reason=KB-3922 gflag-value=true

  1. Set the view gflag and user access:
    Below is an example, please set your own username and password. To do this run iris_cli and log in with a suitable Admin User/password.

For a new user “blockuser” with a password of “P@ssw0rd”

user add user-name=blockuser password=P@ssw0rd primary-group-name=Users
user edit user-name=blockuser password=P@ssw0rd allow-smb-access-token=true
user edit user-name=blockuser roles=Admin

  1. Allow Access to smb shares for the user (on one line):

cluster update-gflag service-name=magneto gflag-name=magneto_physical_file_restore_try_local_user_for_smb gflag-value=true effective-now=true reason=Enable_local_authentication

If some of the above commands have already been set e.g. local admin user has already been created or bridge is set, the only requirement is to configure anything new. However, running a command a second time will not break anything.