Install / Deployment unmanaged Veeam Plug-in for Oracle RMAN across multiple Oracle hosts fully automatically

[AndreasBuhlmann]

Hi everyone,

I’d like to share an approach for customers who want to roll out the unmanaged Veeam Plug-in for Oracle RMAN across multiple Oracle hosts fully automatically, specifically without interactive wizard steps or having to type passwords during deployment.
Customer requirements (what they asked for)

Deploy the plug-in to multiple Oracle servers in a repeatable way
No manual clicks / no interactive prompts during install/configuration
No cleartext credentials in playbooks or repositories
Preferably idempotent (safe to re-run)

Key clarification

“Without entering a password” should be understood as no manual typing during the run. Credentials still exist and should be injected securely (e.g., Ansible Vault or a corporate secret manager).

Proposed solution (high level)

Even in unmanaged mode (no central push management), you can automate the rollout by:

- Installing the plug-in package on each host using Linux tools (e.g., zypper, dnf, …)
- Dropping a prebuilt configuration file (e.g., veeam_config.xml) by Ansible
- Setting credentials in a separate step using secret injection (Vault/secret manager) by Ansible

1) Install Ansible
dnf install -y ansible-core

2) Inventory (local or target host(s))
inventory.ini
127.0.0.1 ansible_connection=local

3) Ansible test playbook
- name: Configure Veeam Oracle Plugin
hosts: all
vars_prompt:
- name: username
prompt: What is your VBR username?
private: false
- name: password
prompt: What is your VBR password?

tasks:
- name: Creating a veeam_config.xml with content
copy:
dest: "/opt/veeam/VeeamPluginforOracleRMAN/veeam_config.xml"
content: |
<Config>
<CAVerificationParameters />
<AdditionalCertificatePaths />
<ProxyConfig />
<VBRConnectionParams vbrHostName="10.10.10.42" />
<Certificate />
<AuthenticationContext />
<EntitySpecificCertificates />
<BackupForRestoreParams />
<AgentParams />
<RepositoryParams>
<Repository repositoryName="Default Backup Repository" repositoryID="123456-abc5-4ab4-dd4f-9c31234bcead" />
</RepositoryParams>
<PluginParameters />
</Config>

- name: Set the Veeam User and Password
ansible.builtin.expect:
command: OracleRMANConfigTool --set-credentials {{ username }} --disable-fingerprint-confirmation
responses:
"Enter password for veeamadmin:":
- "{{ password }}"

This worked fine. But of course it needs to be modified to run on several hosts nand to use Ansible Vault or another secret manager.

vars_files with Ansible Vault
vars_files: - group_vars/all/vault.yml
or use an integration with your preferred secret manager

Perhaps this solution can help others as well.

regards
Andreas