Ransomware attackers specifically target and attempt to destroy backup systems to increase the probability of payment. Hardening your system is critical. Please ensure you have reviewed your platform security using the Security Hardening Checklist
Cohesity

COHESITY Documentation

Explore our documentation to get started, discover products & new features, access troubleshooting guides, register sources, platforms support.

Products
Data Security Alliance
Visit Cohesity.com
Demos
Support
Blogs
Developers
Partner Portals
Cohesity Community
© 2026 Cohesity, Inc. All Rights Reserved.
Terms of Use|
Privacy Policy|
Legal|
  1. Home
  2. NetBackup™ for VMware Administrator's Guide
  3. VMware agentless restore
  4. Provide access to a credential for agentless single file recovery to a guest VM
  5. Create a custom role for agentless single file recovery to a guest VM, with a credential
NetBackup™ for VMware Administrator's Guide

Create a custom role for agentless single file recovery to a guest VM, with a credential

A custom role can allow a VM administrator to perform an agentless single file recovery to a guest VM, with a stored credential. This way the user doesn't need to know the actual username and password for the VM.

Use this role if you do not want users to have the Default VMware Administrator role. Or, you do not want to give users access to all credentials.

To create a custom role for agentless single file recovery to a guest VM, with a credential

  1. A credential must exist that contains the username and password for the guest VM.

    See Add a credential for a VMware guest VM.

    Contact your NetBackup administrator for assistance.

  2. On the left, select Security > RBAC and click Add.
  3. Select Default VMware Administrator and click Next.
  4. Provide a Role name and a description.

    For example, include a description that the role allows users to perform a single file recovery to a particular guest VM.

  5. Under Credentials, click Edit.
  6. Clear the option Apply permissions to new and existing credentials.
  7. Select the credentials that you want to add to the role. Then click Assign.

    Users with the role have access to each credential that you select.

  8. Under Users, click Edit. Then add the users that you want to have this RBAC role.
  9. When you are done configuring the role, click Add role.

Feedback

Was this page helpful?
Previous

Add a credential for a VMware guest VM

Next

Recover files and folders with VMware agentless restore

Feedback

Was this page helpful?