Ransomware attackers specifically target and attempt to destroy backup systems to increase the probability of payment. Hardening your system is critical. Please ensure you have reviewed your platform security using the Security Hardening Checklist
Cohesity

COHESITY Documentation

Explore our documentation to get started, discover products & new features, access troubleshooting guides, register sources, platforms support.

Products
Data Security Alliance
Visit Cohesity.com
Demos
Support
Blogs
Developers
Partner Portals
Cohesity Community
© 2026 Cohesity, Inc. All Rights Reserved.
Terms of Use|
Privacy Policy|
Legal|
  1. Home
  2. NetBackup™ for Microsoft SQL Server Administrator's Guide
  3. Host configuration and job settings
  4. Configure the ODBC connection
NetBackup™ for Microsoft SQL Server Administrator's Guide

Configure the ODBC connection

NetBackup handles the encryption settings of an ODBC connection from a NetBackup client to a target SQL Server instance. These settings are configured in the host properties for the connecting client and can only be configured with the hostProperties API endpoint or the nbsetconfig command.

Note:

The RBAC role Default Microsoft SQL Server Administrator does not have permissions to edit the host properties. Alternatively, workload administrators can log on locally to the host and use the nbsetconfig command to make the host property changes.

ODBC connections are created using an ODBC connection string. This string is made up of a list of key-value pairs that changes the connection's behavior depending on the key-value pair.

Table: hostProperties API endpoint parameters for ODBC connections

Parameter

Description

encrypt: true|false

Whether to encrypt the connection using TLS.

For NetBackup clients that are updated to 10.4 or later, the SQL Server ODBC connections from the client to a target SQL Server instance are encrypted by default.

trustServerCertificate: true|false

Whether to trust the target SQL Server instance's certificate.

For 10.4 and later clients, TrustServerCertificate is set to true by default to prevent unexpected connection failures on upgrade.

preferredODBCDriver: {driver 1, driver 2, ...}

The name of the supported SQL Server ODBC driver to use during the connection. The value can be one or many individual driver names. List driver names in the order of preference. Or, set the value to "NEWEST" or to "OLDEST". ("NEWEST" or "OLDEST" must be specified alone.)

The driver SQL Server does not support encryption. Customers that have strict security policies and concerns should use the NEWEST driver or whatever version their company has certified.

The available driver values are as follows:

"SQL Native Client"
"SQL Server Native Client 10.0"
"SQL Server Native Client 11.0"
"SQL Server"
"ODBC Driver 11 for SQL Server"
"ODBC Driver 13 for SQL Server"
"ODBC Driver 17 for SQL Server"
"ODBC Driver 18 for SQL Server"
"OLDEST"
"NEWEST" 
Example using host properties API endpoint

The following example uses the host properties API endpoint to enable encryption, trust the target client certificate, and indicates NetBackup should use the driver "SQL Server". If that driver is not available, then NetBackup should use "ODBC Driver 17 for SQL Server".

PATCH https://{{primary-server}}/netbackup/config/hosts/{{client-host-id}}/
host-properties?fieldset%5BhostProperties%5D=clientMssql
Body:
{
    "data": {
        "type": "hostProperties",
        "id": "{{client-host-id}}",
        "attributes": {
            "clientMssql": {
                "trustServerCertificate": true,
                "preferredODBCDriver": [
                    "SQL Server",
                    "ODBC Driver 17 for SQL Server"
                ],
                "encrypt": true
            }
        }
    }
}

Feedback

Was this page helpful?
Previous

Configuring mappings for restores of a distributed applications, clusters, or virtual machines

Next

Configure NetBackup for the SQL Server non-readable secondary instances that are hidden

Feedback

Was this page helpful?