Ransomware attackers specifically target and attempt to destroy backup systems to increase the probability of payment. Hardening your system is critical. Please ensure you have reviewed your platform security using the Security Hardening Checklist
Cohesity

COHESITY Documentation

Explore our documentation to get started, discover products & new features, access troubleshooting guides, register sources, platforms support.

Products
Data Security Alliance
Visit Cohesity.com
Demos
Support
Blogs
Developers
Partner Portals
Cohesity Community
© 2026 Cohesity, Inc. All Rights Reserved.
Terms of Use|
Privacy Policy|
Legal|
  1. Home
  2. NetBackup and NetBackup Appliances Hardening Guide
  3. Steps to protect NetBackup Appliance
  4. About single sign-on (SSO) authentication and authorization
  5. Configure single sign-on (SSO) for a NetBackup Appliance
NetBackup and NetBackup Appliances Hardening Guide

Configure single sign-on (SSO) for a NetBackup Appliance

The following procedure describes the complete process to configure an appliance for SSO.

To configure SSO on an appliance

  1. Obtain the identity provider (IDP) metadata XML file by using one of the following methods:
    • Download

      Download and save the IDP metadata XML file from the IDP website. Then log in to the NetBackup Appliance Shell Menu (shell menu) and upload the file to the appliance by opening the general share as follows:

    • Log in to the NetBackup Appliance Shell Menu (shell menu) and upload the file to the appliance by opening the general share as follows:

      Settings > Share > General Open

      Note:

      You can also upload the file into the general share directory from the File Manager tab in the NetBackup Appliance Web Console.

    • URL

      Obtain the URL address of the IDP metadata XML file for the appliance to download. Make sure that it is a valid https address.

  2. Configure SSO on the appliance as follows:

    Note:

    You can configure only one IDP for SSO.

    • Run the following command to add an IDP configuration to the appliance:

      Settings > Security > Authentication > SingleSignOn Add

    • idpname - enter the name that you want to use for this IDP configuration.

    • metadata - select how to associate the necessary metadata for the IDP configuration, as follows:

      Import: Import the IDP XML metadata file that you uploaded into the general share directory in the first step.

      URL: Enter the URL address of the IDP XML metadata file for the appliance to retrieve.

    • userFieldName [userPrincipalName]

      groupFieldName [memberOf]

      These parameters are optional and are shown with their default values. You can change the default values as needed to retrieve the appropriate SAML assertion details.

    After you have completed this step, the configuration is enabled by default.

  3. Add authorized SSO user groups and users by running the Settings > Security > Authorization command. Use the following command options to authorize specific SSO user groups and users:

    Grant Administrator SSO_Groups groups

    Grant Administrator SSO_Users users

    Grant AMS SSO_Groups groups

    Grant AMS SSO_Users users

Feedback

Was this page helpful?
Previous

About single sign-on (SSO) authentication and authorization

Next

About authentication using smart cards and digital certificates

Feedback

Was this page helpful?