Ransomware attackers specifically target and attempt to destroy backup systems to increase the probability of payment. Hardening your system is critical. Please ensure you have reviewed your platform security using the Security Hardening Checklist
Cohesity

COHESITY Documentation

Explore our documentation to get started, discover products & new features, access troubleshooting guides, register sources, platforms support.

Products
Data Security Alliance
Visit Cohesity.com
Demos
Support
Blogs
Developers
Partner Portals
Cohesity Community
© 2026 Cohesity, Inc. All Rights Reserved.
Terms of Use|
Privacy Policy|
Legal|
  1. Home
  3. NetBackup™ Security and Encryption Guide
  5. Section I. Identity and access management
  7. NetBackup Access Control Security (NBAC)
  9. Troubleshooting Access Management
  11. Verification points in a mixed environment with a Windows primary server
  13. Client verification points for a mixed Windows primary server
NetBackup™ Security and Encryption Guide

Client verification points for a mixed Windows primary server

The following table describes the client verification procedures for a mixed Windows primary server.

Table: Verification procedures for a mixed Windows primary server

Procedure

Description

Verify the credential for the Windows client

See the following topic for the verification procedures for Windows clients:

See Client verification points for Windows.

Verify the credential for the UNIX client

Check that the credential for the client is indeed for the correct client and comes from the correct domain. Run bpnbat -whoami with -cf for the client's credential file.

For example:

  bpnbat -whoami -cf \
    "/usr/openv/var/vxss/credentials/
    unix_client.company.com"
   Name: unix_client.company.com
   Domain: NBU_Machines@win_primary.company.com
   Issued by: /CN=broker/OU=root@
    win_primary.company.com/O=vx
   Expiry Date: Oct 31 21:16:01 2007 GMT
   Authentication method: Veritas Private Security
   Operation completed successfully.

Verify that the authentication client libraries are installed

Run bpnbat -login on the client to verify that the authentication client libraries are installed.

  bpnbat -login
   Authentication Broker: unix_media2.company.com
   Authentication port [Enter = default]:
   Authentication type (NIS, NIS+, WINDOWS, vx, unixpwd)
     : NIS
   Domain: min.com
   Name: Smith
   Password:
   You do not currently trust the server:
    unix_media.company.com, do 
   you wish to tr
   ust it? (y/n):
   y
   Operation completed successfully.

Verify the UNIX authentication broker

Ensure that the UNIX authentication broker has mutual trust with the main windows authentication broker or ensure that it uses the Windows broker as its root broker.

Feedback

Was this page helpful?
Previous

Media server verification points for a mixed Windows primary server

Next

About the nbac_cron utility

Feedback

Was this page helpful?