Ransomware attackers specifically target and attempt to destroy backup systems to increase the probability of payment. Hardening your system is critical. Please ensure you have reviewed your platform security using the Security Hardening Checklist
Cohesity

COHESITY Documentation

Explore our documentation to get started, discover products & new features, access troubleshooting guides, register sources, platforms support.

Products
Data Security Alliance
Visit Cohesity.com
Demos
Support
Blogs
Developers
Partner Portals
Cohesity Community
© 2026 Cohesity, Inc. All Rights Reserved.
Terms of Use|
Privacy Policy|
Legal|
  1. Home
  2. NetBackup and NetBackup Appliances Hardening Guide
  3. Steps to protect Access Appliance
  4. About single sign-on (SSO) configuration
  5. Limitations and log locations
NetBackup and NetBackup Appliances Hardening Guide

Limitations and log locations

There are some limitations when you configure SSO on an Access Appliance cluster.

  • Identity provider cannot be edited. It can be removed and added again.

  • Single logout is not implemented. If SAML users log out of the application, and try to login with SSO again, the user is not asked for their login credentials unless the SSO session has expired. This applies to any other application using the same IDP.

  • If after identity provider configuration, External certificate authority (ECA) is configured, then login with SSO does not work until the identity provider is updated with the latest service provider metadata xml from the Access Appliance. This can be done by downloading the service provider metadata xml from Settings > Security > Single-Sign on > Download service provider metadata. This metadata needs to be updated on the IDP side.

  • AD/IDP server date, time, and time zone should be the same as the Access Appliance cluster. Else, the SSO login fails.

The logs can be found by logging into the Access Appliance CLISH, elevating to root and accessing the logs at:

  • /log/VRTSnas/isagui_webserver.log

  • /log/VRTSnas/ isagui_sso_config.log

Feedback

Was this page helpful?
Previous

Adding and removing user roles using GUI

Next

Configuring user authentication using digital certificates or smart cards

Feedback

Was this page helpful?