Ransomware attackers specifically target and attempt to destroy backup systems to increase the probability of payment. Hardening your system is critical. Please ensure you have reviewed your platform security using the Security Hardening Checklist
Cohesity

COHESITY Documentation

Explore our documentation to get started, discover products & new features, access troubleshooting guides, register sources, platforms support.

Products
Data Security Alliance
Visit Cohesity.com
Demos
Support
Blogs
Developers
Partner Portals
Cohesity Community
© 2026 Cohesity, Inc. All Rights Reserved.
Terms of Use|
Privacy Policy|
Legal|
  1. Home
  2. NetBackup™ Security and Encryption Guide
  3. Section I. Identity and access management
  4. NetBackup interface access for OS Administrators
  5. Disable command-line (CLI) access for operating system (OS) administrators
NetBackup™ Security and Encryption Guide

Disable command-line (CLI) access for operating system (OS) administrators

By default, an OS administrator (user or group member) has access to the NetBackup CLI and does not need to be a member of an RBAC role.

This option prevents OS administrators from accidentally running NetBackup CLIs. A malicious user with the OS administrator access of the primary server can still bypass this restriction.

After you can disable the option, the OS administrator must log in with bpnbat -login to access the CLI.

To disable CLI access for OS administrators

  1. Sign in to the web UI.
  2. On the top right, click Settings > Global security.
  3. On the Security controls tab, turn off the CLI access for Operating System Administrator option.

Feedback

Was this page helpful?
Previous

NetBackup interface access for OS Administrators

Next

Disable web UI access for operating system (OS) administrators

Feedback

Was this page helpful?