Ransomware attackers specifically target and attempt to destroy backup systems to increase the probability of payment. Hardening your system is critical. Please ensure you have reviewed your platform security using the Security Hardening Checklist
Cohesity

COHESITY Documentation

Explore our documentation to get started, discover products & new features, access troubleshooting guides, register sources, platforms support.

Products
Data Security Alliance
Visit Cohesity.com
Demos
Support
Blogs
Developers
Partner Portals
Cohesity Community
© 2026 Cohesity, Inc. All Rights Reserved.
Terms of Use|
Privacy Policy|
Legal|
  1. Home
  3. NetBackup™ Web UI Administrator's Guide
  5. Section IX. Managing security
  7. Managing role-based access control (RBAC)
  9. Configuring RBAC
  11. Add a user to a role (SAML)
NetBackup™ Web UI Administrator's Guide

Add a user to a role (SAML)

This topic describes how to add a SAML user or group to a role.

SAML users use one of the following sign-in methods: SAML user or SAML group.

To add a user to a role (SAML)

  1. On the left, click Security > RBAC.
  2. Click the Roles tab.
  3. Click on the role name, then click on the Users tab.
  4. From the Sign-in type list, select the sign-in method SAML user or SAML group.
  5. Enter the user or the group name that you want to add.

    For example, nbuadmin@my.host.com.

    If your Identity Provider (IDP) returns group information in the format of (CN=groupname, DC=domainname) or domainname\groupname, you should add the group using the format groupname@domainname. However, it is also possible to configure SAML Groups in Role-Based Access Control (RBAC) without including the domain name. If your IDP returns group names without domain information, you can add those groups as plain text. Please note that using the email format is not mandatory for SAML groups.

  6. Click Add to list.
  7. Users that are assigned to the role must sign out and sign in again before each user's permissions are updated.

Feedback

Was this page helpful?
Previous

Add a smart card user to a role (non-SAML, without AD/LDAP)

Next

Remove a user from a role

Feedback

Was this page helpful?