Ransomware attackers specifically target and attempt to destroy backup systems to increase the probability of payment. Hardening your system is critical. Please ensure you have reviewed your platform security using the Security Hardening Checklist
Cohesity

COHESITY Documentation

Explore our documentation to get started, discover products & new features, access troubleshooting guides, register sources, platforms support.

Products
Data Security Alliance
Visit Cohesity.com
Demos
Support
Blogs
Developers
Partner Portals
Cohesity Community
© 2026 Cohesity, Inc. All Rights Reserved.
Terms of Use|
Privacy Policy|
Legal|
  1. Home
  3. Veritas NetBackup™ Administrator's Guide, Volume I
  5. Section IX. Administering NetBackup
  7. Managing client backups and restores
  9. About restoring the files that have Access Control Lists (ACLs)
Veritas NetBackup™ Administrator's Guide, Volume I

About restoring the files that have Access Control Lists (ACLs)

An Access Control List (ACL) is a table that conveys the access rights users need to a file or directory. Each file or directory can have a security attribute that extends or restricts users' access.

By default, the nbtar (/usr/openv/netbackup/bin/nbtar) restores ACLs along with file and directory data.

However, in some situations the ACLs cannot be restored to the file data, as follows:

  • Where the restore is cross-platform.

  • When a restore utility (tar) other than nbtar is used to restore files.

In these instances, NetBackup stores the ACL information in a series of generated files in the root directory using the following naming form:

.SeCuRiTy.nnnn

These files can be deleted or can be read and the ACLs regenerated by hand.

Note:

If performing an alternate restore where the original directory was ACL-enabled, the alternate restore directory must also be ACL-enabled. If the alternate restore directory is not ACL-enabled, the restore is not successful.

Restoring files without restoring ACLs

The NetBackup client interface on Windows is available to administrators to restore data without restoring the ACLs. Both the destination client and the source of the backup must be Windows systems.

To restore files without restoring ACLs, the following conditions must be met:

  • The policy that backed up the client is of policy type MS-Windows.

  • An administrator performs the restore and is logged into a NetBackup server (Windows or UNIX). The option is set at the server by using the client interface. The option is unavailable on standalone clients (clients that do not contain the NetBackup server software).

  • The destination client and the source of the backup must both be systems running supported Windows OS levels. The option is disabled on UNIX clients.

Use the following procedure to restore files without restoring ACLs.

To restore files without restoring ACLs

  1. Log on to the NetBackup server as administrator.
  2. Open the Backup, Archive, and Restore client interface.
  3. From the client interface, initiate a restore.
  4. Select the files to be restored, then select Actions > Start Restore of Marked Files.
  5. In the Restore Marked Files dialog box, place a check in the Restore without access-control attributes check box.
  6. Make any other selections for the restore job.
  7. Click Start Restore.

Feedback

Was this page helpful?
Previous

Examples of redirected restores

Next

About setting the original atime for files during restores on UNIX

Feedback

Was this page helpful?