It's easier to just set /etc/cobbler/modules.conf's authorization setting to deny all, or set it to authn_configfile and remove unwanted passwords from /etc/cobbler/users.digest.
Restart cobblerd after making changes.
(The application ships as authn_denyall by default.)
I haven't touched this part of the configuration yet so this looks like a no-op.
Thanks!
Chris