Well, you could simply delete the dsmc.exe and dsm.exe executables (and
their respective icons in the TSM folder), but that's not a solution since
it would be quite easy to copy in new versions. Since the Web GUI and
Scheduler require that the password be encrypted in the registry, I'm not
sure that deleting the executables is much of an answer; it would barely
slow anyone down.

You might consider locking down the TSM client executables so only
authorized users can run them.

Regards,

Andy

Andy Raibeck
IBM Tivoli Systems
Tivoli Storage Manager Client Development
e-mail: araibeck AT us.ibm DOT com

The only dumb question is the one that goes unasked.
The command line is your friend.
"Good enough" is the enemy of excellence.





Joe Cascanette <Joe.Cascanette AT CUMIS DOT COM>
Sent by: "ADSM: Dist Stor Manager" <ADSM-L AT VM.MARIST DOT EDU>
08/08/2001 08:37
Please respond to "ADSM: Dist Stor Manager"


        To:     ADSM-L AT VM.MARIST DOT EDU
        cc:
        Subject:        removing the client of a server



Is there anyway to remove the client executable from a (TSM V4.2) client
and
still keep the web gui and the schedule service operational?



Where is the overview:

I have x amount of servers in our DMZ area (between the firewalls). I
currently have the restore/backups asking for a password, but these
passwords are not encrypted. What I really want to do is access the remove
the client from those servers, but keep the web(https) gui (for manual
backups / archives) and keep the scheduler service running for nightly
backups.

The reason is if someone did get into the DMZ area they could actually do
some damage with backups and restores.


Thanks

Joe Cascanette