ADSM-L
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: TSM Windows Client 4.2.2.0

2002-06-28 10:33:13
Subject: Re: TSM Windows Client 4.2.2.0
From: "Prather, Wanda" <Wanda.Prather AT JHUAPL DOT EDU>
Date: Fri, 28 Jun 2002 10:31:29 -0400 
Starting with V4, running the client requires additional privileges.  There
are also permissions that the local admin has that domain users need.  This
is a quote from the "Using the Windows Clients" 4.2 version:

######################################################################

**Considerations for NT and 2000 Client Services**

To install and configure Tivoli Storage Manager services on the entire
system, including the system registry, you must belong to a local
administrator account or a domain administrator account. To back up files,
you must have access rights on the local drive or directory containing those
files.

By default, Tivoli Storage Manager client services run under the local
system account. Because the services use logon properties such as persistent
drive mappings, and local search path and environment variables of the
account into which they are logged, consider having the services account run
under a domain account instead of the local system account.

Domain resources, such as network drives, can only be accessed by services
configured to run under a domain authorized account using dsmcutil or the
Service Control Panel Application. Any non-system account (local or domain)
must have the following rights:

 Back up files and directories
 Restore files and directories
 Manage auditing and security logs

Note: Some Windows 2000 system objects such as active directory require
Administrator privileges to perform backups.

Users without these rights can only back up files they own and cannot back
up the system registry or files owned by other users.

These are local user rights and must be set using the local User Manager
application, and domain accounts may not automatically be enabled for them.
Domain accounts may be granted local rights by the local User Manager.

The account must also have the following permissions to the
HKEY_LOCAL_MACHINE, HKEY_KEY_USERS, and
HKEY_CURRENT_USER registry hives:
 Query Value
 Set Value
 Create Subkey
 Enumerate Subkeys

The local system account and local administrator group posess these
permissions by default. Other accounts/groups (including domain
Administrators) must be granted these permissions either explicitly through
the registry editor security dialog (regedt32), or implicitly by adding the
account/group to the local Administrators group through the local User
Manager (recommended).

############################################################################
########
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: Recovery log space problem, Bill Boyer
Next by Date:  Changes in TDP for MS-SQL 2.2, Lawrence Clark
Previous by Thread:  Re: TSM Windows Client 4.2.2.0, Adams, Matt (US - Hermitage)
Next by Thread:  3584 firmware, Loon, E.J. van - SPLXM
Indexes:  [Date] [Thread] [Top] [All Lists]