From: Gill, Geoffrey L. [mailto:GEOFFREY.L.GILL AT SAIC DOT COM] 
> Security: big topic most of the time and can be confusing 
> when there are
> different variations. With the ability to make any node look 
> like another
> node, what are the best security settings one can set up on 
> the server and clients?

How many time do we system administrators have to say it?

        intelligent passwords, intelligently handled

Say it again, boys and girls:

        intelligent passwords, intelligently handled

95% of all security breaches come from stupid passwords, or intelligent
passwords handled stupidly. In other words: 
--Don't give them out. 
--Let them expire and reset them. 
--Don't write them on slips of paper and tape them to the underside of
the keyboard or to the face of the monitor. 
--Only those who have business having them should have them. 
--Set password filters where possible. 
--Don't allow repeated passwords.
 
> Should Admin users only be those specified and not let the 
> node add one when it is created?

A node *has* to have an admin ID and password when it is created. It
should *not* be made a system password, and system-level IDs should
*not* be used to log into a client for a restore. Just common-sense
stuff.

> Passwordaccess generate. Any issues not using it?

Can you say "no client backups without admin intervention"?

--
Mark Stapleton (mark.stapleton AT berbee DOT com)
Berbee Information Networks
Office 262.521.5627