ADSM-L
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: Clear text passwords. Was: Automating dsmserv

2003-05-27 17:12:27
Subject: Re: Clear text passwords. Was: Automating dsmserv
From: Tom Kauffman <KauffmanT AT NIBCO DOT COM>
To: ADSM-L AT VM.MARIST DOT EDU
Date: Tue, 27 May 2003 16:11:53 -0500 
I've been using a perl module originally written (back in ADSM 2.1 days) by
Owen Crow. It will look for a .dsmrc file in your home directory and use the
values associated with ID and PA in the file; if there's no .dsmrc file the
module prompts for ID and PAssword.

I can't find the code with google today, and adsm.org is running spotty for
me as well. If someone would point me to our generally accepted common
duping ground for scripts and such, I'll put Owen's original files up.

Tom Kauffman
NIBCO, Inc

-----Original Message-----
From: Justin Bleistein [mailto:justin.bleistein AT SUNGARD DOT COM]
Sent: Tuesday, May 27, 2003 3:44 PM
To: ADSM-L AT VM.MARIST DOT EDU
Subject: Re: Clear text passwords. Was: Automating dsmserv


I mean the administrative client the: "dsmadmc" program on the tsm server
side. You can automate him to run tsm server commands in batch mode from
like a shell script or something but u must supply the login name and
password in clear text in the script as part of the syntax. I was just
wondering if there was an alternative. thanks!.

--Justin Richard Bleistein
Unix/TSM Systems Administrator (Sungard eSourcing)
Desk: (856) 566 - 3485
Cell:    (856) 912 - 0861
Email: justin.bleistein AT sungard DOT com



                      "Remeta, Mark"
                      <MRemeta@SELIGMAN        To:
ADSM-L AT VM.MARIST DOT EDU
                      DATA.COM>                cc:
                      Sent by: "ADSM:          Subject:  Re: Clear text
passwords.  Was: Automating dsmserv
                      Dist Stor
                      Manager"
                      <[email protected]
                      .EDU>


                      05/27/2003 03:41
                      PM
                      Please respond to
                      "ADSM: Dist Stor
                      Manager"






Isn't there an option to have the TSM client auto-magically change the
password? If you use this option the clear text password in the batch file
would be unimportant...



-----Original Message-----
From: Justin Bleistein [mailto:justin.bleistein AT SUNGARD DOT COM]
Sent: Tuesday, May 27, 2003 3:24 PM
To: ADSM-L AT VM.MARIST DOT EDU
Subject: Re: Clear text passwords. Was: Automating dsmserv


any alternatives to running: "dsmserv" via batch mode with the:

dsmadmc -id=login -pass=password syntax...

I mean it's passwords in clear text so all someone has to do is cat that
file and your exposed... Any ideas on how to automate the client-server
interface (dsmadmc) without displaying the password anywhere?. Thanks!.

--Justin Richard Bleistein
Unix/TSM Systems Administrator (Sungard eSourcing)
Desk: (856) 566 - 3485
Cell:    (856) 912 - 0861
Email: justin.bleistein AT sungard DOT com



                      "Stapleton, Mark"
                      <stapleto@BERBEE.        To:
ADSM-L AT VM.MARIST DOT EDU
                      COM>                     cc:
                      Sent by: "ADSM:          Subject:  Re: Clear text
passwords.  Was: Automating dsmserv
                      Dist Stor
                      Manager"
                      <[email protected]
                      .EDU>


                      05/27/2003 12:08
                      PM
                      Please respond to
                      "ADSM: Dist Stor
                      Manager"






From: Thomas A. La Porte [mailto:tlaporte AT ANIM.DREAMWORKS DOT COM]
> Since this topic of clear text passwords has arisen, I wonder if
> anybody knows whether or not there is/are any outstanding
> requirements or enhancement requests for Kerberos support within
> TSM. This would be handy both in the situation discussed below,
> and for general administrative and node access to the server.
>
> If there isn't an outstanding request, I'll probably go ahead and
> ask that one be made.

One of the nice things about how Tivoli has handled TSM is that the
authentication system is *exactly* the same, no matter what the server
and client OS platforms may be. The same can be said for the interfaces
and the way administration is performed. Inserting something like
Kerberos into the mix would mean you'd have to make it work for all
platforms that the TSM server supports--including MVS, OS/400, and
<shudder> Windows.

There are ways of scripting TSM tasks that can sidestep the clear text
stuff, much the same as the ways you script FTP sessions without putting
passwords where users can gefingerpoken.

--
Mark Stapleton (mark.stapleton AT berbee DOT com)
Berbee Information Networks
Office 262.521.5627

Confidentiality Note: The information transmitted is intended only for the
person or entity to whom or which it is addressed and may contain
confidential and/or privileged material. Any review, retransmission,
dissemination or other use of this information by persons or entities other
than the intended recipient is prohibited. If you receive this in error,
please delete this material immediately.
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: Upstate NY TSM Users Group Meeting - June 4th, Paul Bergh
Next by Date:  Error 2 deleting row from table "Expiring.Objects" [was Re: Auditdb timing], James R Owen
Previous by Thread:  Re: Clear text passwords. Was: Automating dsmserv, Justin Bleistein
Next by Thread:  Re: Clear text passwords. Was: Automating dsmserv, Alex Paschal
Indexes:  [Date] [Thread] [Top] [All Lists]