Thanks for the answer and good point, btw it´s not my file, it is some HR 
data... The customer is worried about who can restore data/alter the logs if we 
are able to produce them etc etc. 

//Henrik

-----Original Message-----
From: ADSM: Dist Stor Manager [mailto:ADSM-L AT VM.MARIST DOT EDU] On Behalf Of 
Allen S. Rout
Sent: 16. august 2006 16:29
To: ADSM-L AT VM.MARIST DOT EDU
Subject: Re: Encryption - logging

>> On Wed, 16 Aug 2006 14:44:59 +0200, Henrik Wahlstedt <SHWL AT STATOIL DOT 
>> COM> said:


> So my questions are: Is the possible to do automated encrypted backups 
> but limit the restore functionality to thoose who knows encryption 
> password?

The only people who can restore are people who can log into your machine, and 
they can only restore files they can write.  I'm confused about why I shouldn't 
be able to restore one of my files.

I'm poking that question because it feels like you're asking TSM to enforce a 
security restriction you haven't been able to enforce locally on the box.  
Trying to prevent root@yourbox from restoring something sounds like a tall 
order.




> How do I monitor restores on the TSM server in good way.

I haven't found a happy method.  Consider, the logging there could be Really 
Extensive.  I don't want to list somebody's 3-million filenames in my TSM 
serverlog.


- Allen S. Rout


-------------------------------------------------------------------
The information contained in this message may be CONFIDENTIAL and is
intended for the addressee only. Any unauthorised use, dissemination of the
information or copying of this message is prohibited. If you are not the
addressee, please notify the sender immediately by return e-mail and delete
this message.
Thank you.