ADSM-L
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: [ADSM-L] Side Effects of Removing Admins

2010-07-08 10:01:44
Subject: Re: [ADSM-L] Side Effects of Removing Admins
From: "Prather, Wanda" <wPrather AT ICFI DOT COM>
To: ADSM-L AT VM.MARIST DOT EDU
Date: Thu, 8 Jul 2010 13:58:37 +0000 
I think if you remove the admin that defined an admin schedule, the schedule 
fails.
When the admin schedule runs, note it says the defining admin "issues" the 
command:

   ANR2750I Starting scheduled command DAILYCHECKIN ( run
    checkin ). (SESSION: 31664)
   ANR2017I Administrator XXXXXX issued command: RUN checkin
     (SESSION: 31664)

Also things like Autovault, other 3rd party tools, and TOR may connect to the 
TSM server via an admin id.
I've got perl scripts that do queries using an admin id.

But think if you query the activity log for the last xxxxx days for the admin 
id and don't find it, you're good.

W   

-----Original Message-----
From: ADSM: Dist Stor Manager [mailto:ADSM-L AT VM.MARIST DOT EDU] On Behalf Of 
Huebner,Andy,FORT WORTH,IT
Sent: Thursday, July 08, 2010 9:48 AM
To: ADSM-L AT VM.MARIST DOT EDU
Subject: Re: [ADSM-L] Side Effects of Removing Admins

The only side effect I have had is when you remove the admin for an AIX node.  
The AIX node had password issues and would not run the backup consistently.  
This probably has to do with how we run backups on AIX.
We have not seen any problems removing "people" admins from TSM.

Andy Huebner

-----Original Message-----
From: ADSM: Dist Stor Manager [mailto:ADSM-L AT VM.MARIST DOT EDU] On Behalf Of 
Nick Laflamme
Sent: Thursday, July 08, 2010 7:10 AM
To: ADSM-L AT VM.MARIST DOT EDU
Subject: [ADSM-L] Side Effects of Removing Admins

My current shop has a collective memory of "bad things happening" when old 
Admin userids are removed from TSM servers. Memories are a bit vague, and all 
of us have been doing TSM for a long time in a variety of shops, but the 
general anxiety is that removing the userids of admins who have moved on might 
break administrative schedules, copy groups, or some other key feature of TSM.

Now, of course, we have auditors breathing down our necks that we need to clean 
up and secure our servers. I can't say that I blame them, but there is this 
pesky collective memory to deal with. I looked in both the TSM 5.5 
administrative Guide and the Reference but didn't find any warnings about side 
effects of removing administrators.

So, my question to the collective wisdom of the group is,

Does anyone else remember bad side effects of removing admins in TSM, and if 
so, is there a corresponding clear memory of when this was fixed in ADSM/TSM, 
or is it still an issue?

(For my first pass, I have used the CHG_ADMIN column in several tables to find 
out who last updated several kinds of key system resources. If an admin isn't 
listed in any of those tables on a server, I've gone ahead and removed him or 
her.)

Thanks,
Nick

This e-mail (including any attachments) is confidential and may be legally 
privileged. If you are not an intended recipient or an authorized 
representative of an intended recipient, you are prohibited from using, copying 
or distributing the information in this e-mail or its attachments. If you have 
received this e-mail in error, please notify the sender immediately by return 
e-mail and delete all copies of this message and any attachments.

Thank you.
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: [ADSM-L] Side Effects of Removing Admins, Ben Bullock
Next by Date:  Re: [ADSM-L] Side Effects of Removing Admins, Zoltan Forray/AC/VCU
Previous by Thread:  Re: [ADSM-L] Side Effects of Removing Admins, Huebner,Andy,FORT WORTH,IT
Next by Thread:  Re: [ADSM-L] Side Effects of Removing Admins, Nick Laflamme
Indexes:  [Date] [Thread] [Top] [All Lists]