With a tsm client (same clientlevel or higher), same OS (or compatible), an
admin user (system priv) and valid password you can restore any data from
the client to the place you want it to go. Yep, it can be a security issue.

We like to use dsm(c) -optfile=(name of one of our tsm servers).opt
-virtualnodename=(name of node). Make life very easy.

-----Oorspronkelijk bericht-----
Van: Sal Mangiapane [mailto:salm AT VITALDS DOT COM]
Verzonden: woensdag 12 maart 2003 17:26
Aan: ADSM-L AT VM.MARIST DOT EDU
Onderwerp: Re: Client login with admin id and password


That is very interesting.  In the US government has some "acts" that are
concerned with privacy.  There is HIPAA for health care
industry patient data protection and GLBA for the financial industry
consumer data protection.

Is anyone using TSM to protect data that is affected by either HIPAA or
GLBA?  If so, have you taken any specific measures to comply
with the requirements.

sal

Sal Mangiapane
Vital Data Systems, LLC

>
> Hello,
> I always thought that a tsm admin does not have access to client data. I
> think I learned something new.
> Calling dsmc or dsm with -node=tarzan and specifying a valid admin id and
> password (system privilege) gives access to node tarzan's data. At least
it
> is possible to list the files. I haven't tried to restore data. This is
> indeed documented. However, I would prefer if there were a message in the
> activity log saying that admin id was used.
> Am I wrong? Could someone explain this feature in more detail?
>
> Best regards
> Gerhard
> ---
> Gerhard Rentschler            email:g.rentschler AT rus.uni-stuttgart DOT de
> Regional Computing Center     tel.   ++49/711/685 5806
> University of Stuttgart       fax:   ++49/711/682357
> Allmandring 30a
> D 70550
> Stuttgart
> Germany
>