Re: BackupStgpool preparation
2005-06-21 11:22:44
From: ADSM: Dist Stor Manager [mailto:ADSM-L AT VM.MARIST DOT EDU] On
Behalf Of Allen S. Rout
>How do you folks deal with the desire to automatically answer
>the question
>
>"Are my copy pools up to date"
>
>In order to automate the above-quoted query, it is necessary that the
>logged-in ID have storage authority on the pools in question.
>This makes it
>(in my opinion) a dangerous ID to have its' password sitting around in
>plaintext somewhere on disk.
You set the permissions for the batch file that runs
BACKUP STG POOL1 POOL2 PREVIEW=YES
to "Full Control" for local administrators and the System ID, and no
access otherwise (TSM for Windows), or you chmod it 700, with the TSM
admin's ID as the owner of the file (TSM for UNIX/Linux).
If root, the admin's UNIX ID, or the local admin IDs are compromised,
you've got far larger problems than a cleartext batch file that runs a
BACKUP STG could possibly cause.
It all boils down to secure passwords and proper permission settings,
just as it always has.
--
Mark Stapleton (stapleton AT berbee DOT com)
IBM Certified Advanced Deployment Professional
Tivoli Storage Management Solutions 2005
IBM Certified Advanced Technical Expert (CATE) AIX
Office 262.521.5627
|
|
|