ADSM-L
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: AW: Can TSM use LDAP for admin authentication?

2005-11-10 07:00:05
Subject: Re: AW: Can TSM use LDAP for admin authentication?
From: Daniel Sparrman <Daniel.Sparrman AT EXIST DOT SE>
To: ADSM-L AT VM.MARIST DOT EDU
Date: Thu, 10 Nov 2005 12:59:43 +0100 
Hi

In a case where you use LDAP for security authentication, even IF the LDAP 
server was destroyed, you would still be able to access the TSM server 
either through server console or by using a locally registred admin (what 
is to say that if you use LDAP, you cannot use the normal admin accounts 
within TSM?).

The use of LDAP authentication would be a very neat feature. Imagine you 
could handle backup/restore authentication and admin authentication from 
the same repository you handle all other security authentications. That 
would make the security management a whole lot easier, especially in 
larger sites where you might have different departments handling 
backup/restore/administration of different servers / groups of servers.

I'm aware the above is still technically possible today, but imagine 
handling 50-60 user accounts(not node admin accounts, but user accounts) 
in the way TSM does . Just cause you're a storage administrator it doesnt 
mean you'd like to become a user administrator aswell ;)

Daniel Sparrman
-----------------------------------
Daniel Sparrman
Utvecklingschef
Exist i Stockholm AB
Propellervägen 6B
183 62 TÄBY
Växel: 08 - 754 98 00
Mobil: 070 - 399 27 51



Salak Juraj <J.Salak AT ASAMER DOT AT> 
Sent by: "ADSM: Dist Stor Manager" <ADSM-L AT VM.MARIST DOT EDU>
2005-11-09 15:21
Please respond to
"ADSM: Dist Stor Manager" <ADSM-L AT VM.MARIST DOT EDU>


To
ADSM-L AT VM.MARIST DOT EDU
cc

Subject
AW: Can TSM use LDAP for admin authentication?






Hi!

Assuming you will NOT backup your LDAP Servers with TSM wait for this 
support, it is not available yet.

Assuming you WILL  backup your LDAP Servers with TSM this is a bad idea: 
backups are fo restore: how can you restore a malfunctioning LDAP when you 
cannot log-in because of maflunctioning LDAP?

regards
Juraj

> -----Ursprüngliche Nachricht-----
> Von: ADSM: Dist Stor Manager [mailto:ADSM-L AT VM.MARIST DOT EDU] Im 
> Auftrag von Loren Cain
> Gesendet: Mittwoch, 09. November 2005 15:03
> An: ADSM-L AT VM.MARIST DOT EDU
> Betreff: Can TSM use LDAP for admin authentication?
> 
> We are building a new TSM installation for a client and I have been
> 
> asked if TSM can use LDAP to authenticate the admin userids. They
> 
> don't want to have to maintain a separate userid/password mechanism
> 
> just for the TSM servers if they can avoid it.
> 
> 
> 
> I have never seen anything that leads me to believe this is possible,
> 
> but I've also never seen anything that says it isn't. Unfortunately,
> 
> searches for keywords like "ldap" in the list archives and 
> support site
> 
> results in many, many hits on how to back up ldap, but not on how
> 
> or whether to use it.
> 
> 
> 
> Does anyone know if this can be done?  The only alternative I have so 
> 
> far is some sort of scripted mechanism to regularly pull data 
> from ldap
> 
> and update TSM.
> 
> 
> 
> This is on TSM 5.2.3, on Solaris9.
> 
> 
> 
> Loren Cain
> 
> Digicon
> 
> 
> 
>
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Solaris Devices, Scott, Mark William
Next by Date:  Mixing 32/64 bit with TSM and DB2, Bell, Charles (Chip)
Previous by Thread:  AW: Can TSM use LDAP for admin authentication?, Salak Juraj
Next by Thread:  Re: AW: Can TSM use LDAP for admin authentication?, Allen S. Rout
Indexes:  [Date] [Thread] [Top] [All Lists]