Hi
In a case where you use LDAP for security authentication, even IF the LDAP
server was destroyed, you would still be able to access the TSM server
either through server console or by using a locally registred admin (what
is to say that if you use LDAP, you cannot use the normal admin accounts
within TSM?).
The use of LDAP authentication would be a very neat feature. Imagine you
could handle backup/restore authentication and admin authentication from
the same repository you handle all other security authentications. That
would make the security management a whole lot easier, especially in
larger sites where you might have different departments handling
backup/restore/administration of different servers / groups of servers.
I'm aware the above is still technically possible today, but imagine
handling 50-60 user accounts(not node admin accounts, but user accounts)
in the way TSM does . Just cause you're a storage administrator it doesnt
mean you'd like to become a user administrator aswell ;)
Daniel Sparrman
-----------------------------------
Daniel Sparrman
Utvecklingschef
Exist i Stockholm AB
Propellervägen 6B
183 62 TÄBY
Växel: 08 - 754 98 00
Mobil: 070 - 399 27 51
Salak Juraj <J.Salak AT ASAMER DOT AT>
Sent by: "ADSM: Dist Stor Manager" <ADSM-L AT VM.MARIST DOT EDU>
2005-11-09 15:21
Please respond to
"ADSM: Dist Stor Manager" <ADSM-L AT VM.MARIST DOT EDU>
To
ADSM-L AT VM.MARIST DOT EDU
cc
Subject
AW: Can TSM use LDAP for admin authentication?
Hi!
Assuming you will NOT backup your LDAP Servers with TSM wait for this
support, it is not available yet.
Assuming you WILL backup your LDAP Servers with TSM this is a bad idea:
backups are fo restore: how can you restore a malfunctioning LDAP when you
cannot log-in because of maflunctioning LDAP?
regards
Juraj
> -----Ursprüngliche Nachricht-----
> Von: ADSM: Dist Stor Manager [mailto:ADSM-L AT VM.MARIST DOT EDU] Im
> Auftrag von Loren Cain
> Gesendet: Mittwoch, 09. November 2005 15:03
> An: ADSM-L AT VM.MARIST DOT EDU
> Betreff: Can TSM use LDAP for admin authentication?
>
> We are building a new TSM installation for a client and I have been
>
> asked if TSM can use LDAP to authenticate the admin userids. They
>
> don't want to have to maintain a separate userid/password mechanism
>
> just for the TSM servers if they can avoid it.
>
>
>
> I have never seen anything that leads me to believe this is possible,
>
> but I've also never seen anything that says it isn't. Unfortunately,
>
> searches for keywords like "ldap" in the list archives and
> support site
>
> results in many, many hits on how to back up ldap, but not on how
>
> or whether to use it.
>
>
>
> Does anyone know if this can be done? The only alternative I have so
>
> far is some sort of scripted mechanism to regularly pull data
> from ldap
>
> and update TSM.
>
>
>
> This is on TSM 5.2.3, on Solaris9.
>
>
>
> Loren Cain
>
> Digicon
>
>
>
>
|