Here is a suggestion for proper auditability of ISC-AC based TSM
administration:
1) create an ISC ID for each TSM administrator
2) create a TSM admin ID for each TSM administrator and grant auth ...
cl=sys
3) have each TSM administrator add their server connection on the ISC
(under "Manage Servers" on the ISC-AC v6.1) using their TSM admin ID
4) lock admin ADMIN
5) remove the server connection from the ISC ID iscadmin
You now have an auditable trail in the activity log of "who did what".
Joerg Pohlmann
250-245-9863
"ADSM: Dist Stor Manager" <ADSM-L AT VM.MARIST DOT EDU> wrote on 2009-07-30
12:53:22:
Is there any log in the ISC/AC (ICS 6.01 and AC 5.5) that would show me
who
logged on from where at a particular time? I have a client (inherited)
That
has people all using the ADMIN userid and some's been updating schedules
and
completely mucking up the works. From the activity log I can trace the
commands down to user ADMIN coming from the ISC IP address. Now I just
need
to find out who logged in to that. They all also use the ISCADMIN userid
for
that..again inherited. If I can find out the IP address of who logged on
to
the ISC.I'll be 1 more step along the path to find this joker. Maybe the
WAS
component has a log somethere?
Any help will be greatly appreciated.as I move them to individual userids
for both TSM and ISC.
Bill Boyer
"He who laughs last probably made a back-up." Murphy's law of computing
------------------------------------------------------------------------
No virus found in this incoming message.
Checked by AVG - www.avg.com
Version: 8.5.392 / Virus Database: 270.13.44/2282 - Release Date: 08/04/09
18:01:00
