Step3:  run a very small backup

Make sure your users run a very small SELECTIVE backup (or in the GUI
specify ALWAYS BACKUP).

If they run an incremental backup, and the client finds nothing to back up
(because it has been backed up already), you will not get the prompt for the
encryption key.

W

On Fri, Nov 6, 2009 at 2:10 PM, Harris, Chad E <ceh AT indiana DOT edu> wrote:

> Hello All,
>
> From time to time we are having issues where clients trying to configure
> client based encryption on their servers can't get TSM to prompt them to
> generate an encryption key.  This seems to be a problem that has been
> occurring only on clients running various levels of Windows OS and different
> levels of the TSM ba client.  I am wondering if anyone else has experienced
> periodic failures when having clients' setup encryption, and if so what do
> you do to correct this problem?   The steps we are using to have clients
> configure encryption are below; please let us know if we are doing something
> incorrect in the process.
>
> 1.            Add these statements to dsm.opt
>                encryptiontype aes128
>                encryptkey         save
>                include.encrypt *\...\*
> 2.            Run 'dsmc q sched' to confirm the client can communicate with
> tsmin01
> 3.            Run a very small backup to initiate the encryption key
> creation routine.
> 4.            When prompted at the bottom of the screen, choose the option
> to: Generate an encryption key.
> 5.            Enter the encryption key and confirm it.  You will see your
> backup run to completion and the encryption                 key will be
> stored in your Windows registry.
>
> Chad E. Harris
> Indiana University
> UITS Storage and Virtualization
>