Better to lock the admin.



-----Original Message-----
From: ADSM: Dist Stor Manager [mailto:ADSM-L AT vm.marist DOT edu] On Behalf Of 
Lindsay Morris
Sent: Tuesday, May 11, 2010 3:59 PM
To: ADSM-L AT vm.marist DOT edu
Subject: Re: [ADSM-L] Securing TSM Client

Maybe you could lock all the nodes during the day (LOCK NODE...),
and unlock them at night for your scheduled backups ... ?

--------------------
Lindsay Morris
CEO, TSMworks
Tel. 1-859-539-9900
lindsay AT tsmworks DOT com


On Tue, May 11, 2010 at 4:08 PM, Leandro Mazur <leandromazur AT gmail DOT 
com>wrote:

> Hello everyone !
>
> I don't know if somebody has this kind of problem, but I have the following
> situation in the company I work for:
>
> - We have a TSM team to install, configure and maintain the whole backup
> process, server and client;
> - We have sysadmins that take care of the operational system and the
> applications;
> - When there's a need for any action to do with backup, they should open a
> ticket for the TSM team;
>
> The problem that we have is that the sysadmins are doing backups/archives
> and restores/retrieves without our knowledge, with great impact on our
> database (among other things...). We would like to block the access on the
> client, but we were not successful. If we use "password generate" on
> dsm.sys, the password is prompted only at first access. If we use "password
> prompt", the scheduler doesn't work (ANS2050E)...
> Any sugestions from the experts ? Maybe it could be a improvement to IBM
> implement on the future...
> __________________________________
> Leandro Mazur
>