TSM Cops?

Leigh

ADSM.ORG Member
Joined
Jun 13, 2007
Messages
53
Reaction score
0
Points
0
Location
Johannesburg
PREDATAR Control23

Hi All,
I used to use a nice little tool called TSM Cops that was a TSM Healthcheck script that checked it was ITCS104 (or something!) compliant in terms of password lengths, userid checks, that kind of thing.

I can't find it anywhere, does anyone use it or know what's happened to it?

Thanks
Leigh.
 
PREDATAR Control23

They were still using it this spring at IBM.
I looked but don't have the script, unfortunately.

- Jen Howland
 
PREDATAR Control23

I used it at IBM and really its kind of a joke...let me explain. IBM uses it to audit the servers for security reasons, the problem is that TSM does not require new passwords so old ones can be reused and as long as the password is updated COPS has no idea it really wasn't changed. So what you find is that to keep Oracle backups running TSM admins tend to just update the password with the current password a few days before cops runs so that cops passes the server and the Oracle backups keep running. This is just one example and the real failure lies with TSM not caching previous passwords so they can't be reused. Let's also recognize that the key to TSM security is the host servers security. So if the host's security settings are a mess nothing in TSM is going to help much.
 
Top