Jeff_Jeske
ADSM.ORG Senior Member
Lets start off with an example....
1 TSM server with 500 server clients. Of these 500 servers some are databases (containing thousands of customers info), some are files servers with home drives, some are code servers with proprietary code. Other servers are web and apps that are accessed from many different users with local admin rights.
What do you guys do to prevent one of those creative local admins from spoofing the opt file to recover a home drive information to the local disk of some app server?
In many cases the TSM client password is identical across the farm. Others may use a fairly simple pattern to make it easy to access all clients.
What is the most popular way to limit restore access only to TSM admins?
1 TSM server with 500 server clients. Of these 500 servers some are databases (containing thousands of customers info), some are files servers with home drives, some are code servers with proprietary code. Other servers are web and apps that are accessed from many different users with local admin rights.
What do you guys do to prevent one of those creative local admins from spoofing the opt file to recover a home drive information to the local disk of some app server?
In many cases the TSM client password is identical across the farm. Others may use a fairly simple pattern to make it easy to access all clients.
What is the most popular way to limit restore access only to TSM admins?
Last edited: