1. Community Tip: Please Give Thanks to Those Sharing Their Knowledge.
    If you receive helpful answer on this forum, please show thanks to the poster by clicking "LIKE" link for the answer that you found helpful.
  2. Community Tip: Forum Rules (PLEASE CLICK HERE TO READ BEFORE POSTING)
    Click the link above to access ADSM.ORG Acceptable Use Policy and forum rules which should be observed when using this website. Violators may be banned from this website. This notice will disappear after you have made at least 3 posts.

Lock Down Restore Capabilities

Discussion in 'Restore / Recovery Discussion' started by chad_small, May 2, 2012.

  1. chad_small

    chad_small ADSM.ORG Moderator

    Joined:
    Dec 17, 2002
    Messages:
    2,210
    Likes Received:
    45
    Occupation:
    AIX/SAN/TSM
    Location:
    Gilbert, AZ
    So TSM will allow anyone who has access to the command-line or GUI to restore data they have permission. I need a way to lock down restore functionality to only the TSM admins. So I'm thinking it's going to come down to the file permissions not allowing the GUI or command-line to be executed unless by the TSM backup group. If you have had to do something similar to this, what steps did you take?
     
  2.  
  3. bbeaulieu

    bbeaulieu ADSM.ORG Member

    Joined:
    May 20, 2008
    Messages:
    31
    Likes Received:
    0
    That's a good question. How do large companies with server groups, backup groups, application groups all get along with TSM?
     
  4. chad_small

    chad_small ADSM.ORG Moderator

    Joined:
    Dec 17, 2002
    Messages:
    2,210
    Likes Received:
    45
    Occupation:
    AIX/SAN/TSM
    Location:
    Gilbert, AZ
    The only way I've found is by using the session initiation setting on the TSM server. This would only allow the TSM server to initiate session so theoretically only even a restore should fail unless initiated from the TSM server.
     

Share This Page