Environment: Windows Client 6.1.2.0, Server 5.5.2.0 Client dsm.opt file contains passwordaccess generate.
Scenario:
The TSM administrator runs
update node smithm forcepwreset=yes passexp=1
My scheduled backup runs the next day without user intervention and I can see that the client has stored a new encrypted password in the registry. This is good because the original password is weak and nobody knows the automatically generated password.
The Problem:
The password isn't really changed, that is, I can go to another computer and login to smithm's backups by providing the legacy password. Clearly I'm confused. My underlying problem is that many of my 1100 TSM Nodeids have weak passwords. I was hoping I could automagically change them and existing clients would not have to know a password until they moved to a new computer.
Scenario:
The TSM administrator runs
update node smithm forcepwreset=yes passexp=1
My scheduled backup runs the next day without user intervention and I can see that the client has stored a new encrypted password in the registry. This is good because the original password is weak and nobody knows the automatically generated password.
The Problem:
The password isn't really changed, that is, I can go to another computer and login to smithm's backups by providing the legacy password. Clearly I'm confused. My underlying problem is that many of my 1100 TSM Nodeids have weak passwords. I was hoping I could automagically change them and existing clients would not have to know a password until they moved to a new computer.