I'm not sure there is a problem.
If you set up ADSM on an NT workstation, and install the ADSM scheduler
service, the service runs under the "system" account, which gives it read
access to everything.
If a user logs on to the NT workstation under his own id and starts adsm
(assuming you give him/her access at all to the ADSM GUI), he can only back
up or restore interactively any files that he would have access to read and
write anyway. So there is no exposure here.
As far as setting up administrative schedules that run scripts on the NT
machine, the only person who can do that is the ADSM administrator. So the
only person not to trust there, is you (I'm assuming that YOU are the ADSM
admin.)
If the problem is that the owners of the NT machines don't want YOU to have
the ability to set up administrative schedules, they can uninstall the
scheduler service, which will prevent you from setting up any schedules they
don't like. They can still run regular incremental backups themselves,
using the command line.
"dsmc incremental" is all that is necessary to perform the same
incremental backup that the scheduler would. They can schedule it with an
AT command on their own machine and get the same results.
The only difference is that then the ADSM admin (presumably you) won't be
able to check and make sure (via checking the SCHEDULED EVENTS) that their
scheduled backups ran OK, that has to become their responsibility. (Which
is fair, if they don't want you to have the authority.)
************************************************************************
Wanda Prather
The Johns Hopkins Applied Physics Lab
443-778-8769
wanda_prather AT jhuapl DOT edu
"Intelligence has much less practical application than you'd think" -
Scott Adams/Dilbert
************************************************************************
> -----Original Message-----
> From: Allen S. Rout [SMTP:asr AT NERSP.NERDC.UFL DOT EDU]
> Sent: Monday, May 17, 1999 8:48 AM
> To: ADSM-L AT VM.MARIST DOT EDU
> Subject: Re: Minimum administrative access on NT?
>
> => On Fri, 14 May 1999 11:56:01 -0700, "Joshua Bassi"
> <jbassi AT gloryworks DOT com> said:
>
>
> > Unfortunately support is right. Think about it. How can a user with
> out
> > access to a file or directory back it up - he doesn't' have access to
> the
> > file at the operating system level. This is totally independent of
> ADSM.
>
> I understand that the ADSM process needs to have access to read all files;
> It
> was my understanding (possibly mistaken, I am no NT admin) that a
> privilege
> level 'backup' existed, which permitted the same read access, but did not
> permit changes (or the execution of random scripts, or, or... )
>
>
> > What I have done for other customers is merely install the ADSM
> scheduler as
> > a service running under the System Account. Then whenever the box
> boots,
> > the service will start and run an unattended backup without having to
> have a
> > user login to the box with that high level of administrative rights.
>
> Really, it's not the startup that is at issue for the managers I'm working
> with. It's the notion of letting someone run any script they want
> ('administrative command' schedule, anyone?) on their servers, with full
> "administrator" privilege.
>
> And I can't blame them. :)
>
> So, has anyone else deployed ADSM across administrative boundaries (on NT)
> without giving the keys to _all_ the kingdoms to the ADSM admins?
>
>
> - Allen S. Rout
|
