ADSM-L
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: Better passwords in TSM

2003-04-10 09:01:25
Subject: Re: Better passwords in TSM
From: Remco Post <r.post AT SARA DOT NL>
To: ADSM-L AT VM.MARIST DOT EDU
Date: Thu, 10 Apr 2003 15:00:52 +0200 
On Wed, 9 Apr 2003 18:30:58 -0500
Roger Deschner <rogerd AT UIC DOT EDU> wrote:

> A. Does the TSM client (all of them: GUI, web, and linemode
> backup/archive, and Administrative) send the password to the TSM server
> in an encrypted form, or in clear text?
>

encrypted.

> B. Is there a way to enforce password strength rules? How can I tailor
> those rules?
>

Nope, (LART the user if he/she does it wrong)

> C. If not, is there a way to require all TSM clients to use Password
> Generate? (The auditors seem to like what Password Generate does.)
>

Nope.

> D. If a client node has been using Password Generate, why does its
> Password Change Date show up as a long time ago. Shouldn't it be the
> date of last use, since Password Generate sets a new password with each
> use?
>
> E. Is there a way I can tell if a client uses Password Generate?
>

nope

> F. If a client node has been using Password Generate, and I change its
> Password Expiration interval to something shorter than it was, which is
> shorter than its Last Password Change date, what will happen? Hopefully
> nothing at all - Password Generate will simply continue to operate.
>
> G. How secure is Password Generate - really?
>
> H. Is there any way to enforce the auditor's rules for Administrative
> Clients?
>

help set passexp

> I'm trying to avoid having all 1,000 clients call me on the telephone on
> one day to complain that their passwords are no longer valid, while
> still making the auditors happy.
>
> Roger Deschner      University of Illinois at Chicago     rogerd AT uic DOT 
> edu
> ======= Warning: The Surgeon General has found that smoking may ========
> ======== cause some individuals to ignore the Surgeon General. =========


--
Met vriendelijke groeten,

Remco Post

SARA - Stichting Academisch Rekencentrum Amsterdam    http://www.sara.nl
High Performance Computing  Tel. +31 20 592 8008    Fax. +31 20 668 3167

"I really didn't foresee the Internet. But then, neither did the computer
industry. Not that that tells us very much of course - the computer industry
didn't even foresee that the century was going to end." -- Douglas Adams
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Statistics from TDP for SAP, Robert Fijan
Next by Date:  AW: Backing up VMWare DSK Files using TSM 5.1, Kaiser, Andreas
Previous by Thread:  Better passwords in TSM, Roger Deschner
Next by Thread:  Re: Better passwords in TSM, Andrew Raibeck
Indexes:  [Date] [Thread] [Top] [All Lists]