Chris,

If this function is important to you, I recommend that you work with your
IBM representative or IBM support to draft a formal requirement, to which
you will get a response.

Scheduled backups do not require a TSM-generated password, but they do
require the use of PASSWORDACCESS GENERATE. If you want, you can automate
the backup yourself and use PASSWORDACCESS PROMPT, passing in the password
via a script.

The PASSWORDACCESS GENERATE and automatic password expiration on the
server are not tied together 100%. You can disable automatic password
expiration at the server level, or at the individual node level (see the
SET PASSEXP and UPDATE NODE server commands). Your TSM administrator could
arrange to query all nodes whose passwords haven't been reset within the
past 'x' number of days ('x' is the number of days after which your site
requires you to change your password) and email anyone who needs to change
their password to do so. Thus you can still use PASSWORDACCESS GENERATE to
aid in automation, but the password change is left up to you.

I realize that this is not the ideal solution that you are looking for,
but the best I can offer for now is the above suggestions.

Regards,

Andy

Andy Raibeck
IBM Software Group
Tivoli Storage Manager Client Development
Internal Notes e-mail: Andrew Raibeck/Tucson/IBM@IBMUS
Internet e-mail: storman AT us.ibm DOT com

The only dumb question is the one that goes unasked.
The command line is your friend.
"Good enough" is the enemy of excellence.

"ADSM: Dist Stor Manager" <ADSM-L AT VM.MARIST DOT EDU> wrote on 12/16/2004
12:40:06:

> > OR alternatively, you can use the TSM command line command:  SET
ACCESS.
> > Read about this in the book, or the HELP.
> OK, I see that this provides a work around.
>
> > Also under UTILITIES, you can change your own password, instead of
> > letting the TSM server do it.
> > If your TSM admin has set up to force password change every 30 days,
and
> > you change it on day 29, the TSM server won't change it again.  So you
> > WILL know what it is.
> Except that you need to know the (potentially random by now)
> autogenerated password first. Is it true that scheduled backups need to
> have an autogenerated password enabled?
>
> It strikes me that there should be some facility to tell the user what
> the new password is when it's changed (e.g., as I say, the MAILPROG
> option under unix). Would you trust your login password to your SSH
> client for example... having it randomly change the thing once a month
> or so, and never let you know what it is? Of course, you can just reset
> the login password when you finally need it again, but still. It seems
> strange to me to take a password completely out of the user's control
> like this.
>
> Chris.