ADSM-L
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: [ADSM-L] TSM admin password expired

2008-01-22 16:00:19
Subject: Re: [ADSM-L] TSM admin password expired
From: "Schneider, John" <John.Schneider AT MERCY DOT NET>
To: ADSM-L AT VM.MARIST DOT EDU
Date: Tue, 22 Jan 2008 14:59:22 -0600 
Well, the activity log won't tell you exactly where the commands are
coming from, just the account.  But my guess would be, since this is an
AIX TSM server, that somebody has scripts running from cron that use the
Operator account and have the password hardcoded in.

I would get somebody with root privileges in the server to help you dig
through the crontab entries (it may run from somewhere other than root's
crontab) and then grep through scripts with likely sounding names
looking for dsmadmc, or operator.

Best of luck to you.  Just a tip, but for these sort of scripts we set
up a special privileged account who's password doesn't expire, and
almost nobody knows the password to.

Best Regards,

John D. Schneider
Lead Systems Administrator - Storage
Sisters of Mercy Health Systems
Email:  John.Schneider AT Mercy DOT net


-----Original Message-----
From: ADSM: Dist Stor Manager [mailto:ADSM-L AT VM.MARIST DOT EDU] On Behalf Of
Haberstroh, Debbie (IT)
Sent: Tuesday, January 22, 2008 2:46 PM
To: ADSM-L AT VM.MARIST DOT EDU
Subject: [ADSM-L] TSM admin password expired


Hi all,

I have a server that was recently updated to 5.4 from an old TSM server.
One of the admin accounts, called OPERATOR, had a password expire over
the weekend so this morning the administrator updated the password.  Now
we are getting the following messages:

1/22/08 2:00:00 PM CST ANR0407I Session 17320 started for administrator
OPERATOR (AIX) (Tcp/Ip aixdb(64763)). (SESSION: 17320) 
1/22/08 2:00:00 PM CST ANR2177I OPERATOR has 1 invalid sign-on attempts.
The limit is 3. (SESSION: 17320) 
1/22/08 2:00:00 PM CST ANR0418W Session 17320 for administrator OPERATOR
(AIX) is refused because an incorrect password was submitted. (SESSION:
17320) 

How do we find out what jobs are trying to run with this account so we
can reset it?  This would have been setup a long time ago by an
administrator that is no longer here.  Any help would be appreciated,
thanks.

Debbie Haberstroh
Server Administration
Northrop Grumman Information Technology 
Commercial, State & Local (CSL)
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: [ADSM-L] TSM admin password expired, Richard Sims
Next by Date:  Re: [ADSM-L] Fw: DISASTER: How to do a LOT of restores?, Henrik Vahlstedt
Previous by Thread:  Re: [ADSM-L] TSM admin password expired, Haberstroh, Debbie (IT)
Next by Thread:  Re: [ADSM-L] TSM admin password expired, Ben Bullock
Indexes:  [Date] [Thread] [Top] [All Lists]