Hello All,
 
>From time to time we are having issues where clients trying to configure 
>client based encryption on their servers can't get TSM to prompt them to 
>generate an encryption key.  This seems to be a problem that has been 
>occurring only on clients running various levels of Windows OS and different 
>levels of the TSM ba client.  I am wondering if anyone else has experienced 
>periodic failures when having clients' setup encryption, and if so what do you 
>do to correct this problem?   The steps we are using to have clients configure 
>encryption are below; please let us know if we are doing something incorrect 
>in the process.

1.            Add these statements to dsm.opt
                encryptiontype aes128
                encryptkey         save
                include.encrypt *\...\*
2.            Run 'dsmc q sched' to confirm the client can communicate with 
tsmin01
3.            Run a very small backup to initiate the encryption key creation 
routine. 
4.            When prompted at the bottom of the screen, choose the option to: 
Generate an encryption key.
5.            Enter the encryption key and confirm it.  You will see your 
backup run to completion and the encryption                 key will be stored 
in your Windows registry.

Chad E. Harris
Indiana University
UITS Storage and Virtualization