ADSM-L
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: [ADSM-L] Side Effects of Removing Admins

2010-07-08 10:05:39
Subject: Re: [ADSM-L] Side Effects of Removing Admins
From: Zoltan Forray/AC/VCU <zforray AT VCU DOT EDU>
To: ADSM-L AT VM.MARIST DOT EDU
Date: Thu, 8 Jul 2010 10:03:49 -0400 
Good luck with removing the admin id.

My main co-admin is no longer employed with us. Thus his admin id touched
lots of things.  At first, I was not able to delete his id.  Every time I
tried to delete it, I got some kind of error that it was still in
needed/in use (or something like that).  From a previous post here (I
think it was Richard), I was told that every node he created (that has not
been modified by another admin) and I think storage pools, etc, want to
keep this "connection" and wouldn't let me delete the admin id.

I did lock the id so it could not be used.  Eventually, I was able to
delete it, but it took over a year.

Not sure if this restriction is still in place, since it was a long time
ago.
Zoltan Forray
TSM Software & Hardware Administrator
Virginia Commonwealth University
UCC/Office of Technology Services
zforray AT vcu DOT edu - 804-828-4807
Don't be a phishing victim - VCU and other reputable organizations will
never use email to request that you reply with your password, social
security number or confidential personal information. For more details
visit http://infosecurity.vcu.edu/phishing.html



From:
Nick Laflamme <dplaflamme AT GMAIL DOT COM>
To:
ADSM-L AT VM.MARIST DOT EDU
Date:
07/08/2010 08:10 AM
Subject:
[ADSM-L] Side Effects of Removing Admins
Sent by:
"ADSM: Dist Stor Manager" <ADSM-L AT VM.MARIST DOT EDU>



My current shop has a collective memory of "bad things happening" when old
Admin userids are removed from TSM servers. Memories are a bit vague, and
all of us have been doing TSM for a long time in a variety of shops, but
the general anxiety is that removing the userids of admins who have moved
on might break administrative schedules, copy groups, or some other key
feature of TSM.

Now, of course, we have auditors breathing down our necks that we need to
clean up and secure our servers. I can't say that I blame them, but there
is this pesky collective memory to deal with. I looked in both the TSM 5.5
administrative Guide and the Reference but didn't find any warnings about
side effects of removing administrators.

So, my question to the collective wisdom of the group is,

Does anyone else remember bad side effects of removing admins in TSM, and
if so, is there a corresponding clear memory of when this was fixed in
ADSM/TSM, or is it still an issue?

(For my first pass, I have used the CHG_ADMIN column in several tables to
find out who last updated several kinds of key system resources. If an
admin isn't listed in any of those tables on a server, I've gone ahead and
removed him or her.)

Thanks,
Nick
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: [ADSM-L] Side Effects of Removing Admins, Prather, Wanda
Next by Date:  Re: [ADSM-L] Side Effects of Removing Admins, Richard Sims
Previous by Thread:  Re: [ADSM-L] Side Effects of Removing Admins, Ben Bullock
Next by Thread:  Re: [ADSM-L] Side Effects of Removing Admins, Richard Sims
Indexes:  [Date] [Thread] [Top] [All Lists]