ADSM-L
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: [ADSM-L] TDP for SQL and UAC

2017-06-02 08:24:33
Subject: Re: [ADSM-L] TDP for SQL and UAC
From: Del Hoobler <hoobler AT US.IBM DOT COM>
To: ADSM-L AT VM.MARIST DOT EDU
Date: Fri, 2 Jun 2017 08:21:06 -0400 
Hi Steve,

Assuming the user running the DP/SQL client has local administrator 
authority, the customer can disable UAC prompts only for administrators as 
described here: 

     
http://tweaks.com/windows/39115/disable-user-account-control-uac-only-for-administrators/
 


Alternatively, it is possible to disable UAC only for specific programs as 
described here: 

     
http://www.winhelponline.com/blog/run-programs-elevated-without-getting-the-uac-prompt/

and here:

     https://www.youtube.com/watch?v=_WcWJlm_O_k 



Del

----------------------------------------------------

"ADSM: Dist Stor Manager" <ADSM-L AT VM.MARIST DOT EDU> wrote on 06/01/2017 
07:59:52 PM:

> From: "Harris, Steven" <steven.harris AT BTFINANCIALGROUP DOT COM>
> To: ADSM-L AT VM.MARIST DOT EDU
> Date: 06/01/2017 08:01 PM
> Subject: TDP for SQL and UAC
> Sent by: "ADSM: Dist Stor Manager" <ADSM-L AT VM.MARIST DOT EDU>
> 
> Hi All
> 
> I've got a bit of a show-stopper here that I could use some help with.
> 
> Previously, SQL backups have been mostly  handled by dump to disk 
> and backup with BA Client. Database sizes have grown over time and 
> now we cannot get through the whole dump/backup cycle in a 
> reasonable window, so we have been pushing to get TDP used as the 
> standard backup mechanism for SQL.  There are a couple of issues 
> with this ; I'll  be submitting an RFE for one of them shortly 
> however the big one is to do with security.
> 
> The TDP for SQL backup is to be run using the control-m scheduling 
> tool as the backup has to run at a particular point in the 
> processing cycle (also for restores as we can't afford to have a 
> large restore fail because someone's RDP session timed out) .  It 
> must use a domain account, nothing else is permissible.  When doing 
> this we get a windows UAC pop-up.  Again we are not permitted to 
> turn off UAC..  don't worry about how reasonable that is, IT 
> Security and Auditors don't cope well with arguments about 
> 'reasonable' or 'low risk' it's all black and white.
> 
> So, has anyone else solved this issue: run a TDP backup from a 
> domain account and somehow bypass the UAC prompt without turning it 
> off in a blanket fashion?
> 
> Any and all suggestions gratefully received.
> 
> Steve
> 
> Steven Harris
> TSM Admin/Consultant
> Canberra Australia
> 
> This message and any attachment is confidential and may be 
> privileged or otherwise protected from disclosure. You should 
> immediately delete the message if you are not the intended 
> recipient. If you have received this email by mistake please delete 
> it from your system; you should not copy the message or disclose its
> content to anyone. 
> 
> This electronic communication may contain general financial product 
> advice but should not be relied upon or construed as a 
> recommendation of any financial product. The information has been 
> prepared without taking into account your objectives, financial 
> situation or needs. You should consider the Product Disclosure 
> Statement relating to the financial product and consult your 
> financial adviser before making a decision about whether to acquire,
> hold or dispose of a financial product. 
> 
> For further details on the financial product please go to 
http://www.bt.com.au
> 
> Past performance is not a reliable indicator of future performance.
>
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: [ADSM-L] Cloning a TSM instance, Maria Ilieva
Next by Date:  [ADSM-L] Open File Support and CIFS/DFS shares/mounts, Zoltan Forray
Previous by Thread:  [ADSM-L] TDP for SQL and UAC, Harris, Steven
Next by Thread:  Re: [ADSM-L] TDP for SQL and UAC, Shawn Drew
Indexes:  [Date] [Thread] [Top] [All Lists]
ADSM.ORG Privacy and Data Security by KimLaw, PLLC