Frank,
NetWorker 7.1, targeted for Q3 2003, will have this capability if used with
NetWorker Management Console 3.1, targeted for Q1 2004. NetWorker 7.0 goes a
little way in that you can have two access control groups, Users and
Administrators.
If you had been using NetWorker 6 on any platform, other than Linux, we
would have had a solution using NetWorker Operations.
Shaun Ellis
NetWorker Management & OpenVMS Product Manager
LEGATO Systems Inc
3210, Porter Drive
Palo Alto
Ca 94304
Phone: +1 (650) 842 9548
Mobile: +1 (408) 431 6997
-----Original Message-----
From: Frank Altpeter [mailto:f.altpeter AT broadnet-mediascape DOT de]
Sent: Thursday, June 26, 2003 3:18 AM
To: Legato NetWorker discussion
Subject: restricting access via nwadmin / networker administrator
[networker-6.1.3 on linux-2.4.21]
hi there again,
There are some reasons here that make me think about how to re-
strict the admin interface access to our networker server.
I see the possibility to restrict the write access within the
networker, so no one can attempt to modify clients, groups or di-
rectives without permission, but i also need to ensure, that no
one can even view any of that information without given access.
Currently, everyone in the same network of the networker server
can start nwadmin or the windows networker administrator client
to view the clients, their savesets, their configuration, and so
on.
Is it really true that there is no networker-built-in function to
restrict read-only access too? I'm not sure if i want to use a
filtering software, since i'm not sure if it's even possible to
block ports to only restrict the admin console - i don't want to
disable the ability to backup :)
Currently i see an established connection from my client host to
the backup server port 8045 - is somewhere documented that this
is the only port that needs to be blocked, in case i solve my
problem with ipfilter?
With kind regards,
Frank Altpeter
--
Note: To sign off this list, send a "signoff networker" command via email
to listserv AT listmail.temple DOT edu or visit the list's Web site at
http://listmail.temple.edu/archives/networker.html where you can
also view and post messages to the list.
=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=
--
Note: To sign off this list, send a "signoff networker" command via email
to listserv AT listmail.temple DOT edu or visit the list's Web site at
http://listmail.temple.edu/archives/networker.html where you can
also view and post messages to the list.
=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=
|