Networker
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: [Networker] NMM 2.3 backup issue

2011-10-18 06:51:28
Subject: Re: [Networker] NMM 2.3 backup issue
From: Frank Swasey <Frank.Swasey AT UVM DOT EDU>
To: NETWORKER AT LISTSERV.TEMPLE DOT EDU
Date: Tue, 18 Oct 2011 06:49:57 -0400 
Mark,
I for one will welcome the additional granularity you are describing. I think a lot of us out here get very frustrated that a frequent request from the technicians when working an SR that seems to have anything to do with authorization is to give *@* access. A much better option, in my opinion, would be increased logging that could be enabled when needed to determine authentication/authorization issues - and it would probably reduce the number of SR's that were opened as well. 

Frank

On Mon, 17 Oct 2011 at 6:45pm, Mark Wiertalla wrote:



Can someone from PM please explain that it is not an issue that NMM and
Oracle clients need to be admins on the datazone?



This is an admin challenge that we've tracked for some time.

1) I can validate that promoting an admin, like a DBA, from 'users'
to 'administrator' not only adds the desired permissions like 'configure'
and 'operate devices', but also includes permissions that you might not
want the DBA to have.

2) Current NetWorker releases, like 7.6S SPx,  do allow the NetWorker
administrator to create a new users group with a set of customized
permissions. We know that this is not always reasonable, but it is an
option available to you today.

3) In the next NetWorker release we will include several new, standard
roles in addition to 'users' and 'adminsitrator'. The new roles will have
appropriate permissions already set for you. e.g.  'Application
Adminsitrator' will still have backup, restore, & monitor permissions, but
will include 'configure' and 'operate devices'. Along with a few other
enahncements we have in store for you, this will make it much easier for
NetWorker administrators to give users autonomy without compromising
security policies.

Best regards,
NetWorkerPM

To sign off this list, send email to listserv AT listserv.temple DOT edu and type 
"signoff networker" in the body of the email. Please write to networker-request 
AT listserv.temple DOT edu if you have any problems with this list. You can access the 
archives at http://listserv.temple.edu/archives/networker.html or
via RSS at http://listserv.temple.edu/cgi-bin/wa?RSS&L=NETWORKER



--
Frank Swasey                    | http://www.uvm.edu/~fcs
Sr Systems Administrator        | Always remember: You are UNIQUE,
University of Vermont           |    just like everyone else.
  "I am not young enough to know everything." - Oscar Wilde (1854-1900)

To sign off this list, send email to listserv AT listserv.temple DOT edu and type 
"signoff networker" in the body of the email. Please write to networker-request 
AT listserv.temple DOT edu if you have any problems with this list. You can access the 
archives at http://listserv.temple.edu/archives/networker.html or
via RSS at http://listserv.temple.edu/cgi-bin/wa?RSS&L=NETWORKER
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: [Networker] "Dedicated interface for client backup/recover operatio, Dag Nygren
Next by Date:  Re: [Networker] "Dedicated interface for client backup/recover operatio, Eugene Vilensky
Previous by Thread:  Re: [Networker] NMM 2.3 backup issue, Mark Wiertalla
Next by Thread:  [Networker] NDMP Backup showing 0% in Monitoring View, gmdune
Indexes:  [Date] [Thread] [Top] [All Lists]