One could always export a node's data and import it on a different TSM server. There you can change the password without anyone knowing.
-----Original Message----- From: Paul Zarnowski [mailto:[EMAIL PROTECTED] Sent: 17 March 2003 17:54 To: [EMAIL PROTECTED] Subject: Re: Client login with admin id and password Dwight, What you say is true, but.... If an admin changes the node's password, they have left tracks. They cannot change the password back to what it was, unless they knew what it was to start with. The next time the client goes to use TSM, they will be aware that their password was changed. I was amazed to find out that admins could do this without leaving tracks. This is somewhat disconcerting. ..Paul At 09:03 AM 3/12/2003 -0800, Cook, Dwight E wrote: >Well, since a "system privileged admin id" could change the node's password >and then connect without using their admin id & password (use the one they >just set it to) I can see why the straight use of their id & password would >be allowed. > >Just another reason why management should pay their TSM admin's well ;-) > >Dwight > > > >-----Original Message----- >From: Gerhard Rentschler [mailto:[EMAIL PROTECTED] >Sent: Wednesday, March 12, 2003 10:01 AM >To: [EMAIL PROTECTED] >Subject: Client login with admin id and password > > >Hello, >I always thought that a tsm admin does not have access to client data. I >think I learned something new. >Calling dsmc or dsm with -node=tarzan and specifying a valid admin id and >password (system privilege) gives access to node tarzan's data. At least it >is possible to list the files. I haven't tried to restore data. This is >indeed documented. However, I would prefer if there were a message in the >activity log saying that admin id was used. >Am I wrong? Could someone explain this feature in more detail? > >Best regards >Gerhard >--- >Gerhard Rentschler email:[EMAIL PROTECTED] >Regional Computing Center tel. ++49/711/685 5806 >University of Stuttgart fax: ++49/711/682357 >Allmandring 30a >D 70550 >Stuttgart >Germany -- Paul Zarnowski Ph: 607-255-4757 719 Rhodes Hall, Cornell University Fx: 607-255-8521 Ithaca, NY 14853-3801 Em: [EMAIL PROTECTED] Any e-mail message from the European Central Bank (ECB) is sent in good faith but shall neither be binding nor construed as constituting a commitment by the ECB except where provided for in a written agreement. This e-mail is intended only for the use of the recipient(s) named above. Any unauthorised disclosure, use or dissemination, either in whole or in part, is prohibited. If you have received this e-mail in error, please notify the sender immediately via e-mail and delete this e-mail from your system.
