Hi In a case where you use LDAP for security authentication, even IF the LDAP server was destroyed, you would still be able to access the TSM server either through server console or by using a locally registred admin (what is to say that if you use LDAP, you cannot use the normal admin accounts within TSM?).
The use of LDAP authentication would be a very neat feature. Imagine you could handle backup/restore authentication and admin authentication from the same repository you handle all other security authentications. That would make the security management a whole lot easier, especially in larger sites where you might have different departments handling backup/restore/administration of different servers / groups of servers. I'm aware the above is still technically possible today, but imagine handling 50-60 user accounts(not node admin accounts, but user accounts) in the way TSM does . Just cause you're a storage administrator it doesnt mean you'd like to become a user administrator aswell ;) Daniel Sparrman ----------------------------------- Daniel Sparrman Utvecklingschef Exist i Stockholm AB Propellervägen 6B 183 62 TÄBY Växel: 08 - 754 98 00 Mobil: 070 - 399 27 51 Salak Juraj <[EMAIL PROTECTED]> Sent by: "ADSM: Dist Stor Manager" <[email protected]> 2005-11-09 15:21 Please respond to "ADSM: Dist Stor Manager" <[email protected]> To [email protected] cc Subject AW: Can TSM use LDAP for admin authentication? Hi! Assuming you will NOT backup your LDAP Servers with TSM wait for this support, it is not available yet. Assuming you WILL backup your LDAP Servers with TSM this is a bad idea: backups are fo restore: how can you restore a malfunctioning LDAP when you cannot log-in because of maflunctioning LDAP? regards Juraj > -----Ursprüngliche Nachricht----- > Von: ADSM: Dist Stor Manager [mailto:[EMAIL PROTECTED] Im > Auftrag von Loren Cain > Gesendet: Mittwoch, 09. November 2005 15:03 > An: [email protected] > Betreff: Can TSM use LDAP for admin authentication? > > We are building a new TSM installation for a client and I have been > > asked if TSM can use LDAP to authenticate the admin userids. They > > don't want to have to maintain a separate userid/password mechanism > > just for the TSM servers if they can avoid it. > > > > I have never seen anything that leads me to believe this is possible, > > but I've also never seen anything that says it isn't. Unfortunately, > > searches for keywords like "ldap" in the list archives and > support site > > results in many, many hits on how to back up ldap, but not on how > > or whether to use it. > > > > Does anyone know if this can be done? The only alternative I have so > > far is some sort of scripted mechanism to regularly pull data > from ldap > > and update TSM. > > > > This is on TSM 5.2.3, on Solaris9. > > > > Loren Cain > > Digicon > > > >
