Thank you for your positive feedback. Both in liking many of the new improvements in 2.14 and in reporting your success using FTP.
I don't have an official recommendation. But, in my personal opinion, I don't think you need to disable or delete the IBM-supplied userids on the SE or the HMC. I think what is more important is to change the passwords from the IBM-supplied userids (and in fact for all userids, even ones you create) to use your own, strong passwords. While disabling/deleting the IBM-issued ones will help prevent people with general SE/HMC knowledge from trying to guess a password for one of these userids, even userids that you create would still be vulnerable to an "inside attack" where someone knew the userid and was trying to guess the password. So, again, in my personal opinion I think you should at least ensure all userids have unique, fairly strong passwords and take the appropriate steps to protect the passwords. That might include changing the passwords on a regular basis. Of course, you also need to make sure the userid and password is available to someone who needs it to do their job. For example, if you change the password used by the service id and only one person knows the password to the service id and they happen to be out when the machine needs to be serviced, then you will have a problem. And you probably want at least two acsadmin-type userids just in case one of the acsadmins decides to leave. I could go on, but the point is that in my opinion it is far more important to make sure the userids that you do have are properly secured password-wise. Tom ---------------------------------------------------------------------- For IBM-MAIN subscribe / signoff / archive access instructions, send email to [email protected] with the message: INFO IBM-MAIN
