> Folks need to help your organizations move past the quaint notion that the > HMC is only for Other People. It has a role for systems programmers, not > just machine jockeys. And I expect that role will grow over time. There's a > reason it has remote access capability. (Of course, I find lots of shops > fail to > create individual user IDs on the HMC for the sysprogs with appropriate > assigned resource roles, causing the very thing they want to > avoid!) > Alan Altmark
If this is truly what you want to see happen, then IBM needs to spend a significant amount of time and thought on how the HMC can integrate into enterprise-wide authentication, event auditing, and policy distribution schemes like Kerberos/LDAP or AD and common log management/accounting management schemes like syslog, RADIUS, etc. The userid management code on the HMC is almost impossible to automate, and the HMC is the last place you want random userids lying around with more-than-normal powers and management schemes that don't integrate easily with common audit streams. This is going to be increasingly important in geographically distributed configurations where the remote systems are likely to be totally lights-out/no-staff, and potentially in different countries. ---------------------------------------------------------------------- For LINUX-390 subscribe / signoff / archive access instructions, send email to [email protected] with the message: INFO LINUX-390 or visit http://www.marist.edu/htbin/wlvindex?LINUX-390 ---------------------------------------------------------------------- For more information on Linux on System z, visit http://wiki.linuxvm.org/
