Eric, I fully agree and can appreciate the dilemma. We did some quick testing of 8.1.2 on a test server and it locked up one of our admin account when going back to 7.1.7x so we setup duplicate/test admin ids. As I mentioned, we can't even think about going forwards until we stop using the web interface for client restores of our CIFS/DFS/ISILON backups.
I figure when the time comes, it is going to be a long weekend of updating/upgrading all 7-servers at the same time. In fact, I am thinking I need to enable TLS/SSL server-to-server communications first, I was pleasantly surprised (actually shocked) when I discovered that IBM released 7.1.7.400 patch less than 2-weeks ago. There must have been sufficient need/demand for the patches addressed in this release for IBM to go back and patch a version that was long since surpassed with 7.1.8 and 7.1.9 releases, unless of course there are enough folks who won't/can't move forward, like us. In fact, I am going to roll it out to our offsite replica server, which is experiencing some of the problems address in this patch. On Wed, Aug 29, 2018 at 11:11 AM Loon, Eric van (ITOPT3) - KLM < eric-van.l...@klm.com> wrote: > Hi Zoltan, > In that case prepare yourself to be stuck on 7.1.7 forever. I have had a > meeting with some developers about the new security implementation and made > some suggestions for code changes. One of them was the ability to set an > admin to transitional permanently because they tend to move around in the > network constantly, but I noticed IBM isn't very willing to help us out > here. I'm personally at a point where I'm seriously considering looking to > other vendors for our future backup solution, even though have been a > ADSM/TSM fan since version 2.1. :-( > Kind regards, > Eric van Loon > Air France/KLM Storage Engineering > > > -----Original Message----- > From: ADSM: Dist Stor Manager [mailto:ADSM-L@VM.MARIST.EDU] On Behalf Of > Zoltan Forray > Sent: dinsdag 28 augustus 2018 17:58 > To: ADSM-L@VM.MARIST.EDU > Subject: Re: Sessionsecurity challenge again > > I am sure glad you and others are working out the "challenges" with > sessionsecurity/TLS/SSL. We are still stuck at 7.1.7.x until we complete > get off the client web interface (deprecated with 7.1.8/8.1.2) and don't > look forward to these "challenges" once we upgrade all of our servers. > > On Tue, Aug 28, 2018 at 11:40 AM Loon, Eric van (ITOPT3) - KLM < > eric-van.l...@klm.com> wrote: > > > Hi guys! > > I'm struggling (again) with the sessionsecurity issue in our 7.1.9 > server. > > I have a client node which is in fact a node which moves around in a > > cluster. So sometime the node is on one cluster node active, the next > > time on the other one. Each time the node switches to the other > > server, the session is rejected by the TSM server: > > > > ANR0428W Session 70698 for node YS001LP9-SQL (TDP MSSQL Win64) refused > > - client is down-level with this server version. (SESSION: 70698) > > > > Once the node is updated and set to transitional it's working again, > > until it switches to the other node and there it fails with the same > > error. What is the proper way to solve this issue? > > Thanks for any help in advance! > > Kind regards, > > Eric van Loon > > Air France/KLM Storage Engineering > > ******************************************************** > > For information, services and offers, please visit our web site: > > http://www.klm.com. This e-mail and any attachment may contain > > confidential and privileged material intended for the addressee only. > > If you are not the addressee, you are notified that no part of the > > e-mail or any attachment may be disclosed, copied or distributed, and > > that any other action related to this e-mail or attachment is strictly > > prohibited, and may be unlawful. If you have received this e-mail by > > error, please notify the sender immediately by return e-mail, and delete > this message. > > > > Koninklijke Luchtvaart Maatschappij NV (KLM), its subsidiaries and/or > > its employees shall not be liable for the incorrect or incomplete > > transmission of this e-mail or any attachments, nor responsible for any > delay in receipt. > > Koninklijke Luchtvaart Maatschappij N.V. (also known as KLM Royal > > Dutch > > Airlines) is registered in Amstelveen, The Netherlands, with > > registered number 33014286 > > ******************************************************** > > > > > -- > *Zoltan Forray* > Spectrum Protect (p.k.a. TSM) Software & Hardware Administrator Xymon > Monitor Administrator VMware Administrator Virginia Commonwealth University > UCC/Office of Technology Services www.ucc.vcu.edu zfor...@vcu.edu - > 804-828-4807 Don't be a phishing victim - VCU and other reputable > organizations will never use email to request that you reply with your > password, social security number or confidential personal information. For > more details visit http://phishing.vcu.edu/ > ******************************************************** > For information, services and offers, please visit our web site: > http://www.klm.com. This e-mail and any attachment may contain > confidential and privileged material intended for the addressee only. If > you are not the addressee, you are notified that no part of the e-mail or > any attachment may be disclosed, copied or distributed, and that any other > action related to this e-mail or attachment is strictly prohibited, and may > be unlawful. If you have received this e-mail by error, please notify the > sender immediately by return e-mail, and delete this message. > > Koninklijke Luchtvaart Maatschappij NV (KLM), its subsidiaries and/or its > employees shall not be liable for the incorrect or incomplete transmission > of this e-mail or any attachments, nor responsible for any delay in receipt. > Koninklijke Luchtvaart Maatschappij N.V. (also known as KLM Royal Dutch > Airlines) is registered in Amstelveen, The Netherlands, with registered > number 33014286 > ******************************************************** > -- *Zoltan Forray* Spectrum Protect (p.k.a. TSM) Software & Hardware Administrator Xymon Monitor Administrator VMware Administrator Virginia Commonwealth University UCC/Office of Technology Services www.ucc.vcu.edu zfor...@vcu.edu - 804-828-4807 Don't be a phishing victim - VCU and other reputable organizations will never use email to request that you reply with your password, social security number or confidential personal information. For more details visit http://phishing.vcu.edu/
