Great information Jeorg, thanks
One issue that I found with older versions of ISC was that there seemed
to be no easy way to preserve/copy/update the ISC security information.
It was its own island and I also found it for the most part
incomprehensible. That may just be because I did not take the time to
fully understand the security model, but hey, I'm a backups guy not a
security guy.
Has ISC Security improved with later versions, and can it easily be
copied/preserved through ISC updates or integrated with other standard
security products/unix security/ldap/windows AD or is it still its own
island?
Thanks
Steve.
TSM Admin, between jobs, Sydney
Joerg Pohlmann wrote:
Here is a suggestion for proper auditability of ISC-AC based TSM
administration:
1) create an ISC ID for each TSM administrator
2) create a TSM admin ID for each TSM administrator and grant auth ...
cl=sys
3) have each TSM administrator add their server connection on the ISC
(under "Manage Servers" on the ISC-AC v6.1) using their TSM admin ID
4) lock admin ADMIN
5) remove the server connection from the ISC ID iscadmin
You now have an auditable trail in the activity log of "who did what".
Joerg Pohlmann
250-245-9863
"ADSM: Dist Stor Manager" <ADSM-L@VM.MARIST.EDU> wrote on 2009-07-30
12:53:22:
Is there any log in the ISC/AC (ICS 6.01 and AC 5.5) that would show me
who
logged on from where at a particular time? I have a client (inherited)
That
has people all using the ADMIN userid and some's been updating schedules
and
completely mucking up the works. From the activity log I can trace the
commands down to user ADMIN coming from the ISC IP address. Now I just
need
to find out who logged in to that. They all also use the ISCADMIN userid
for
that..again inherited. If I can find out the IP address of who logged on
to
the ISC.I'll be 1 more step along the path to find this joker. Maybe the
WAS
component has a log somethere?
Any help will be greatly appreciated.as I move them to individual userids
for both TSM and ISC.
Bill Boyer
"He who laughs last probably made a back-up." Murphy's law of computing
------------------------------------------------------------------------
No virus found in this incoming message.
Checked by AVG - www.avg.com
Version: 8.5.392 / Virus Database: 270.13.44/2282 - Release Date: 08/04/09
18:01:00
