Re: TSM rant
Dear Del, Your are the best thank you for the commitment to the list over the past years. Your postings on the list got me out of sticky situations more than once. A big thank you! Best Regards, Koen -Oorspronkelijk bericht- Van: ADSM: Dist Stor Manager [mailto:ADSM-L@VM.MARIST.EDU] Namens Del Hoobler Verzonden: zaterdag 31 januari 2015 18:13 Aan: ADSM-L@VM.MARIST.EDU Onderwerp: Re: [ADSM-L] TSM rant Thank you for all of this input. As many of you know, I have been a TSM lifer. I started with WDSF in 1991, then ADSM, then TSM, (and whatever future renames may happen). We started with VM/CMS, DOS 3.1, OS/2, and AIX/RT. Remember those? Now TSM is doing things like VMware and Hyper-V and Cloud. Up until recently, I was a developer/architect working on various client pieces like DP/Exchange, DP/SQL, FCM, and various other client technologies. I hang out on this list because I know that you guys are the best of the best. I have learned as much from you as you have learned from me. Thank you for that. I have heard everything you all said on this thread. I am sorry for the frustration you have felt. At the end of last year, I moved to the product management team. I did this because I am committed to TSM and its future. In this role, I am more directly involved with helping prioritize and direct where we take TSM into the future. I will take everything I have learned from you and apply it to my new role. I firmly believe that the future of TSM is bright. I am committed to making that happen. Thank you, Del
Re: Antwort: Re: GPFS 4.1 on windows and TSM Backup
I Just solve this issue for another customer. Search for gpfs.dll on your Windows Server. Search for GPFS.DLL in your Trace File you created that Stefan talking about. Verify if the path is the same, if not. Then just copy that file from the path you find in your DOS windows and copy to the path that the trace file tells you. Run the Backup again, and it should work again. /Christian -Original Message- From: Stefan Bender [mailto:stefan.ben...@de.ibm.com] Sent: den 30 januari 2015 15:12 To: ADSM-L@VM.MARIST.EDU Subject: Re: Antwort: Re: GPFS 4.1 on windows and TSM Backup Hello Stefan, in your information I can't see anything wrong and the error messages are unspecific. So I think the best way to proceed is a PMR. Having a service trace from the failed backup of one file will help with the analysis, like "dsmc inc '\\bert\g$\Data\SW_GPFS_4.1\GPFS_4.1_Configuration.txt' -snapshotproviderfs=none -traceflag=service -tracefile=" Mit freundlichen Grüßen / best regards Stefan Bender Hechtsheimer Strasse 2 / 55131 Mainz / Germany IBM Software Group, Tivoli Software Development "Tivoli Storage Manager" Tel. ++49-6131-846989 or ++49-7034-643-2773 / Fax. ++49-06131 -84-2520 / email: stefan.ben...@de.ibm.com -- IBM Deutschland Research & Development GmbH / Vorsitzende des Aufsichtsrats: Martina Koederitz Geschäftsführung: Dirk Wittkopp Sitz der Gesellschaft: Böblingen / Registergericht: Amtsgericht Stuttgart, HRB 243294 From: TSM To: ADSM-L@VM.MARIST.EDU Date: 30.01.2015 14:10 Subject:[ADSM-L] Antwort: Re: GPFS 4.1 on windows and TSM Backup Sent by:"ADSM: Dist Stor Manager" Hello Stefan, TSM-Client is 7.1.1.3 , OS 2008 R2. GPFS-Version 4.1.0.5. dsm.opt: NODENAME bert_gpfs passwordaccess generate TCPSERVERADDRESS 192.168.100.200 TCPPORT 1500 SNAPSHOTPROVIDERFS vss SNAPSHOTPROVIDERIMAGE vss managedservices webclient schedule dirmc dirmc domain all-local include.fs g: snapshotproviderfs=none Filesystem g: is the GPFS filesystem dsmerror.log: 01/30/2015 13:58:48 ANS1228E Sending of object '\\bert\g$\.snapshots' failed. 01/30/2015 13:58:48 ANS5283E The operation was unsuccessful. 01/30/2015 13:58:48 ANS1228E Sending of object '\\bert\g$\Data' failed. 01/30/2015 13:58:48 ANS5283E The operation was unsuccessful. 01/30/2015 13:58:48 ANS1228E Sending of object '\\bert\g$\Daten' failed. 01/30/2015 13:58:48 ANS5283E The operation was unsuccessful. 01/30/2015 13:58:48 ANS1228E Sending of object '\\bert\g$\Data\SW_GPFS_4.1' failed. 01/30/2015 13:58:48 ANS5283E The operation was unsuccessful. 01/30/2015 13:58:48 ANS1228E Sending of object '\\bert\g$\Data\SW_GPFS_4.1\GPFS-4.1.0.5-x86_64-Windows.standard.zip' failed. 01/30/2015 13:58:48 ANS5283E The operation was unsuccessful. 01/30/2015 13:58:49 ANS1228E Sending of object '\\bert\g$\Data\SW_GPFS_4.1\GPFS_4.1_Configuration.txt' failed. 01/30/2015 13:58:49 ANS5283E The operation was unsuccessful. 01/30/2015 13:58:49 ANS1228E Sending of object '\\bert\g$\Data\SW_GPFS_4.1\GPFS_4.1_STD_WIN_QSG.zip' failed. 01/30/2015 13:58:49 ANS5283E The operation was unsuccessful. 01/30/2015 13:58:49 ANS1228E Sending of object '\\bert\g$\Data\SW_GPFS_4.1\setup-x86.exe' failed. 01/30/2015 13:58:49 ANS5283E The operation was unsuccessful. and so on i did manual backups with the domain admin user, the security of the GPFS files and directories is: everyone full access. with best regards stefan savoric
upgrading from 6.2.5 server
Looks like I won't be going to v7 for a while. I have v5 clients still active with no end in site. I am upgrading from 6.2.5 on RHEL 6.1. What is the wisdom of the group, go to 6.3.x or 6.4.x? We do no dedup here and have no plans for it. However,we do use tsm for ve. Thankns for any help.
Re: upgrading from 6.2.5 server
Just to keep things confusing, IBM includes TSM server v6.3.4 in the v6.4 release. AFAIK there is no true v6.4 server release. v6.3.4.300 has been working great for us on the server side. On Mon, Feb 02, 2015 at 05:31:48PM +, Lee, Gary wrote: > Looks like I won't be going to v7 for a while. I have v5 clients still > active with no end in site. > > I am upgrading from 6.2.5 on RHEL 6.1. What is the wisdom of the group, go > to 6.3.x or 6.4.x? > > We do no dedup here and have no plans for it. > However,we do use tsm for ve. > > Thankns for any help. -- -- Skylar Thompson (skyl...@u.washington.edu) -- Genome Sciences Department, System Administrator -- Foege Building S046, (206)-685-7354 -- University of Washington School of Medicine
Re: Ransomware deleted TSM backups from node
Roger, According to my TSM Data Protection for SQL 6.4 manual, servers that run TDP for SQL require backdelete authority. I don't know how to get around this problem. Jim Schneider -Original Message- From: ADSM: Dist Stor Manager [mailto:ADSM-L@VM.MARIST.EDU] On Behalf Of Roger Deschner Sent: Friday, January 30, 2015 7:40 PM To: ADSM-L@VM.MARIST.EDU Subject: [ADSM-L] Ransomware deleted TSM backups from node I'm not sure there's anything that can be done about this, but take it as a warning anyway. A Windows 7 desktop node here was attacked by CryptoWare 3.0 ransomware. They encrypted all files on the node, and left a ransom note. The node owner called me because they were having trouble restoring their files from TSM using a point-in-time restore. The files were gone! Apparently this villian located which backup program was installed, found it was TSM, and issued actual dsmc delete backup commands, which they were allowed to do since PASSWORDACCESS GENERATE was in effect. So this attack vector is not limited to TSM; it would work with any backup program that the villian can figure out how to use. I have moved this node to a domain that includes VEREXISTS=NOLIMIT VERDELETED=NOLIMIT RETEXTRA=NOLIMIT RETONLY=NOLIMIT for that Copy Group, while our data security people investigate. I am planning to change all TSM client nodes to BACKDEL=NO ARCHDEL=NO to prevent a hacker from deleting backups. Anybody got a better idea? Roger Deschner University of Illinois at Chicago rog...@uic.edu === ALL YUOR BASE ARE BELONG TO US!! === ** Information contained in this e-mail message and in any attachments thereto is confidential. If you are not the intended recipient, please destroy this message, delete any copies held on your systems, notify the sender immediately, and refrain from using or disclosing all or any part of its content to any other person.
Re: Ransomware deleted TSM backups from node
Same goes for Oracle and Notes backups. They manage their own backups so no way to get around this. Same goes for PASSWORDACCESS GENERATE - AFAIK can't schedule backups without it On Mon, Feb 2, 2015 at 12:44 PM, Schneider, Jim wrote: > Roger, > > According to my TSM Data Protection for SQL 6.4 manual, servers that run > TDP for SQL require backdelete authority. I don't know how to get around > this problem. > > Jim Schneider > > -Original Message- > From: ADSM: Dist Stor Manager [mailto:ADSM-L@VM.MARIST.EDU] On Behalf Of > Roger Deschner > Sent: Friday, January 30, 2015 7:40 PM > To: ADSM-L@VM.MARIST.EDU > Subject: [ADSM-L] Ransomware deleted TSM backups from node > > I'm not sure there's anything that can be done about this, but take it as > a warning anyway. > > A Windows 7 desktop node here was attacked by CryptoWare 3.0 ransomware. > They encrypted all files on the node, and left a ransom note. > > The node owner called me because they were having trouble restoring their > files from TSM using a point-in-time restore. The files were gone! > Apparently this villian located which backup program was installed, found > it was TSM, and issued actual dsmc delete backup commands, which they were > allowed to do since PASSWORDACCESS GENERATE was in effect. So this attack > vector is not limited to TSM; it would work with any backup program that > the villian can figure out how to use. > > I have moved this node to a domain that includes VEREXISTS=NOLIMIT > VERDELETED=NOLIMIT RETEXTRA=NOLIMIT RETONLY=NOLIMIT for that Copy Group, > while our data security people investigate. > > I am planning to change all TSM client nodes to BACKDEL=NO ARCHDEL=NO to > prevent a hacker from deleting backups. Anybody got a better idea? > > Roger Deschner University of Illinois at Chicago rog...@uic.edu > === ALL YUOR BASE ARE BELONG TO US!! === > > ** > Information contained in this e-mail message and in any attachments > thereto is confidential. If you are not the intended recipient, please > destroy this message, delete any copies held on your systems, notify the > sender immediately, and refrain from using or disclosing all or any part of > its content to any other person. > -- *Zoltan Forray* TSM Software & Hardware Administrator BigBro / Hobbit / Xymon Administrator Virginia Commonwealth University UCC/Office of Technology Services zfor...@vcu.edu - 804-828-4807 Don't be a phishing victim - VCU and other reputable organizations will never use email to request that you reply with your password, social security number or confidential personal information. For more details visit http://infosecurity.vcu.edu/phishing.html
Re: upgrading from 6.2.5 server
We upgrade everything from 6.3.4.300 to 6.3.5.100 - only complication being the Linux kernel semaphore issue which is highly aggravated due to the change in DB2 levels that came in with 6.3.5 - still waiting for RedHat to patch this. RedHat just released a kernel update with 3-semaphore patches but none have the Bugzilla ID that IBM ( http://www-01.ibm.com/support/docview.wss?uid=swg21691823) said is our problem (and we don't pay enough for maintenance to be able to even look at the *Bugzilla entry 1165277* ). Can anyone out there help with getting this info? On Mon, Feb 2, 2015 at 12:37 PM, Skylar Thompson wrote: > Just to keep things confusing, IBM includes TSM server v6.3.4 in the v6.4 > release. AFAIK there is no true v6.4 server release. v6.3.4.300 has been > working great for us on the server side. > > On Mon, Feb 02, 2015 at 05:31:48PM +, Lee, Gary wrote: > > Looks like I won't be going to v7 for a while. I have v5 clients still > active with no end in site. > > > > I am upgrading from 6.2.5 on RHEL 6.1. What is the wisdom of the group, > go to 6.3.x or 6.4.x? > > > > We do no dedup here and have no plans for it. > > However,we do use tsm for ve. > > > > Thankns for any help. > > -- > -- Skylar Thompson (skyl...@u.washington.edu) > -- Genome Sciences Department, System Administrator > -- Foege Building S046, (206)-685-7354 > -- University of Washington School of Medicine > -- *Zoltan Forray* TSM Software & Hardware Administrator BigBro / Hobbit / Xymon Administrator Virginia Commonwealth University UCC/Office of Technology Services zfor...@vcu.edu - 804-828-4807 Don't be a phishing victim - VCU and other reputable organizations will never use email to request that you reply with your password, social security number or confidential personal information. For more details visit http://infosecurity.vcu.edu/phishing.html
Re: Ransomware deleted TSM backups from node
Can Schedule an admin schedule around the Oracle/Notes backup window to enable/disable BACKDEL=YES/NO. It is not an ideal situation, but decreases the risk. And if you configured these nodes with specific nodenames (like you should) the malware could not get to those clients. Or they should scan the host for all available TSM OPT files and act from these... 2015-02-02 19:44 GMT+01:00 Zoltan Forray : > Same goes for Oracle and Notes backups. They manage their own backups so > no way to get around this. Same goes for PASSWORDACCESS GENERATE - AFAIK > can't schedule backups without it > > On Mon, Feb 2, 2015 at 12:44 PM, Schneider, Jim > wrote: > > > Roger, > > > > According to my TSM Data Protection for SQL 6.4 manual, servers that run > > TDP for SQL require backdelete authority. I don't know how to get around > > this problem. > > > > Jim Schneider > > > > -Original Message- > > From: ADSM: Dist Stor Manager [mailto:ADSM-L@VM.MARIST.EDU] On Behalf Of > > Roger Deschner > > Sent: Friday, January 30, 2015 7:40 PM > > To: ADSM-L@VM.MARIST.EDU > > Subject: [ADSM-L] Ransomware deleted TSM backups from node > > > > I'm not sure there's anything that can be done about this, but take it as > > a warning anyway. > > > > A Windows 7 desktop node here was attacked by CryptoWare 3.0 ransomware. > > They encrypted all files on the node, and left a ransom note. > > > > The node owner called me because they were having trouble restoring their > > files from TSM using a point-in-time restore. The files were gone! > > Apparently this villian located which backup program was installed, found > > it was TSM, and issued actual dsmc delete backup commands, which they > were > > allowed to do since PASSWORDACCESS GENERATE was in effect. So this attack > > vector is not limited to TSM; it would work with any backup program that > > the villian can figure out how to use. > > > > I have moved this node to a domain that includes VEREXISTS=NOLIMIT > > VERDELETED=NOLIMIT RETEXTRA=NOLIMIT RETONLY=NOLIMIT for that Copy Group, > > while our data security people investigate. > > > > I am planning to change all TSM client nodes to BACKDEL=NO ARCHDEL=NO to > > prevent a hacker from deleting backups. Anybody got a better idea? > > > > Roger Deschner University of Illinois at Chicago rog...@uic.edu > > === ALL YUOR BASE ARE BELONG TO US!! === > > > > ** > > Information contained in this e-mail message and in any attachments > > thereto is confidential. If you are not the intended recipient, please > > destroy this message, delete any copies held on your systems, notify the > > sender immediately, and refrain from using or disclosing all or any part > of > > its content to any other person. > > > > > > -- > *Zoltan Forray* > TSM Software & Hardware Administrator > BigBro / Hobbit / Xymon Administrator > Virginia Commonwealth University > UCC/Office of Technology Services > zfor...@vcu.edu - 804-828-4807 > Don't be a phishing victim - VCU and other reputable organizations will > never use email to request that you reply with your password, social > security number or confidential personal information. For more details > visit http://infosecurity.vcu.edu/phishing.html > -- Kind Regards, Groetje, Marcel Anthonijsz T: +31(0)299-776768 M:+31(0)6-53421341
Re: Ransomware deleted TSM backups from node
> Op 2 feb. 2015, om 18:44 heeft Schneider, Jim het > volgende geschreven: > > Roger, > > According to my TSM Data Protection for SQL 6.4 manual, servers that run TDP > for SQL require backdelete authority. I don't know how to get around this > problem. Mitigated by running the file backup and ‘structured data’ backup as separate nodes so you can at least protect your unstructured data against such ransomware. > > Jim Schneider > > -Original Message- > From: ADSM: Dist Stor Manager [mailto:ADSM-L@VM.MARIST.EDU] On Behalf Of > Roger Deschner > Sent: Friday, January 30, 2015 7:40 PM > To: ADSM-L@VM.MARIST.EDU > Subject: [ADSM-L] Ransomware deleted TSM backups from node > > I'm not sure there's anything that can be done about this, but take it as a > warning anyway. > > A Windows 7 desktop node here was attacked by CryptoWare 3.0 ransomware. > They encrypted all files on the node, and left a ransom note. > > The node owner called me because they were having trouble restoring their > files from TSM using a point-in-time restore. The files were gone! > Apparently this villian located which backup program was installed, found it > was TSM, and issued actual dsmc delete backup commands, which they were > allowed to do since PASSWORDACCESS GENERATE was in effect. So this attack > vector is not limited to TSM; it would work with any backup program that the > villian can figure out how to use. > > I have moved this node to a domain that includes VEREXISTS=NOLIMIT > VERDELETED=NOLIMIT RETEXTRA=NOLIMIT RETONLY=NOLIMIT for that Copy Group, > while our data security people investigate. > > I am planning to change all TSM client nodes to BACKDEL=NO ARCHDEL=NO to > prevent a hacker from deleting backups. Anybody got a better idea? > > Roger Deschner University of Illinois at Chicago rog...@uic.edu > === ALL YUOR BASE ARE BELONG TO US!! === > > ** > Information contained in this e-mail message and in any attachments thereto > is confidential. If you are not the intended recipient, please destroy this > message, delete any copies held on your systems, notify the sender > immediately, and refrain from using or disclosing all or any part of its > content to any other person. -- Met vriendelijke groeten/Kind Regards, Remco Post r.p...@plcs.nl +31 6 248 21 622
7.1.1 TDP for Exchange 2010 backup Task Details not updated?
TSM 6.3.4 on Win2k8-64 Exchange 2010 on Win2k8 64 This is not a show-stopper, just in the "annoying and mysterious" category. Installed Exchange 7.1.1 TDP for a customer today. The beautiful FCM interface popped in all the pre-reqs, VSS testing ran, I set the appropriate passwords and proxy relationships, full backup kicked off via the GUI ran like a champ. But in the GUI, in the Task List pane, you used to be able to hover over the "WORKING" line and see that the backup was actually running, or click the Task Details tab and see how many GB have moved so far. It was cool and the Exchange guys could see progress (especially important for big restores) without needing access to a TSM server admin account to monitor from the server end. In this case the full backup ran over an hour, and there was never any updated information in the Task List or the Task Details until we got "completed". Anybody else see this or figured out why? Am I missing some java thingy? Thanks Wanda Prather TSM Consultant ICF International Enterprise and Cybersecurity Systems Division
