An authorized user is any non-root user who has read and write access to the stored password (TSM.PWD file), or anyone who knows the password and enters it interactively. Authorized users use the passworddir option to define the directory where their copy of the TSM.PWD file is saved.
Table 1 shows the tasks that can and cannot be performed by the root user, authorized users, and other users.
| Task | Root user | Authorized user | Other users |
|---|---|---|---|
| Log on to a Tivoli® Storage Manager server, using an LDAP server to authenticate credentials. | Yes | Yes | No |
| Register new nodes with the Tivoli Storage Manager server (if registration is set to open on the server). | Yes | Yes | Yes, if the virtualnodename option is used. |
| Set or re-create the Tivoli Storage Manager password for client workstations | Yes | Yes | No |
| Backup | Yes Note: The Tivoli Storage
Manager administrator
can specify an option on either the Register Node or Update Node commands to specify who is allowed
to back up data for a node. Setting BACKUPINITiation to root restricts backups so that only root or
authorized users can back up files on a node. Setting BACKUPINITiation to all allows any user to back up data on a node.
See the Tivoli Storage
Manager Administrator's Guide for more information.
|
Yes, if you have read permission, regardless of ownership | Yes, if you own the file |
| Restore | Yes; when restoring to a new location or the same location, file permission and ownership are preserved | Yes; however, the operating system prevents writing to the same location if the file has read only permission. When restoring to the same location, file permissions and ownership are preserved. When restoring to a different location, the permissions of the restored file are preserved but the ownership changed to the current user. | Yes, if you own the file or you are granted access; however, the operating system prevents writing to the same location if the file has read-only permission. When restoring to the same location, file permissions and ownership are preserved. When restoring to a different location, the permissions of the restored file are preserved, but the ownership is changed to the current user. |
| Archive | Yes | Yes, if you have read permission, regardless of ownership | Yes, if you have read permission, regardless of ownership |
| Retrieve | Yes. When retrieving to a new location or to the same location, file permissions and ownership are preserved. | Yes. However, the operating system prevents writing to the same location if the file has read only permission. Ownership of all retrieved objects is changed to the current user. | Yes, if you archived the file. However, the operating system prevents writing to the same location if the file has read-only permission. Ownership of all retrieved objects is changed to the current user. |
| Client scheduler | Yes | Yes, if not using the Client Acceptor Daemon. You must be root to manage the Client Acceptor Daemon. A non-root authorized user can use the scheduler (dsmc sched). |
No |
| Grant user access to files on the Tivoli Storage Manager server | Yes | Yes | Yes, for files that you own on the Tivoli Storage Manager server |
| Delete Tivoli Storage Manager server file spaces | Yes, if the node is granted backup or archive delete authority by a Tivoli Storage Manager server administrator | Yes, if the node is granted backup or archive delete authority by a Tivoli Storage Manager server administrator | No |
On Mac OS X systems, a system administrator is any user that is allowed to administer the system. You can check your account type using the tool. System Administrators have an account type of Admin.
The system administrator is responsible for configuring Tivoli Storage Manager so
non-administrators can manage their own data. Non-administrators (or
non-authorized users) meet the following criteria:
- They do not have a user ID of 0. They are not the root user.
- They have a user account that has not been configured as a system administrator.
When a task requires additional authority to complete,
you must use the authorization application to start Tivoli Storage Manager. This allows Tivoli Storage Manager to run
with sufficient system privileges to complete the task. The following
table lists the authorization tools to use. | Mac OS X authorization tool | Associated Tivoli Storage Manager application |
|---|---|
| TSM Tools For Administrators | Tivoli Storage Manager |
| sudo | dsmc |