Administrators have specific activities to manage Tivoli® Storage Manager security.
The security of your data is the most important aspect of managing data. You can control access to the server and client nodes, encrypt data transmission, and protect administrator and node passwords through authentication processes. The two methods of authentication are LOCAL and LDAP. The LOCAL password authentication takes place on the Tivoli Storage Manager server, and those passwords are not case-sensitive.
LDAP password authentication takes place on the LDAP directory server, and the passwords are case-sensitive. When you use LDAP authentication, the password is sent to the server by the client. By default, Secure Sockets Layer (SSL) is required when LDAP authentication is used to avoid exposing the password. SSL is used when you authenticate the server to the client and secures all communication between the client and server. You can choose not to use SSL with LDAP authentication if other security measures are in place to protect the password. One example of an alternative security measure is a virtual private network (VPN) connection.