Passwordaccess

The passwordaccess option specifies whether you want to generate your password automatically or set as a user prompt.

Your administrator can require a password for your client node by enabling the authentication feature. Ask your administrator if a password is required for your client node.

If a password is required, you can choose one of the following methods:

  • Set the password for your client node yourself and have Tivoli® Storage Manager prompt for it each time you request services.
  • Let Tivoli Storage Manager automatically generate a new password for your client node each time it expires, encrypt and store the password in a file, and retrieve the password from that file when you request services. You are not prompted for the password.
  • If the server is not configured to require a password to log on to it, you can still be prompted to enter your node password when the backup-archive client establishes a connection with the server. This behavior occurs if this option, passwordaccess, is allowed to default or if you set it to passwordaccess prompt. The password that you supply in response to the prompt is used only to encrypt your login information; it is not used to log onto the server. In this configuration, you can avoid entering a password by setting this option to passwordaccess generate. Setting passwordaccess generate causes the client to create, store, and submit the password for you. When passwordaccess generate is set, the password option is ignored.
AIX operating systemsHP-UX operating systemsLinux operating systemsOracle Solaris operating systemsMac OS X operating systemsWindows operating systemsSetting the passwordaccess option to generate is required in the following situations:
  • AIX operating systemsHP-UX operating systemsLinux operating systemsOracle Solaris operating systemsMac OS X operating systemsWhen using the HSM client.
  • When using the web client.
  • AIX operating systemsHP-UX operating systemsLinux operating systemsOracle Solaris operating systemsMac OS X operating systemsWindows operating systemsWhen performing NAS operations.
  • AIX operating systemsHP-UX operating systemsLinux operating systemsOracle Solaris operating systemsMac OS X operating systemsWindows operating systemsWhen using Tivoli Continuous Data Protection for Files.
AIX operating systemsHP-UX operating systemsLinux operating systemsOracle Solaris operating systemsMac OS X operating systemsWindows operating systems

Supported Clients

This option is valid for all clients.

Options File

AIX operating systemsHP-UX operating systemsLinux operating systemsOracle Solaris operating systemsMac OS X operating systemsPlace this option in the dsm.sys file within a server stanza. You can set this option on the Authorization tab, in the Password Access section of the Preferences editor.

Windows operating systemsPlace this option in the client options file (dsm.opt). You can set this option on the Authorization tab, in the Password Access section of the Preferences editor.

Syntax

Read syntax diagramSkip visual syntax diagram
                   .-prompt---.   
>>-PASSWORDAccess--+----------+--------------------------------><
                   '-generate-'   

Parameters

prompt
You are prompted for your Tivoli Storage Manager client node password each time a client connects to the server. This is the default.

To keep your client node password secure, enter commands without the password and wait for Tivoli Storage Manager to prompt you for the password.

AIX operating systemsHP-UX operating systemsLinux operating systemsOracle Solaris operating systemsMac OS X operating systemsEach user must know the Tivoli Storage Manager password for your client node. Any user who knows the password for your client node can gain access to all backups and archives that originate from your client node. For example: If the user enters the node name and password for your client node from a different client node, the user becomes a virtual root user.

Windows operating systemsAPI applications must supply the password when a session is initiated. The application is responsible for obtaining the password.

AIX operating systemsHP-UX operating systemsLinux operating systemsOracle Solaris operating systemsMac OS X operating systemsAPI applications must supply the password when a session is initiated. The application is responsible for obtaining the password (does not apply to Mac OS X).

generate
Encrypts and stores your password locally and generates a new password when the old password expires. The new password is randomly generated by the Tivoli Storage Manager client. Password constraints vary, depending on where the passwords are stored and managed, and depending on the version of the server that your client connects to. Generated passwords are 63 characters in length and contain at least two of the following characters:
  • upper case letters
  • lower case letters
  • numeric characters
  • special characters
Additionally, the first and last character of a generated password is an alphabetic character, and they can be either upper or lower case. Generated passwords do not contain repeated characters.

A password prompt is displayed when registering a workstation with a server using open registration or if your administrator changes your password manually.

AIX operating systemsHP-UX operating systemsLinux operating systemsOracle Solaris operating systemsMac OS X operating systemsWhen logging in locally, users do not need to know the Tivoli Storage Manager password for the client node. However, by using the nodename option at a remote node, users can access files they own and files to which another user grants access.

Examples

Options file:
passwordaccess generate
Command line:
Does not apply.