Passwordaccess

Your administrator can require a password for your client node by enabling the authentication feature. Ask your administrator if a password is required for your client node.

If a password is required, you can choose one of the following methods:

• Set the password for your client node yourself and have Tivoli® Storage Manager prompt for it each time you request services.
• Let Tivoli Storage Manager automatically generate a new password for your client node each time it expires, encrypt and store the password in a file, and retrieve the password from that file when you request services. You are not prompted for the password.

When the passwordaccess option is set to generate and you specify the password option, the password option is ignored.

Setting the passwordaccess option to generate is required in the following situations:

• When using the HSM client.
• When using the Web client.
• When performing NAS operations.
• When using Tivoli Continuous Data Protection for Files.

Supported Clients

This option is valid for all clients.

Options File

Place this option in the dsm.sys file within a server stanza. You can set this option on the Authorization tab, in the Password Access section of the Preferences editor.

Place this option in the client options file (dsm.opt). You can set this option on the Authorization tab, in the Password Access section of the Preferences editor.

Parameters

prompt

You are prompted for your Tivoli Storage Manager client node password each time a client connects to the server. This is the default.

To keep your client node password secure, enter commands without the password and wait for Tivoli Storage Manager to prompt you for the password.

Each user must know the Tivoli Storage Manager password for your client node. Any user who knows the password for your client node can gain access to all backups and archives that originate from your client node. For example: If the user enters the node name and password for your client node from a different client node, the user becomes a virtual root user.

API applications must supply the password when a session is initiated. The application is responsible for obtaining the password.

API applications must supply the password when a session is initiated. The application is responsible for obtaining the password (does not apply to Mac OS X).

generate

Encrypts and stores your password locally and generates a new password when the old password expires. The new password is randomly generated by the Tivoli Storage Manager client. Password constraints vary, depending on where the passwords are stored and managed, and depending on the version of the server that your client connects to. Generated passwords are 63 characters in length and contain at least two of the following characters:

• upper case letters
• lower case letters
• numeric characters
• special characters

Additionally, the first and last character of a generated password is an alphabetic character, and they can be either upper or lower case. Generated passwords do not contain repeated characters.

A password prompt is displayed when registering a workstation with a server using open registration or if your administrator changes your password manually.

When logging in locally, users do not need to know the Tivoli Storage Manager password for the client node. However, by using the nodename option at a remote node, users can access files they own and files to which another user grants access.