[prev in list] [next in list] [prev in thread] [next in thread] 

List:       adsm-l
Subject:    Re: client 'set access' command
From:       Andrew Raibeck <storman () US ! IBM ! COM>
Date:       2004-12-23 20:53:57
Message-ID: OFAC17F507.4897667B-ON87256F73.007289EE-07256F73.0072CD30 () us ! ibm ! com
[Download RAW message or body]

> By 'disrupt' I mean moving a node to another server...
> I presume renaming the node would preserve the 'set
> access' rules.
>
I checked this out myself, and renaming a node does seem to result in loss
of previously granted access. I have opened up a defect with server
development for this, as this behavior seems incorrect to me.

> No select that I can issue to see what they've done?

Well, you said you were already going after the actlog, so there's that
SELECT you can do (which I figured you were already doing from your
original post). But the table that houses the access rules is not exposed
via SELECT, so there is no direct method for an admin to see who has
granted access to whom.

Regards,

Andy

Andy Raibeck
IBM Software Group
Tivoli Storage Manager Client Development
Internal Notes e-mail: Andrew Raibeck/Tucson/IBM@IBMUS
Internet e-mail: storman@us.ibm.com

The only dumb question is the one that goes unasked.
The command line is your friend.
"Good enough" is the enemy of excellence.
[prev in list] [next in list] [prev in thread] [next in thread]