IBM E16RMLL-I Implementation Guide - Page 315
Considerations, Default environment
![]() |
View all IBM E16RMLL-I manuals
Add to My Manuals
Save this manual to your list of manuals |
Page 315 highlights
8.1.2 Considerations Creating an administrator is a two-step process: 1. Define the administrator ID. 2. Grant the necessary privileges. The register admin command explicitly creates an administrator ID with certain defined privileges. If an administrator with the same name as the client node already exists during registration of a new node, then this administrator ID is automatically updated to grant owner access to it. You can use the optional CONTACT parameter to distinguish administrators. The grant authority command grants the necessary privileges to an administrator. The only required parameters are the administrator name and the privileges being granted. You can reduce an administrator's authority by revoking one or more privilege classes and granting other classes as needed. The query admin command displays information about one or more administrators. Any administrator can issue this command. 8.1.3 Default environment During the initial server installation, Tivoli Storage Manager defines two administrator IDs automatically, SERVER_CONSOLE and ADMIN. SERVER_CONSOLE SERVER_CONSOLE allows you to administer the server after Tivoli Storage Manager is installed. At installation, the SERVER_CONSOLE ID is automatically registered as an administrator and given system authority. You can use the SERVER_CONSOLE ID to issue administrative commands. When the server is started in interactive mode (or foreground), typically with the dsmserv command, a server console is started with a command prompt running with the assigned authority of the SERVER_CONSOLE ID. This is in contrast to running the server in background mode, either as a Windows service or under UNIX using the nohup command. In that case, no command prompt is presented. In an emergency situation, administrative commands can be issued from the server console to correct situations, such as forgotten administrator passwords and locked IDs. This assumes your server console runs in a secure environment. If you cannot secure your server console from unauthorized access, you should revoke the privilege of the SERVER_CONSOLE ID, perhaps to analyst. If you do this, you must first define at least one other new administrator ID with system privilege. We do not recommend reducing the SERVER_CONSOLE privileges, Chapter 8. Managing Tivoli Storage Manager 285
![](/manual_guide/products/ibm-e16rmlli-implementation-guide-3588123/315.png)