Suppose LILITHS has a user rule allowing DIANEC to catalog any of her tapes with the VMTAPE CATALOG command. The rule LILITHS has created is:
ACCEPT DIANEC VMTAPE CATALOG *
When DIANEC issues the CA VM:Tape CATALOG command to change TMC entries for LILITHS’s tapes, she does not have to enter a password because LILITHS never established passwords for her tapes. The following example illustrates what happened when DIANEC used the CA VM:Tape CATALOG command to change the retention period for LILITHS’s tape, ONX001:
vmtape catalog onx001 retpd 720
CA VM:Tape responds as follows:
VOLUME ‘ONX001’ EXPIRATION DATE IS NOW yyyy/jjj
Suppose your site adopted a policy requiring all tapes to be protected by passwords. Therefore, LILITHS established CA VM:Tape read passwords for mount and catalog access to her tapes. Now, when DIANEC issues a CA VM:Tape CATALOG command for LILITHS’s tape, ONX001, she must enter the read password, TOPAZ, for the tape. The rule in the previous example has not changed; the VMTAPE CATALOG security has changed. For example, DIANEC issues a command similar to the following to change the expiration date for the tape, specifying the read password TOPAZ:
vmtape catalog onx001 expdt yyyy/jjj (password topaz
CA VM:Tape responds as follows:
VOLUME ‘ONX001’ EXPIRATION DATE IS NOW yyyy/jjj
Because your site now requires password protection for tapes, LILITHS did not use the LOGPASS and NOPASS options of the CA VM:Tape rules. If LILITHS ignored your site’s policy and added the LOGPASS option to the rule, DIANEC would have to enter her logon password when changing catalog entries for LILITHS’s tapes. With the NOPASS option, DIANEC would not have to enter a password to catalog the tape.
|
Copyright © 2014 CA.
All rights reserved.
|
|