430 Tivoli Business Systems Manager Version 2.1: End-to-End Business Impact Management
13.2 Password protection
Passwords can be viewed as a special access control that can enforce security
and, at the same time, introduce a security risk whenever a password is known to
unauthorized persons. For security reasons, passwords should be changed at
regular intervals. This section deals with the role of passwords related to IBM
Tivoli Business Systems Manager and the task of changing passwords without
interrupting IBM Tivoli Business Systems Manager availability.
The following subsections discuss several issues related to IBM Tivoli Business
Systems Manager passwords:
? Section 13.2.1, “TBSM processes passwords” on page 430 discusses
Windows passwords for IBM Tivoli Business Systems Manager services
? Section 13.2.2, “Microsoft SQL Server” on page 432 covers Microsoft SQL
Server’s system administrator passwords
? Section 13.2.3, “Reporting system password” on page 433 discusses
Reporting system passwords
13.2.1 TBSM processes passwords
Most IBM Tivoli Business Systems Manager processes run on the local system
user ID, which does not require a password. However, specific,
password-protected user IDs are required for certain processes we discuss here:
? Microsoft SNA server processes
? TPSTART.EXE
? Task server
The SNABase process
SNA client applications access the mainframe Object Server task via the SNA
server machine. For this reason, the SNA client requires authority to access the
SNA server machine and vice versa. The SNA server and the SNA client
services must be started with the same user ID and password. That user ID is
defined in the services property for SNAbase.
If we were to change the password for the user ID used to start the SNA client,
we would have to change the password for the same user ID on the SNA server.
The reverse also is true.