SearchFAQMemberlist Log in
Reply to topic Page 1 of 1
Spurious ANR2035E messages
Author Message
Post Spurious ANR2035E messages 
We have a 5.5.4.0 TSM server running under mainframe Linux. I recently
granted restricted policy authority to two administrators. When
either of them executes a 'define clientaction' command for a single
node in one of the policy domains they have authority over the
command is carried out successfully, but the TSM server generates a
large number of messages like the following:

ANR2035E DEFINE CLIENTACTION: Administrator XXXXX is not authorized
to issue this command.

In cases where I have counted the messages, the number of ANR2035E
messages triggered by each 'define clientaction' command is equal
to the number of policy domains not within the scope of the
administrator's restricted policy privilege. Is there any way to
fix this without giving the administrators unrestricted policy
privilege?=

Post Spurious ANR2035E messages 
Are they specifying a node and a domain? The default is all nodes and all domains.
As an example:
define clientaction action=incremental
This will run a backup on every node in every domain.
I suspect that "define clientaction MyServer action=incremental" will run a backup for MyServer in every domain.

Andy Huebner


-----Original Message-----
From: ADSM: Dist Stor Manager [mailto:ADSM-L < at > VM.MARIST.EDU] On Behalf Of Thomas Denier
Sent: Tuesday, August 17, 2010 10:13 AM
To: ADSM-L < at > VM.MARIST.EDU
Subject: [ADSM-L] Spurious ANR2035E messages

We have a 5.5.4.0 TSM server running under mainframe Linux. I recently
granted restricted policy authority to two administrators. When
either of them executes a 'define clientaction' command for a single
node in one of the policy domains they have authority over the
command is carried out successfully, but the TSM server generates a
large number of messages like the following:

ANR2035E DEFINE CLIENTACTION: Administrator XXXXX is not authorized
to issue this command.

In cases where I have counted the messages, the number of ANR2035E
messages triggered by each 'define clientaction' command is equal
to the number of policy domains not within the scope of the
administrator's restricted policy privilege. Is there any way to
fix this without giving the administrators unrestricted policy
privilege?

This e-mail (including any attachments) is confidential and may be legally privileged. If you are not an intended recipient or an authorized representative of an intended recipient, you are prohibited from using, copying or distributing the information in this e-mail or its attachments. If you have received this e-mail in error, please notify the sender immediately by return e-mail and delete all copies of this message and any attachments.

Thank you.

Post Spurious ANR2035E messages 
-----Andy Huebner wrote: -----

Are they specifying a node and a domain? The default is all nodes
and all domains.
As an example:
define clientaction action=incremental
This will run a backup on every node in every domain.
I suspect that "define clientaction MyServer action=incremental" will
run a backup for MyServer in every domain.

They are explicitly specifying a node name with no wild card
characters. This means that they are implicitly specifying a
domain, since TSM will not allow the same node name to exist
in more than one domain. I have already sent the administrators
e-mail suggesting that they try using the domain option.
However, there is no reason they should need this option.
The TSM server should be capable of figuring out that it is
not being asked to run backups of any nodes in domains not
covered by the administrators' restricted policy privilege.=

Post Spurious ANR2035E messages 
I agree, but I do not think it works that way. About once a year an admin will kill one of our TSM servers by issuing the command without a node name or domain name. def clienta assumes * *. In your case I think it is assuming * for the domain. It may also be pattern matching in case you had a wildcard in the node name.
Can a node name and domain name be the same? That could be fun with def clienta...

Good luck.

Andy Huebner


-----Original Message-----
From: ADSM: Dist Stor Manager [mailto:ADSM-L < at > VM.MARIST.EDU] On Behalf Of Thomas Denier
Sent: Tuesday, August 17, 2010 11:30 AM
To: ADSM-L < at > VM.MARIST.EDU
Subject: Re: [ADSM-L] Spurious ANR2035E messages

-----Andy Huebner wrote: -----

Are they specifying a node and a domain? The default is all nodes
and all domains.
As an example:
define clientaction action=incremental
This will run a backup on every node in every domain.
I suspect that "define clientaction MyServer action=incremental" will
run a backup for MyServer in every domain.

They are explicitly specifying a node name with no wild card
characters. This means that they are implicitly specifying a
domain, since TSM will not allow the same node name to exist
in more than one domain. I have already sent the administrators
e-mail suggesting that they try using the domain option.
However, there is no reason they should need this option.
The TSM server should be capable of figuring out that it is
not being asked to run backups of any nodes in domains not
covered by the administrators' restricted policy privilege.

This e-mail (including any attachments) is confidential and may be legally privileged. If you are not an intended recipient or an authorized representative of an intended recipient, you are prohibited from using, copying or distributing the information in this e-mail or its attachments. If you have received this e-mail in error, please notify the sender immediately by return e-mail and delete all copies of this message and any attachments.

Thank you.

Display posts from previous:
Reply to topic Page 1 of 1
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
  


Magic SEO URL for phpBB