Re: [NV-L] Netview Security

[Leslie Clark <lclark@us.ibm.com>]

I doubt that you can do it. There are
unsecured versions of the snmp commands delivered in /usr/OV/security/cmds
that allow those commands to be used without authentication. They were
compiled with different libraries to do that. 

How about creating a netview account
that can only do those commands? Then the risk associated with hardcoding
that password in a script would be reduced. 

Cordially,

Leslie A. Clark
IT Services Specialist, Network Mgmt
Information Technology Services Americas
IBM Global Services
(248) 552-4968 Voicemail, Fax, Pager

"Michael Brunelle" <michael.brunelle@gmail.com>
Sent by: nv-l-bounces@lists.ca.ibm.com

01/22/2007 09:43 AM

Please respond to
Tivoli NetView Discussions <nv-l@lists.ca.ibm.com>

To	nv-l@lists.ca.ibm.com
cc
Subject	[NV-L] Netview Security

Hi everybody,
 
Netview version is 7.1.4.
Security has been turned on.
 
I was about to create a script for maintenance purposes.
That script would be running on a regular basis at a specific
time...
 
In the script, the ovmapcount and ovtopofix command would
be issued. But before running those commands, the user under who the script
is running must be logged into Netview... I don't see how this user could
be authenticated within the script. I don't want to write down any passwords
with nvauth command... 
 
Is there a way to exclude the ovmapcount and ovtopofix
command from Netview authentication ?
Any other ideas ?
 
 
Michael_______________________________________________
NV-L mailing list
NV-L@lists.ca.ibm.com
Unsubscribe:NV-L-leave@lists.ca.ibm.com
http://lists.ca.ibm.com/mailman/listinfo/nv-l (Browser access limited to
internal IBM'ers only)

_______________________________________________
NV-L mailing list
NV-L@lists.ca.ibm.com
Unsubscribe:NV-L-leave@lists.ca.ibm.com
http://lists.ca.ibm.com/mailman/listinfo/nv-l (Browser access limited to 
internal IBM'ers only)