On Thu, May 26, 2011 at 5:06 AM, Philip Tully <tull...@optonline.net> wrote: > With all do respect: Contacting our IBM rep under NDA does not fit " public > road map " > > I think the customers are letting IBM know, that they are not ready to > relinquish control of this asset. It may not be the story IBM mgmt wants to > hear but it is the one that is being told. I may no longer go onsite to > customers on a regular basis, but when I was, I often needed access to the > HMC and it was pretty consistent that there was significant access control > for the HMC.
Neither may be parts of IBM. At least two installations told me that "IBM requires" that the original HMC user/pw combinations remain in place for the (different) IBM support person to be able to support them. I suppose that when the customer was more persuasive they could convince their support person of something else. Some Large shops have a separate LAN for delicate stuff and implement access control with RSA gear. That includes a process to expire access when people change roles, etc. This is where you find their HMC as well the local consoles for the LPARs. You can't seriously tell them to move some of that back into the public LAN and do local password management again. Rob
