[This is preliminary documentation and subject to change.]
RSM provides security for media pool and library objects. Media pool security controls access to media, including physical media, partitions, and logical media. Library security controls access to physical library units, including drives, changers, slots, and insert/eject ports.
Administrators can use the RSM MMC snap-in to set and check object security. Applications can use the SetNtmsObjectSecurity and GetNtmsObjectSecurity functions to set and check security for an RSM object.
When you use nested media pools, the security of the lowest-level media pool determines the security of the media objects.
The following table lists RSM functions and the RSM security descriptors required to successfully perform each operation. This table uses the following key.
| Media Pool | Library | Computer | |||
|---|---|---|---|---|---|
| OpenNtmsSession | U | ||||
| AllocateNtmsMedia | M | ||||
| CompleteNtmsMedia | M | ||||
| CreateNtmsMediaPool | M | ||||
| DeallocateNtmsMedia | M | ||||
| DecommissionNtmsMedia | M | ||||
| DeleteNtmsMedia | M | ||||
| DeleteNtmsMediaPool | C | ||||
| DismountNtmsMedia | U | U | |||
| MountNtmsMedia | U | U | |||
| MoveToNtmsMediaPool | M | ||||
| SwapNtmsMedia | M | ||||
| AccessNtmsLibraryDoor | C | ||||
| CancelNtmsLibraryRequest | C | ||||
| DeleteNtmsLibrary | M | ||||
| DismountNtmsDrive | C | ||||
| EjectNtmsMedia | C | ||||
| InjectNtmsMedia | C | ||||
| InventoryNtmsLibrary | C | ||||
| UpdateNtmsOmidInfo | C | ||||
| CancelNtmsOperatorRequest | |||||
| SatisfyNtmsOperatorRequest | C | ||||
| SubmitNtmsOperatorRequest | |||||
| WaitForNtmsOperatorRequest | C | ||||
| CleanNtmsDrive | C | ||||
| EjectNtmsCleaner | C | ||||
| InjectNtmsCleaner | C | ||||
| ReleaseNtmsCleanerSlot | C | ||||
| ReserveNtmsCleanerSlot | C | ||||
| GetNtmsObjectInformation | |||||
| NTMS_DRIVE | C | ||||
| NTMS_LIBRARY | C | ||||
| NTMS_CHANGER | C | ||||
| NTMS_STORAGESLOT | C | ||||
| NTMS_IEDOOR | C | ||||
| NTMS_IEPORT | C | ||||
| NTMS_PHYSICAL_MEDIA | C | ||||
| NTMS_MEDIA_POOL | C | ||||
| NTMS_PARTITION | C | ||||
| NTMS_LOGICAL_MEDIA | C | ||||
| NTMS_OPREQUEST | M | ||||
| NTMS_MEDIA_TYPE | M | ||||
| NTMS_DRIVE_TYPE | M | ||||
| NTMS_CHANGER_TYPE | M | ||||
| NTMS_LIBREQUEST | M | ||||
| GetNtmsObjectSecurity | READ_CONTROL for the object | ||||
| SetNtmsObjectSecurity | To set discretionary access rights | WRITE_DAC or ownership of the object |
|||
| To change owner and group information | WRITE_OWNER or ownership of the object |
||||
| To set system access rights | SE_SECURITY_NAME for the process |
||||