How to disable TCB on running Aix Server

It has been thinking of many Aix admins that Trusted Computing Base if enabled cant be disabled on the running system; you need to reinstall the OS to deactivate it. What a Joke!!! Everything is becoming dynamic and we are still standing on same level. Let's step forward:-

 MYTH of TCB can't be disbaled if once enabled. How to disable TCB on fly

If TCB is enabled in AIX can be disabled without rebooting or rather say reinstalling the OS. Here is the process: -
 

Don't need any application downtime.

*Playing with ODM is dangerous, so keep your hands safe ;)))

1) Take Odm backup
Top of Form

/usr/lib/objrepos, /usr/share/lib/objrepos and /etc/objrepos recursively

Bottom of Form

2) Check the TCB in odm

# odmget -q attribute=TCB_STATE PdAt

PdAt:
        uniquetype = ""
        attribute = "TCB_STATE"
        deflt = "tcb_enabled"
        values = ""
        width = ""
        type = ""
        generic = ""
        rep = ""
        nls_index = 0
#

3) Disable TCB

odmget -q attribute=TCB_STATE PdAt | sed 's/tcb_enabled/tcb_disabled/' | odmchange -o PdAt -q attribute=TCB_STATE

4) Now TCB is disbaled

# odmget -q attribute=TCB_STATE PdAt

PdAt:
        uniquetype = ""
        attribute = "TCB_STATE"
        deflt = "tcb_disabled"
        values = ""
        width = ""
        type = ""
        generic = ""
        rep = ""
        nls_index = 0
#

5) If you want to enable TCB again

odmget -q attribute=TCB_STATE PdAt | sed 's/tcb_disabled/tcb_enabled/' | odmchange -o PdAt -q attribute=TCB_STATE