I'm embarking on a project, aimed at managing our user accounts. I'm hoping
to get some suggestions from you folks. I really want to avoid having to
find and clean up stale/unused accounts periodically.

In a three-tiered environment, with ~75 servers, we want to manage who gets
an account, where, for what reason, at what interval do we check to see if
the account is still neccessary, etc. One thought that I had was to
classify users by function; developer, DBA, team lead/mgr, app admin.

What about NIS+ ? I don't know a whole lot about it, admittedly.

What are you doing to keep a pulse on your accounts?

[ Post a follow-up to this message ]

Limo <geekboy@rcn.com> wrote in message news:<bma76l$bt9$1@bob.news.rcn.net>...
quote:

> I'm embarking on a project, aimed at managing our user accounts. I'm hopin
g
> to get some suggestions from you folks. I really want to avoid having to
> find and clean up stale/unused accounts periodically.
>
> In a three-tiered environment, with ~75 servers, we want to manage who get
s
> an account, where, for what reason, at what interval do we check to see if
> the account is still neccessary, etc. One thought that I had was to
> classify users by function; developer, DBA, team lead/mgr, app admin.
>
> What about NIS+ ? I don't know a whole lot about it, admittedly.
>
> What are you doing to keep a pulse on your accounts?


You should look into LDAP. It is the current state-of-the-art for
managing users. It is more flexible than NIS+. LDAP can be used with
multiple types of operating systems, and can also be used to manage
user accounts for your applications. There are also Java classes that
allow you to access LDAP user information from a Java program.

[ Post a follow-up to this message ]

Limo <geekboy@rcn.com> wrote in message news:<bma76l$bt9$1@bob.news.rcn.net>...
quote:

> I'm embarking on a project, aimed at managing our user accounts. I'm hopin
g
> to get some suggestions from you folks...



Forgive the commercial plug, but you might want to consider
COSuser (www.cosuser.com) from Open Systems Management. COSuser
provides:

centralized user management
detailed audit trails of all user management activity
password synchronization
role-based access control
dynamic roles
transaction engine
enforcement of password rules/aging
self-serve password resets
secure delegation of permissions

...and as they say in marketing-land, much more.

Contact me directly at the options listed below if you
have questions or would like to see the software in action.

Kelly

Kelly Paletta
Account Executive
Open Systems Management
PH: 206-652-3538
FAX: 206-583-8374
kelly.paletta@osminc.com
www.osmcorp.com

[ Post a follow-up to this message ]