SUSE Linux PHP Webserver DMZ
I am not 100% certain this is the correct forum but I thought this would be best posted here in the general forum instead of the networking or server forum. If someone sees that a different forum would be better feel free to move.
We currently have several Windows servers in our DMZ running IIS and have started looking seriously at converting these PHP websites to our Linux distribution SUSE Linux Enterprise Server 11sp1 (SLES). We have an automated process which when a developer needs access to a production webserver in the DMZ they submit a form which once submitted launches a .NET application that goes to the Windows server and using a generic username/password generates a generic username and password for the developer to use for the time they specified on the form. I am trying to figure out a similar way to do this with the SLES servers. I thought about using SSH keys to allow the Windows 2003, soon to be a Windows 2008 server, which is currently used to connect to the DMZ servers to generate the username and password, to generate the generic username and password on the DMZ boxes. I am sure there is an easier way to accomplish what I am trying to accomplish but the more I think the more difficult this becomes so I figured I would throw this out here to get some assistance.
I need to be able to generate a username and password on these SLES servers from a Windows 2003/2008 server automagically. Any thoughts? Is anyone else doing this? I was trying to figure out how the big web hosting companies accomplish this, allow there customers access to their specific websites? The SLES server is running ZEND for the PHP along with the native Apache package from SLES and the sites will all be virtual hosts on the box. Is there an easier way to provide access to specific web sites in the DMZ for users which they would use random username and passwords? This is to prevent developers from making unscheduled changes so when they fill out the access request form they specify how long they need access. Once the time expires the access gets revoked.
Any more details let me know. I am in desperate need for some advice.
|