tools for user account creation/permissions
I work on a team that is primarily windows servers, with my little corner of linux. My manager wants me to find some way to be able to automatically and easily grant temporary access to vendors who need to be able to login for a short time to diagnose or fix a problem on multiple servers, and have that access expire automagically at some set time period. This tool of course has to be something that can be accessed by our data center people so that when an emergency comes up, they can just click a button and the access is granted. The windows team has this ability and we should be able to do this for unix/linux too. I don't believe that such a tool exists, and I'm not even sure where I would go as far as building one myself - maybe set up something that would change the default group for the vendor's login ID to the application owner's group might work. No idea how I could expire that automatically. Does anyone know if any tools of this sort exist?
|