[CentOS] OT: Managing change control in servers, LDAP, firewalls and switches question

Fri Jan 23 15:32:52 UTC 2009
Erick Perez <eaperezh at gmail.com>

Hi, being an off-topic questions with so many vendors involved I had
no definitive place to go to ask but here. So maybe some of the list
members have ideas in mind.

Currently we manage several switches,firewalls and MS LDAP and Centos
OpenLDAP installations.
We are looking for a "man in the middle" or "framework" to manage
change on our network devices and LDAP-based servers.
So far, using Quest ActiveRoles/Intrust has filled the part of LDAP,
where administrators log into ActiveRoles/Intrust system, generate
changes (delete OU, users, change passwords, etc) then the request has
to be approved by a staff member in Activeroles/intrust. When the
approval is sent to the system, the ActiveRoles/Intrust (and not the
sysadmin) logs into the LDAP systems and perform the changes. This has
proven useful in tracking changes (who did what, when, who approved
it).
We are looking into a similar solution (Quest Software does not have
that for devices) to perform change and control on the routers,
switches and firewalls.

Maybe someone can also point me to a mailing list where i can ask the
same question?

thanks,


-- 
------------------------------------------------------------
Erick Perez
Cel +(507) 6675-5083
------------------------------------------------------------