On Thu, 16 Jul 2009, Ed wrote: > On Mon, Jul 13, 2009 at 12:12 PM, <[email protected]> wrote: >> I currently have a commercial tool that does root password management and >> am looking for other options (the maintinance price of this tool is in the >> 6-digits per year) >> >> the tool reaches out and changes the root passwords on the systems, and >> then has an sudited request/approve/release process for giving out the >> root password as needed (an then changing it afterwords) >> >> we use this for cases where our normal access methods (including sudo type >> things) don't work, so I'm not interested (at this time) in discussions on >> those types of tools, just tools that can change the root passwords >> periodicly and then release them to the sysadmins as needed. >> >> I know that thre are at least three companies doing commercial tools that >> do this >> >> Symark (Power Keeper) >> Quest >> and I'm forgetting the name of the third company (Symark's Power Keeper >> started off as a re-branding of this other company and now the codebase >> has forked) >> >> any suggestions (including open source options)? >> >> David Lang > > > David, > > If you look at this a small part of a larger opportunity, you might > give CFengine3 a look - the management of ID & certs is an important > part of its operation. You can start off free, and go pro if you > deploy. > > this isn't exactly a GUI app - fair warning,... err a promise (ever > heard of Promise Theory?) http://www.cfengine.org/
I know a little about cfengine, but I've never heard of CFengine being used to change root passwords on a machine, let alone any mechanism to issue the root password to users as needed and audit it. if I am wrong and cfengine has this sort of capability, please point me at it, but my understanding is taht cfengine is for building and maintaining system configs and software. David Lang _______________________________________________ Discuss mailing list [email protected] http://lopsa.org/cgi-bin/mailman/listinfo/discuss This list provided by the League of Professional System Administrators http://lopsa.org/
