Have checked out Penrose from Safehaus.<br><br>Otherwise if you don't want a FOSS solution then Novell IDM is the most complete end-to-end IDM solution on the market IMHO.<br><br><div class="gmail_quote">On Mon, Aug 10, 2009 at 12:05 AM, Andres Kaaber <span dir="ltr"><<a href="mailto:andres.kaaber@gmail.com">andres.kaaber@gmail.com</a>></span> wrote:<br>
<blockquote class="gmail_quote" style="border-left: 1px solid rgb(204, 204, 204); margin: 0pt 0pt 0pt 0.8ex; padding-left: 1ex;">Hello all<br>
I'm assigned with a project to make a central admin user database for all kind<br>
of servers / devices you can imagine (routers, switches, firewalls, linux<br>
servers, windows servers, databases, etc.). The point is that when a news<br>
employee arrives you just make him a user in this database, maybe check which<br>
type of devices he can and all the devices are configured to authenticate users<br>
against this db. We have over 200 switches alone in our company so making user<br>
accounts in every single one of them and when this dude leaves to disable all<br>
of them is huge (or impossible) work.<br>
So I thought a linux server LDAP+FreeRADIUS for authentication sounds quick,<br>
easy and good solution, or not? There is no problem with servers Linux and<br>
Windows servers can authenticate against radius. Most popular DB -s can do<br>
this also (Oracle, MySQL, PostgresSQL). I don't know about Cisco switches and<br>
roters but as far I found in google there should be no problems the same goes<br>
for juniper devices.<br>
So what do you think? Or maybe you know a free software solution for this kind<br>
of problem already? Sun identity management is one that i checked out but it<br>
seems too bloated and complicated. So what are your thoughts?<br>
<font color="#888888">--<br>
Andres Kaaber<br>
-<br>
List info/subscribe/unsubscribe? See <a href="http://www.freeradius.org/list/users.html" target="_blank">http://www.freeradius.org/list/users.html</a><br>
</font></blockquote></div><br>