
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Email to a Friend
- Report Inappropriate Content
Management of local users on linux operating systems using the fanout driver
Hi,
I have deployed the fanout driver for provisioning and de-provisioning of system users on linux.
I need to configure the driver so that
(a) if a local user is created by a root user, the same can be reset or deleted by the fanout driver
(b) if a local user is created by a root user, the password of the same can be reset by the system immediately whenever the password is locally set.

- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Email to a Friend
- Report Inappropriate Content
The Bidirectional Driver may also have functionality for (b) by leveraging PAM.
Regards,
Sam

- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Email to a Friend
- Report Inappropriate Content
I would highly recommend looking at a PAM solution, specifically an AD bridging feature. This will allow your end-users to login using their primary LDAP credential. It can also extend the use of AD groups for rights and provide a sudo-like tool for privilege escalation.
As much as I love IDM, the IDM fanout and bidirectional features are not as good a solution as PAM for these types of use cases.
GCA Technology Services
https://www.gca.net