Ok, so, i'm looking for a user account management system that's: open source, web-based, LAMP-based would be best -but if there's a good IIS solution i'd go for it- and reasonably modular/extensible.
Our users are provisioned on an openLDAP for mail (which is also the reference repository), an Active Directory for Windows sessions, file sharing and printing, and a database which can only be accessed by web services for ToIP.
I'd like to streamline the user account provisioning, modification and deletion process (us being an academic institution, we have a lot of turn-over), and reduce the number of tools from 3 to 2, or, even better, 1 by finding one tool that can create, manage, sync and delete users from the openLDAP to the AD and maybe the Cisco database (with a plugin we would dev/have developed for us).
If that tool was also able to manage account expiry dates (automatically or by the way of reminders/alerts) and run scripts at various points of the provisioning process, it'd be heaven-in-IT-dept.
For AD we currently use the native MS tools, for openLDAP we're running a mix of phpldapadmin and an internally-developed tool, and for ToIP we use the Cisco web interface.
I've looked at
LDAP Administration Super Tool, which isn't really what i'm looking for. I've also looked at
LDAP Account Manager, which, from the look of it, doesn't seem to be able to manage a single account across multiple servers). Apple Open Directory might work, but i don't have the Mac hardware to give it a try and we don't run Mac OS X Server and don't plan to.
Sooo, what could the Hive Mind recommend/point me to that could fit (most of) that (ok, hefty..) bill?
On the open source side, you could check out Talend. It is more geared towards data integration but it could certainly be used for provisioning and synchronization (it supports LDAP).
posted by purephase at 4:31 AM on May 27, 2010