GUARDIANGUARDIAN offers a set of programs designed to provide centralized account management, password synchronization, and access control for the most popular versions of UNIX. |
 |
GUARDIAN's features include (but are not limited to) the following:
- A user-friendly menu program in both a Motif-based GUI (coupled with on-line help) and a character-based interface.
- Use command line interface with script files to perform any menu program function, which can be run without operator intervention
- Supports NIS and NIS+ environments
- Create user accounts on one host and specify other hosts where that account is to exist
- Control user password choices; how often a new password must be chosen, in what format the password must be, if the user can choose their own password or must accept an automatically generated password, etc...
- Control access to other UNIX hosts by access type, day, time, port, host, etc...
- Provide users with a password change mechanism, which will keep their password in sync across multiple operating systems
- Log UNIX accesses, both successes and failures
- Automatically inactivate user accounts with multiple failed password entries
- Edit multiple accounts with a single command
- Assign management privileges to specified user accounts including:
Password Manager
Allow a user to change passwords for other users but not run the menu program.
Security Manager
Allow a user to run the menu program for account administration purposes. Note this option may be used in conjunction with a setuid bit, which eliminates need for all administrators to have the root password. This option may also be used with further restrictions assigned to the user such as what accounts the user can administer, what menu program options they can use, etc...
Network Manager
Allow security managers the ability to propagate changes across the hosts within a particular environment.