Skip to end of metadata
Go to start of metadata

LCLS URAWI admins need the following information from the RES database:

- is the account DISABLED (or ENABLED)
- is the password EXPIRED

PROPOSED SOLUTION:
1) Create 2 new fields in the RES (Resource Enumeration System) database to track two different attributes of a Unix account:
- is the account a shared account? (Need this because Shared accounts "look" like Disabled Unix accounts but we will need to have our script (see below) ignore them)
- has the password expired?
2) Develop a script to update two fields (Status and PWExpired) in the RES database on a regular basis.
- the information would come from the KDC (Key Distribution Center)
- the script would run as a cron job, approximately twice a day

ESTIMATED EFFORT:
Item 1) would be done by Andy Hanushevsky, our RES Subject Matter Expert.
- Andy works for Anders Borgland in Scientific Computing Applications.
- Andy estimates 40 hours of effort for this task.
- Ian Macgregor (OCIO) would also need to spend about 4 hours on this task.
Item 2) would be done by Booker Bense, in OCIO.
- Booker estimates 40 hours of effort over a 3-week period of time.

  • No labels