In our company we have several units for different platforms, f.i. AIX, NT,
Sun and so on.
The units (platform-specialists) are doing there own restores and every
platform has one or more policy domains with different management classes.
We are using password access generate. So after password expiration the
platform-admins don't know the password for the client in case of restore a
machine from scratch, and have to contact our unit (Stor. Man). Sometimes
they type in a wrong password and node is locked. We want to use an admin
that can unlock the client-node and update the password in case of restores
so the platform-admins don't have to call our unit (storage Man.) and don't
loose time in case of quick install.
The manual is saying that admins with system privilege, and unrestricted and
restricted policy privilege can lock/unlock and update passwords. The
problem is that this is too much privilege.
I was wondering how other sites are dealing with this issue.
Chat on line met vrienden en probeer MSN Messenger uit: