Who Can It Be Now?
Perhaps if LDAP and RBAC technologies were around in 1982, Men at Work would have had an easier time answering this question and could have gotten back to business as usual. Fortunately, for today's IT operations environments, there are proven, low-cost and easy to manage solutions that provide user management and access control.
Like most organizations, you probably support large numbers of servers and applications. The end-users are clamoring for a single sign-on capability and a single point of contact for getting access to all applications. And, the system and application administrators need centralized account management, granular access control to each application, and high availability along with it.
While not the only path to access control, the leading approach today is called Role-based Access Control or RBAC. It is recommended so widely that there are many standards on its implementation, most notably ANSI/INCITS 359-2004. As opposed to previous approaches where individual users receive read-only or read-write access to data objects, RBAC makes use of roles v. users and activity-based permissions v. data-based permissions. In an RBAC implementation, roles are granted permission to conduct an activity, such as creating a trouble ticket. Then, as users are added to the enterprise, they are assigned to roles instead of directly to activities. As straightforward as this may sound, complexity lurks in that users can belong to multiple roles, roles can map to multiple activities, and many times, the role-to-activity mapping can reside only within disparate applications. This level of coordination requires not only upfront planning with application administrators and end user communities, but also the experience that comes from having done it before. For several clients, Windward has designed and implemented this end-to-end solution, including enterprise-wide account management using LDAP-based technologies, single sign-on portals for end-users, multi-master/slave replication models for high availability, and an administration tool that pulls it all together.
If I recall, there were some monsters that came knocking at Men at Work's door in their 1982 Top-40 hit. But, if monsters are not a problem in your environment, Windward has a solution for your enterprise account management and access control needs.