Mike's Realm chown -R us ./base

24Nov/112

Automated User Creation & Device Group Security for WhatsUp Gold

This is the beginning of a little standalone identity management project me and Kevin are working on for IPSwitch's WhatsUp Gold product.

Overview:

This "WhatsUp Enterprise New User System" aka WENUS enumerates a configured LDAP Group (and any nested groups) for user accounts--any users that do not exist in the WhatsUp are created automatically.  It also reads the user account's department attribute and creates access to the device group that has a matching device group description.  In our case we have ~200 remote sites, at each of those sites there are up to 2 techs who use WhatsUp to monitor systems at each site.  These remote sites are broken out into Device Groups, we populated all the device group description fields with the corresponding site/dept code--which is also populated in the user account's LDAP department attribute.  This script can be run nightly or weekly to ensure the proper folks get access to only their respective area.  Furthermore it outputs to the WhatsUp System Activity Log, so you can see new users being created, and any errors there.

This was written for WhatsUp Gold v15 but should work on older versions--perhaps requiring slight modifications.

WENUS Features:

  • Enumerates a LDAP Group (and any nested groups) to create WhatsUp User Accounts when additions are made to the group
  • Scopes WhatsUp Device Group Security based on Department LDAP attribute & Matching WhatsUp Device Group Description fields
  • Outputs to the WhatsUp System Activity Log - any Creates and any Errors are logged centrally.
SQL Server credentials are required to be put into this script, to prevent this from being accessible via clear-text you can use Microsoft's Script Encoder to encode this VBScript so Username/Password won't be easily readable.  Download @ http://www.microsoft.com/download/en/details.aspx?displaylang=en&id=3375
This script was created to be adapted with minimal effort to other systems, feel free to let me know if you modify this to support other systems/products.
Disclaimer: Safety is not guaranteed, test this before rolling into production.

Share
Comments (2) Trackbacks (0)
  1. Great utility Mike. Thanks for taking the time to develop and then share both here and on the community site.


Leave a comment

No trackbacks yet.