This is the beginning of a little standalone identity management project me and Kevin are working on for IPSwitch’s WhatsUp Gold product.
Overview:
This “WhatsUp Enterprise New User System” aka WENUS enumerates a configured LDAP Group (and any nested groups) for user accounts–any users that do not exist in the WhatsUp are created automatically. Â It also reads the user account’s department attribute and creates access to the device group that has a matching device group description. Â In our case we have ~200 remote sites, at each of those sites there are up to 2 techs who use WhatsUp to monitor systems at each site. Â These remote sites are broken out into Device Groups, we populated all the device group description fields with the corresponding site/dept code–which is also populated in the user account’s LDAPÂ department attribute. Â This script can be run nightly or weekly to ensure the proper folks get access to only their respective area. Â Furthermore it outputs to the WhatsUp System Activity Log, so you can see new users being created, and any errors there.
This was written for WhatsUp Gold v15 but should work on older versions–perhaps requiring slight modifications.
WENUS Features:
- Enumerates a LDAP Group (and any nested groups) to create WhatsUp User Accounts when additions are made to the group
- Scopes WhatsUp Device Group Security based on Department LDAP attribute & Matching WhatsUp Device Group Description fields
- Outputs to the WhatsUp System Activity Log – any Creates and any Errors are logged centrally.