Basic Security – Sarbanes Oxley Legislation

CL version – 3.8.1P

OS – AIX 5.1

My company has decided to interrupt the Sarbanes Oxley Legislation as being for ALL systems within the company.  Now what this means is that no one can have a login to any production system without having a LOG of why you need to have access to production.  They have figured out a way to do this for the telnet sessions on the production server.  How they are doing this is that there is a central ticketing system that will be allowed to do a SSH login and re-activate the user name of the person that is requesting access.  Of course this only works for TELNET sessions.

The problem I am having is that I need an automated way to do this for the GUIs.  We have Basic Security loaded and it works just fine with only giving access to those that have certs.  The problem is that to “not allow” users to get access via the GUIs on Production.  The only way that this can be done is via the Cert Manager.  This can only be done via an X-windows session and a “real person” has to be doing it.  Has anyone even tried to figure out how to “revoke” and “re-instate” a user via scripting or any other method that a real person does not have to do this?

If you have any questions or comments I will gladly accept calls and private emails.

Rob Lindsey

615-591-4515

rob.m.lindsey@questdiagnostics.com