This one is for any other sysadmins that happen to stumble across this blog…
Our school district has the worst data management possible. We have had active email accounts for people who haven’t worked for us in years.
It’s that bad. Actually it’s worse (although I don’t know if this counts as worse)…
We have no directory services in place – For each system or application we have that requires authentication, that system or app has had it’s authentication information maintained manually. It’s been a nightmare to say the least.
We’re finally implementing directory services (Apple’s Open Directory) and we’re planning on having it drive everything authentication-related. But we still have a problem with the data we get (or don’t get) from our HR department. A plan has been fashioned to use a PHP/MySQL customised system to give multiple people access to the data in our directory and update it as needed. I’d go into more detail, but I’ll be honest – this thing seems like it’s grown to monolithic proportions and I’m at a point where I A) don’t really know anything about it, B) don’t even think I understand it anymore, and C) don’t even have access to it.
So… my question is… is it wrong that I feel extremely hesitant (borderline refusal) to allow that much access (pretty much everyone in district – user password changes will theoretically be handled by this system) to the directory data?
Or am I just looking at it from a ‘Chicken Little’ point of view?