"I think my biggest concern about using Ansible to manage unknown accounts (rather than known ones) is that you could remove an account that was deliberately added, for a very good reason, but not added to your list... "
Generally if you are automating through Ansible (or another automation system) the best possible place to be in is applying infrastructure change exclusively through the automation system. This is why I suggested removing explicit user accounts (blacklist), not just all users not matching a whitelist. But yes, you can also run scanner-gizmos if you so desire. On Thu, Mar 27, 2014 at 4:37 PM, Adam Morris <[email protected]> wrote: > > > On Thursday, March 27, 2014 1:35:05 PM UTC-7, Adam Morris wrote: > >> >> >> On Thursday, March 27, 2014 11:07:02 AM UTC-7, Michael DeHaan wrote: >> >>> On some of our systems we have Zabbix monitoring the password file and >>> it tells us whenever there is a change (including when someone changes >>> their password). >>> >> > As I rightly pointed out a second later this does NOT tell us when someone > changes their password... > > Adam > > -- > You received this message because you are subscribed to the Google Groups > "Ansible Project" group. > To unsubscribe from this group and stop receiving emails from it, send an > email to [email protected]. > To post to this group, send email to [email protected]. > To view this discussion on the web visit > https://groups.google.com/d/msgid/ansible-project/028aac30-15af-403f-a3d4-8450559c7574%40googlegroups.com<https://groups.google.com/d/msgid/ansible-project/028aac30-15af-403f-a3d4-8450559c7574%40googlegroups.com?utm_medium=email&utm_source=footer> > . > > For more options, visit https://groups.google.com/d/optout. > -- You received this message because you are subscribed to the Google Groups "Ansible Project" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To post to this group, send email to [email protected]. To view this discussion on the web visit https://groups.google.com/d/msgid/ansible-project/CAEVJ8QMKyV8o6asqRasgY7kzc-1%2BB8%3DteZrE6ji8u-aAXLs4rw%40mail.gmail.com. For more options, visit https://groups.google.com/d/optout.
