5 Replies Latest reply: Sep 8, 2013 9:33 PM by dkoleary RSS

    OEM as a configuration management tool?




      I'm at a new client who's interested in exploring automated configuration management.  One of the UNIX admins here is advocating oracle enterprise management.  I've done a bit of research on it and, while I'll still do more, I don't believe OEM is what we're looking for to satisfy this specific requirement.  I thought I'd ask here amongst what will probably be even more ardent OEM advocates to find out if I'm missing something in my understanding of OEM.


      From a host/security perspective, an automated configuration management tool will monitor systems' configurations and reset them if any unauthorized changes occur.  For instance,if I have a CM tool managing root's and/or oracle's ssh keys, if a new admin comes in, I can simply update the appropriate file on the CM tool and have it send the update out to all appropriate systems.  If an admin leaves, the key gets automatically removed just as easily.  Another use would be (UNIX) cluster configuration files which tend to get out of sync on the member nodes as time goes on.  Using a CM tool, that doesn't happen. More important/visible uses usually cover ensuring system security configuration files meet and are maintained in compliance with a company's security policy.


      From what I've seen, OEM looks like a great monitoring tool; but, is it a configuration management tool as well?  I haven't seen that yet in my research. If it can be used as a CM tool, are there any good links pointing out how that's done?


      Appreciate your time and any hints/tips/suggestions you may have.




      Doug O'Leary


      Senior UNIX/Security Admin


      O'Leary Computers Inc