I have used different sets of tools, and many have access restrictions for users.
Example in version control you setup the user, give them certain permissions/roles, etc.. You could actually keep them from logging in to the version control server. This is something that I am looking for.
You we have users that have access through our application through an interface program. The interface is nice because it restricts access and permissions to do certain things for the user, which is good for certain things. Unfortunately someone gave some of these users access to winscp to go directly into the server, with their current id, and they can do all sorts of things that we don't want them to do in there, and instead of going through the interface. Is there a way to, I don't know take away there account to even have access to use winscp to go to the server? Their unix id needs to to work through the interface, but not in the server through winscp.