Login or Register to Ask a Question and Join Our Community

Sponsored Content
Full Discussion: sync password
Top Forums UNIX for Dummies Questions & Answers sync password Post 302453923 by frank_rizzo on Thursday 16th of September 2010 06:41:33 PM
Old 09-16-2010
another thing to think of. when a user changes their password they are not going to have direct permissions to "push" it to the other system. this means you will have to design the system around that -- eg: somehow signal to the push script that a user changed their password then push it remotely as root. since it is running in batch mode your going to have setup ssh public key authentication with null passphrases.

This can be done properly if you have solid scripting skills and a strong Linux/UNIX background but someone will have to maintain the system. problems will arise.

There are so many things that benefit from using a central system like LDAP. I will name a few.
  1. you only have to create a user with one command, one place and it can easily be simple web application if needed.
  2. you can lock a user account of all systems in one command
  3. a user can change their password from any LDAP enabled system and the password will be effective for all systems instantly
  4. security - accounts are not local, you can control which hosts/services a user has access to, if a host gets compromised all user accounts are not accessible
  5. scalability - add a new server, add 100 servers, no problem, just point them to the ldap server.
This User Gave Thanks to frank_rizzo For This Post:
karlochacon
 

9 More Discussions You Might Find Interesting

1. UNIX for Advanced & Expert Users

Workstations are not sync

What's the idea of Unsyncron SUN WS's ? one of our client had a problem & my supervisor told me that this causes of unsynchron WS's i mean maybe the setting of one is not compatible with other ..... Any Suggestion would be helpful Rgrds, nikk (1 Reply)
Discussion started by: nikk
1 Replies

2. UNIX for Advanced & Expert Users

samba questions (password conversion to blowfish and is it wise to sync the useraccou

i stumbled upon something that gave some nice instructions on how to convert FreeBSD passwords from md5 to blowfish. it was simple and straight forward and it worked. i'm running samba on the machine. now i know the tutorial i was following had something where a user's samba and machine... (1 Reply)
Discussion started by: xyyz
1 Replies

3. Solaris

cron sync

hi all , i have a E4900 server cluster that consists of 2 Servers (Cluster1 and cluster2 ) all of my crons are located under /var/spool/cron/crontabs . I am trying to put them on a shared place , so thati dont have to edit both crons on every system . thank you cheers (3 Replies)
Discussion started by: ppass
3 Replies

4. Solaris

Sync to Green vs. Separate Sync

Hi all....I have a Sun Ultra2 that I want to use with my PC monitor. I have purchased an adapter that does not work and I was told I need to change my video card setting (if I can) to Separate Sync.....my Monitor product number ends in 1343......I am running SunOS 5.7 ......anyone have any ideas? ... (0 Replies)
Discussion started by: psantinello
0 Replies

5. Solaris

R-sync for solaris?

Hi Gurus I ave a Prod,standby and DR server(All Sol 5.9) and i need to sync the Application running in prod,standby and DR. The Application vests in a filesystem(a directory) and syncing the directory would server my purpose. I came across rsync utility and am planning to implement it. But... (3 Replies)
Discussion started by: Hari_Ganesh
3 Replies

6. Shell Programming and Scripting

Password script sync

Hi all, I am trying to create a simple password script but it seems not working well. What I'm trying to do is to sync the yppasswd and smbpasswd. So I created this: #!/bin/csh echo "" echo "Please enter old password: " set OLDPASSWD = $< echo "Please enter new password: " set NEWPASSWD... (2 Replies)
Discussion started by: saiful
2 Replies

7. UNIX for Dummies Questions & Answers

Help with sync

Folks; I have 2 SUSE DNS servers, one will be the master and one will be the slave. we normally update the master when adding any new servers to the DNS list. I'm looking for a way to sync both servers every night, so the slave is updated nightly. I thought of using "rsync" with cron to sync... (1 Reply)
Discussion started by: Katkota
1 Replies

8. AIX

Unable to sync a lv

Hi Please look in to the below issue and advise how to fix the issue. I tried syncvg but it gives me an error. Recently we have upgraded the service pack in this lpar. ========================================================== pmut8# lsvg -l rootvg | grep -i stale paging00 ... (3 Replies)
Discussion started by: newtoaixos
3 Replies

9. Forum Support Area for Unregistered Users & Account Problems

Password sent via reset password email is 'weak' and won't allow me to change my password

I was unable to login and so used the "Forgotten Password' process. I was sent a NEWLY-PROVIDED password and a link through which my password could be changed. The NEWLY-PROVIDED password allowed me to login. Following the provided link I attempted to update my password to one of my own... (1 Reply)
Discussion started by: Rich Marton
1 Replies

LEARN ABOUT X11R4

gshadow

GSHADOW(5)                                                 File Formats and Conversions                                                 GSHADOW(5)

NAME

       gshadow - shadowed group file

DESCRIPTION

       /etc/gshadow contains the shadowed information for group accounts.

       This file must not be readable by regular users if password security is to be maintained.

       Each line of this file contains the following colon-separated fields:

       group name
           It must be a valid group name, which exist on the system.

       encrypted password
           Refer to crypt(3) for details on how this string is interpreted.

           If the password field contains some string that is not a valid result of crypt(3), for instance ! or *, users will not be able to use a
           unix password to access the group (but group members do not need the password).

           The password is used when a user who is not a member of the group wants to gain the permissions of this group (see newgrp(1)).

           This field may be empty, in which case only the group members can gain the group permissions.

           A password field which starts with an exclamation mark means that the password is locked. The remaining characters on the line
           represent the password field before the password was locked.

           This password supersedes any password specified in /etc/group.

       administrators
           It must be a comma-separated list of user names.

           Administrators can change the password or the members of the group.

           Administrators also have the same permissions as the members (see below).

       members
           It must be a comma-separated list of user names.

           Members can access the group without being prompted for a password.

           You should use the same list of users as in /etc/group.

FILES

       /etc/group
           Group account information.

       /etc/gshadow
           Secure group account information.

SEE ALSO

       gpasswd(5), group(5), grpck(8), grpconv(8), newgrp(1).

shadow-utils 4.5                                                    01/25/2018                                                          GSHADOW(5)
All times are GMT -4. The time now is 06:35 PM.
Unix & Linux Forums Content Copyright 1993-2022. All Rights Reserved.
Privacy Policy