Login or Register to Ask a Question and Join Our Community


UNIX for Dummies Questions & Answers

sync password

 
Thread Tools Search this Thread
Top Forums UNIX for Dummies Questions & Answers sync password
# 8  
Old 09-16-2010
yes all of them are the same users.....


did not know about root user on reboot problems
# 9  
Old 09-16-2010
another thing to think of. when a user changes their password they are not going to have direct permissions to "push" it to the other system. this means you will have to design the system around that -- eg: somehow signal to the push script that a user changed their password then push it remotely as root. since it is running in batch mode your going to have setup ssh public key authentication with null passphrases.

This can be done properly if you have solid scripting skills and a strong Linux/UNIX background but someone will have to maintain the system. problems will arise.

There are so many things that benefit from using a central system like LDAP. I will name a few.
  1. you only have to create a user with one command, one place and it can easily be simple web application if needed.
  2. you can lock a user account of all systems in one command
  3. a user can change their password from any LDAP enabled system and the password will be effective for all systems instantly
  4. security - accounts are not local, you can control which hosts/services a user has access to, if a host gets compromised all user accounts are not accessible
  5. scalability - add a new server, add 100 servers, no problem, just point them to the ldap server.
This User Gave Thanks to frank_rizzo For This Post:
karlochacon
# 10  
Old 09-16-2010
Quote:
Originally Posted by frank_rizzo
you do realize that if you copy /etc/shadow from one server to the next that the root password will now be the same? Are the same exact users on all servers?

Code:
LDAP=voila

how would be the LDAP migration I mean I got existing users/sudo/few folder ownerships.....?
# 11  
Old 09-16-2010
Quote:
Originally Posted by karlochacon
how would be the LDAP migration I mean I got existing users/sudo/few folder ownerships.....?
It takes planning and testing but it's not overly complicated IMO. There are scripts provide to import existing users into LDAP. As long as your UID/GID for the users is the same across systems there will be no permission issues. There are plenty of LDAP tutorials and information online. I recommend at least reviewing information and then make a educated decision. I have several LDAP books I can recommend if you really wanted to test it. 8 servers is really not that many but if you have many users it might be a viable solution and can simplify all aspects of user administration. sudo and other utilities will work. Having accounts in LDAP is transparent. The end-user will not notice a difference.

If you think LDAP is overkill for your environment then your going to have to get creative. Just be careful - the last thing you want to do is zero out the /etc/passwd or /etc/shadow files.
This User Gave Thanks to frank_rizzo For This Post:
karlochacon
# 12  
Old 09-16-2010
thanks a lot guys

seems like LDAP will be the tool I just need some time to read and test before going production
 
Login or Register to Ask a Question

Previous Thread | Next Thread

9 More Discussions You Might Find Interesting

1. Forum Support Area for Unregistered Users & Account Problems

Password sent via reset password email is 'weak' and won't allow me to change my password

I was unable to login and so used the "Forgotten Password' process. I was sent a NEWLY-PROVIDED password and a link through which my password could be changed. The NEWLY-PROVIDED password allowed me to login. Following the provided link I attempted to update my password to one of my own... (1 Reply)
Discussion started by: Rich Marton
1 Replies

2. AIX

Unable to sync a lv

Hi Please look in to the below issue and advise how to fix the issue. I tried syncvg but it gives me an error. Recently we have upgraded the service pack in this lpar. ========================================================== pmut8# lsvg -l rootvg | grep -i stale paging00 ... (3 Replies)
Discussion started by: newtoaixos
3 Replies

3. UNIX for Dummies Questions & Answers

Help with sync

Folks; I have 2 SUSE DNS servers, one will be the master and one will be the slave. we normally update the master when adding any new servers to the DNS list. I'm looking for a way to sync both servers every night, so the slave is updated nightly. I thought of using "rsync" with cron to sync... (1 Reply)
Discussion started by: Katkota
1 Replies

4. Shell Programming and Scripting

Password script sync

Hi all, I am trying to create a simple password script but it seems not working well. What I'm trying to do is to sync the yppasswd and smbpasswd. So I created this: #!/bin/csh echo "" echo "Please enter old password: " set OLDPASSWD = $< echo "Please enter new password: " set NEWPASSWD... (2 Replies)
Discussion started by: saiful
2 Replies

5. Solaris

R-sync for solaris?

Hi Gurus I ave a Prod,standby and DR server(All Sol 5.9) and i need to sync the Application running in prod,standby and DR. The Application vests in a filesystem(a directory) and syncing the directory would server my purpose. I came across rsync utility and am planning to implement it. But... (3 Replies)
Discussion started by: Hari_Ganesh
3 Replies

6. Solaris

Sync to Green vs. Separate Sync

Hi all....I have a Sun Ultra2 that I want to use with my PC monitor. I have purchased an adapter that does not work and I was told I need to change my video card setting (if I can) to Separate Sync.....my Monitor product number ends in 1343......I am running SunOS 5.7 ......anyone have any ideas? ... (0 Replies)
Discussion started by: psantinello
0 Replies

7. Solaris

cron sync

hi all , i have a E4900 server cluster that consists of 2 Servers (Cluster1 and cluster2 ) all of my crons are located under /var/spool/cron/crontabs . I am trying to put them on a shared place , so thati dont have to edit both crons on every system . thank you cheers (3 Replies)
Discussion started by: ppass
3 Replies

8. UNIX for Advanced & Expert Users

samba questions (password conversion to blowfish and is it wise to sync the useraccou

i stumbled upon something that gave some nice instructions on how to convert FreeBSD passwords from md5 to blowfish. it was simple and straight forward and it worked. i'm running samba on the machine. now i know the tutorial i was following had something where a user's samba and machine... (1 Reply)
Discussion started by: xyyz
1 Replies

9. UNIX for Advanced & Expert Users

Workstations are not sync

What's the idea of Unsyncron SUN WS's ? one of our client had a problem & my supervisor told me that this causes of unsynchron WS's i mean maybe the setting of one is not compatible with other ..... Any Suggestion would be helpful Rgrds, nikk (1 Reply)
Discussion started by: nikk
1 Replies
Login or Register to Ask a Question