We have a few Linux servers that we would like to share the same passwd/shadow/group file for central administration. We're thinking of implementing NIS, but I hear a lot of bad things about it as far as security goes. Are all transmissions sent via NIS sent in clear text? I also hear that it generates a lot of bandwidth with the RPC calls. Are there any viable solutions out there for Linux? What do large organizations with hundreds of Linux servers do for central account administration? We only have about 300 users here so I might just write a simple script that will scp the files to each server that needs them via cron.
Right now, we're running Microsoft Services for Unix 3.0 to synchronize our Active Directory users's passwords with the passwords on our Linux boxes. The downside to this product is that it only synchronizes the passwords of existing accounts in AD and /etc/passwd, and doesn't create them if they don't exist.
We need a product where we can create a user on any Linux server or Windows DC and the changes will be synchronized to all of the servers. Either that or just a product that will do this for the Linux servers only.
So far, the only idea's I have are to run NIS+ on a Solaris box, or run Novell's Account Manager on the Windows and Linux servers.
Thanks,
Chris
Right now, we're running Microsoft Services for Unix 3.0 to synchronize our Active Directory users's passwords with the passwords on our Linux boxes. The downside to this product is that it only synchronizes the passwords of existing accounts in AD and /etc/passwd, and doesn't create them if they don't exist.
We need a product where we can create a user on any Linux server or Windows DC and the changes will be synchronized to all of the servers. Either that or just a product that will do this for the Linux servers only.
So far, the only idea's I have are to run NIS+ on a Solaris box, or run Novell's Account Manager on the Windows and Linux servers.
Thanks,
Chris