System Administration

How to synchronize unix passwords inside a large cluster

 
Augusto Vinhaes
Frequent Advisor

How to synchronize unix passwords inside a large cluster

I've got a large cluster with 8 nodes and 12 applications based on the oracle database. I intend to convert the hp-ux servers to trusted system and I'm looking for a way to manage and synchronize the hp-ux passwords for all nodes. Nowadays I do it through some scripts and C program's, but I'd like to improve the procedure. I've heard that NIS+ has many bugs and it's not easy to configure and use. Is it possible to do it with NIS+ ? Any suggestion will be welcome.

Thanks,
Augusto
Augusto
4 REPLIES 4
A. Clay Stephenson
Acclaimed Contributor

Re: How to synchronize unix passwords inside a large cluster

NIS+ is quite robust and it's made to do what you are trying to do. Configuration is a bit difficult - at least the first time through but SAM does an amazingly good job.

NIS is conceptually more simple but will not work in a Trusted environment.
If it ain't broke, I can fix that.
Helen French
Honored Contributor

Re: How to synchronize unix passwords inside a large cluster

Hi,

I agree with Clay. NIS+ will be the best bet for you. NIS is not an option here, as you are going to use the trusted modes.

The configuration will be quite easy and you can find out the manuals from:

www.docs.hp.com

HTH,
Shiju
Life is a promise, fulfill it!
Wodisch
Honored Contributor

Re: How to synchronize unix passwords inside a large cluster

Hi,

in times of PAM (Pluggable Authentication Modules) another interesting way to accomplish this is to use LDAP (e.g. OpenLDAP), as then you can even use Samba to map NT-Domain-Accounts to it, and then you can have the same IDs (and passwords) for UN*X, Windows, and what you want else!
Oh, and you can replicate it, for redundancy/safety/scaling...

Just my $0.02,
Wodisch
Fergus Hayne
Occasional Advisor

Re: How to synchronize unix passwords inside a large cluster

You could manually synchronise /tcb/files/auth/* across all of your servers.
hmm