HPE Community
Operating System - HP-UX
1834183 Members
2662 Online
110064 Solutions
New Discussion

Password Syncronization

 
Nicky_5
Regular Advisor

‎06-21-2005 02:16 AM

‎06-21-2005 02:16 AM

Password Syncronization

Hi All,

The question i have is basically on AIX but since i did not get any replies on the aix forums i am posting it here...i guess it can be applied to HP as well..

I have a production aix machine (lest call it A). We have now purchased a machine simillar to A (machine B) we plan to use this as a DR machine.

In order to do that B should be a clone of A. This is do-able as far as the non root filesystems are concerned.

My questions is :

How do i synchronise the userids and passowrds on both the machines? I want that User1 should be able to login to both machines using the same password. I dont think that getting just the /etc/password files over onto machine B is enough.

Please advice.
0 Kudos
Reply
8 REPLIES 8
Steven E. Protter
Exalted Contributor

‎06-21-2005 02:18 AM

‎06-21-2005 02:18 AM

Re: Password Syncronization

No, /etc/passwd alone won't do the job on HP-UX, though /etc/passwd /etc/group /etc/shadow will do the job on Linux, so long as you exclude the system accounts from this move.

You might do better by setting up A as an ldap server and having B synch an cache the ldap database from A.

SEP
Steven E Protter
Owner of ISN Corporation
http://isnamerica.com
http://hpuxconsulting.com
Sponsor: http://hpux.ws
Twitter: http://twitter.com/hpuxlinux
Founder http://newdatacloud.com
0 Kudos
Reply
Nicky_5
Regular Advisor

‎06-21-2005 02:24 AM

‎06-21-2005 02:24 AM

Re: Password Syncronization

Hi,

Thankyou for your reply,

Since the oslevel on this machine is out of support i am unable to get any softwares for it, welse i was initially planning on putting the 2 machines in a cluster.

There are planse to upgrade the OS but in the mean while we need to have this manual process where in all the non system files will be "rdist'ed" over, the databases would be synchronised by the DBA. So that leaves me with the question of synchronising the user ids and password.

I have never worked with LDAp before and would really take me a lot of time to configure A as ldap server Plus A being a production machine i dont want to play around with it without being really sure...

Please advice if sunchronising the /etc/passwd, /etc/group would be enough on an HP UX machine?
0 Kudos
Reply
DCE
Honored Contributor

‎06-21-2005 02:41 AM

‎06-21-2005 02:41 AM

Re: Password Syncronization

if the users currently have the same uid on both systems, and the groups have the same gid on both systems, it should work.

If the the AIX boxes have a nsswitch.conf file, look in it for the complete list of files in /etc that should be kept in sync between the systems. That will give you an idea of all the files that should at least be examined for consistency between systems

Dave
0 Kudos
Reply
Nicky_5
Regular Advisor

‎06-21-2005 02:45 AM

‎06-21-2005 02:45 AM

Re: Password Syncronization

Hi,

The Macine B is new and does not have anything on it yet. i was planning to copy or rdist the passwd and group files over. If i do that the uid and gids would be the same. But do u know which file should be synchronised on the 2 machnes inorder to have same passwords on both machine?

if i include the passwd and group file in the nsswitch.conf file would it automatically synchronise those files?
0 Kudos
Reply
DCE
Honored Contributor

‎06-21-2005 03:07 AM

‎06-21-2005 03:07 AM

Re: Password Syncronization

The nsswitch is used by NIS, NIS+, LDAP and DNS to tell the system where to look for the files in the list. You would have to run NIS, NIS+ or LDAP to truly sychronize the systems.

The copying of the password and groups files will work in your case just fine. The only problem you will have is that you will need to create the users on each system in order for them to have a home directory on each system.

Do you also want the home directories to be identical on each system as well?
0 Kudos
Reply
Nicky_5
Regular Advisor

‎06-21-2005 04:01 AM

‎06-21-2005 04:01 AM

Re: Password Syncronization

yes, i want both the systems to be the exact clone,
i think i can move the homes over using rdist too. wouldnt that solve the problem of creating each user?

actually machine B will not be used unelss A goes down.
Once A crashed (for whatever reasone) we will make the host name A point to B's ip so that when ppl connect using hostname A they wil get the prompt for machine B which would we exactly the same as Machine A.

let me know if you see any flaws with this plan.. being less experienced i am sure i must have overlooked somethings.
0 Kudos
Reply
DCE
Honored Contributor

‎06-21-2005 04:05 AM

‎06-21-2005 04:05 AM

Re: Password Syncronization

Yes, it would. you also need to ensure at a minimum that the following files in /etc contain the same entries on both systems

hosts
services
networks
protocols
0 Kudos
Reply
Nicky_5
Regular Advisor

‎06-21-2005 06:18 AM

‎06-21-2005 06:18 AM

Re: Password Syncronization

Hi,
thankyou for your replies, This was really helpful..
0 Kudos
Reply
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.