Jeff Larsen wrote: > We are using the free VMware Server on CentOS 4. Almost all of our VMs > are CentOS 4 as well. We have 7 VMware hosts with about 40 total > virtual machines. It's been a very successful architecture for us. > > I'm wondering how the rest of the community is managing updates of > root (and other local account) passwords in a virtual sprawl > environment (or a physical environment with lots of hosts). > > I have read about things like expect, puttycs, centralize with kerberos, etc. > > But I'm not looking for "options" here, I want to hear actual > experiences! What has worked for you, what hasn't worked? Or do you > feel that the chance for failure is to great and the results too > catastrophic? > Puppet can control user attributes like passwords quite easily, provided you set it up right. http://www.reductivelabs.com/trac/puppet/wiki/PuppetRedHatCentos CFengine can as well but not so elegantly as puppet which implements a provider model (users, group, packages, cronjobs etc) -- Some days it's just not worth chewing through the restraints... Mark D. Foster, CISSP <mark at foster.cc> http://mark.foster.cc/