On Jul 6, 2009, at 12:15 PM, "Justin Lim" <jlim at sullung.com> wrote: > I am just wondering how other people are doing their user management > for > multiple servers that not in any type of directory. > > Do anyone use any application that query each server for users or > keep a > database of users that's on each server? > > I would like to get feedback on what others use... I use active directory since I am platform agnostic. If you want directory service quick 'n dirty go with NIS+Kerberos, then you can look at LDAP as an addition or replacement for NIS later after things are working. NIS will allow anyone on the network to query it, so don't put passwords in it, just usernames, full name, uid/gid, home, shell. Create Kerberos principals for each user and for each computer and each computer/service (that supports Kerberos SSO that is). Then use pam_krb5 for authentication while adding NIS support in nsswitch. You can migrate the users to LDAP later if need be. -Ross