Hi,
What is the best ways to keep UIDs and GIDs consistent across unix and linux server. my company have a servers running on hpux, linux, aix and many of them have veritas cluster and hacmp running, many time user account have been created only on one of the cluster node and not the others causing problem when cluster failover and also there is a lot of problem with UIDs being inconsistent across the cluster node. and there can be hundred of users for every application making user account manager vey difficult.
I need some suggestion on what are ways to keep automatically sync all the user account on unix and linux server and minimize user management problem.
Typically this is done with LDAP, or nis. In either case you have a couple of servers and all of your hosts contacts one of them to obtain the data the you currently keep in /etc/passwd, /etc/shadow, and /etc group.
You are are probably using DNS rather than relying on a large /etc/hosts file. LDAP and nis are similar in concept. nis has know security problems. There is an updated version called nis+ but I have never used it. LDAP is the latest service and possibly the best choice.
the problem is the older informix server we are running does not support PAM authentication, is there any other to sync user account without using LDAP and NIS?
NIS has been around a long time. It was introduced together with NFS. Lots of boxes were running NIS long before anyone heard of pam. But originally, NIS was called "Yellow Pages".
thanks for the tips, i look into this project again when i have time, last time it was plan to have ldap login implemented but cancel due to issue with informix.