James, Are you talking about system administrator accounts, or user accounts? As Thomas said, using LDAP, with or without Kerberos, etc., would be a good idea, but _not_ for those accounts that need to be able to login to fix problems with those kinds of tools. You won't be happy if LDAP isn't working, and you can't login to fix it, because both your account and the root account need LDAP to be available.
Keeping things consistent across images for those so-called "local" accounts isn't particularly easy, when done manually, but I'm not aware of any good, free, tools to do that. What I've done, when creating new images, is copy the parts of /etc/passwd and /etc/shadow that have UIDs for real people to the new system, append it to the production copies, and then run a script that copies their existing home directories from a "source" system, and then does a "chown -R " on it. Mark Post -----Original Message----- From: Linux on 390 Port [mailto:[EMAIL PROTECTED] On Behalf Of James Melin Sent: Wednesday, April 21, 2004 9:24 AM To: [EMAIL PROTECTED] Subject: /etc/passwd and /etc/shadow - synchronized on multiple images What is the best method to duplicate the user list, GID/UID assignments for users on multiple Linux guests and keep them consistent? ---------------------------------------------------------------------- For LINUX-390 subscribe / signoff / archive access instructions, send email to [EMAIL PROTECTED] with the message: INFO LINUX-390 or visit http://www.marist.edu/htbin/wlvindex?LINUX-390 ---------------------------------------------------------------------- For LINUX-390 subscribe / signoff / archive access instructions, send email to [EMAIL PROTECTED] with the message: INFO LINUX-390 or visit http://www.marist.edu/htbin/wlvindex?LINUX-390
