Yes, you can use slappasswd+slapadd, some of the padl migration scripts would be a good reference. * Blake -----Original Message----- From: Darrell McGuire [mailto:dmcguire@pegasys.cc] Sent: Wednesday, July 11, 2001 8:26 AM To: pam-list@redhat.com Subject: Re: Syncronized password management ... Blake- How do you handle the addition of large user batches under LDAP? Currently I use "newusers" to add users when I need to create a few hundred at once. Is there a way to do this still when you switch to LDAP? -Darrell McGuire Blake Barnett wrote: > The reason you state for not wanting to use existing centralization schemes > is network dependancies. While this is certainly a valid concern, most > systems have addressed this by at least providing replication for the > service, so that servers can be placed at strategic points in your network > and provide a robust fallback mechanism. While I believe NIS does this I > would recommend using LDAP as both your authentication and information > source. (via pam-ldap & pam-nss). The replication is done very well in > LDAP and the referral system works well for falling back to other servers. > > If your WHOLE network goes down or you can't reach ANY of your replicas > you've got far more serious problems than just being able to login to your > boxes. You should always have root and a couple administrative logins which > ALWAYS reside in /etc/shadow for these situations anyway. > > As you said, it is a daunting task, and one which isn't really warranted > given the resources already available. > > Blake Barnett > Sr. Unix Administrator > DevelopOnline > > -----Original Message----- > From: Lars Segerlund [mailto:lars.segerlund@comsys.se] > Sent: Tuesday, July 10, 2001 4:10 AM > To: pam-list@redhat.com > Subject: Syncronized password management ... > > Hi, > > I am about to start to hacka a pam module for uninfied password > management, which will handle users from a central server but update > local passwd and group files. Basicly I want to centralize user > management whitout building network dependency for the system. ( like > nis if it fails it fails ... ) > > I will also handle password updates on a client 8 propagation ) , > however before I set out on this daunting task, does anybody know of a > module which will give me this functionality ? > > Now I build central user databases, which I upload and then locally > mangle passwd and group ! this is done by secure remote login, but I > don't think this system safe enough. > > Any tips from anyone ? or usefull pam modules to spy on ? I have > checked out pam-ldap and pam-pwdfile and some other. > > / best regards, Lars Segerlund. > > _______________________________________________ > > Pam-list@redhat.com > https://listman.redhat.com/mailman/listinfo/pam-list > > _______________________________________________ > > Pam-list@redhat.com > https://listman.redhat.com/mailman/listinfo/pam-list _______________________________________________ Pam-list@redhat.com https://listman.redhat.com/mailman/listinfo/pam-list
