SEO

And another question:

I want to reorg the passwd files. For some reasons - most of them
political - I can't use NIS or ldap. So I collected all users and groups
and have them set unique UID/GIDs. The are now in a file with the
appropriate parameters. Is there anything you know of that can do the
job of creating alle the users/groups with the parameters from the file
onto distributed machines?
I started to write a script to do it but wondered if someone have
already had the prob and has anything ready. That would keep me from
inventing the same thing another time.

Patrick

Patrick wrote:
> And another question:
>
> I want to reorg the passwd files. For some reasons - most of them
> political - I can't use NIS or ldap. So I collected all users and groups
> and have them set unique UID/GIDs. The are now in a file with the
> appropriate parameters. Is there anything you know of that can do the
> job of creating alle the users/groups with the parameters from the file
> onto distributed machines?

If you mgmt won't allow you to use DCE, Kerberos, AFS, LDAP etc. just stop.

Trying to script something like this is going to create a lot more
problems for you than a balkanazied password file.

> I started to write a script to do it but wondered if someone have
> already had the prob and has anything ready. That would keep me from
> inventing the same thing another time.
>
> Patrick

"Patrick" <rhodan_nospam_5625@freakmail.de> wrote in message
news:3vdl7dF15fr56U1@uni-berlin.de...
> And another question:
>
> I want to reorg the passwd files. For some reasons - most of them
> political - I can't use NIS or ldap. So I collected all users and groups
> and have them set unique UID/GIDs. The are now in a file with the
> appropriate parameters. Is there anything you know of that can do the job
> of creating alle the users/groups with the parameters from the file onto
> distributed machines?

We're in the same situation.

> I started to write a script to do it but wondered if someone have already
> had the prob and has anything ready. That would keep me from inventing the
> same thing another time.

Probably better writing your own. Use something (scp probably, perhaps an
NFS mount)
to have your user/group information available to all machines, then a script
which creates the
accounts (perhaps from cron).
It might be easiest to create all the accounts on all the machines and lock
them on machines
where they are not required (to prevent the uids being allocated by
mistake). If you have 5.3
you can automate the password creation too, without resorting to expect.
The thing to be most careful of is ensuring the people who add the accounts
follow your
routine for adding users. This is the weak spot from our experience
(sysadmins adding ad hoc
users without thinking).

Hi
Through scripts it is very much possible , but beware that , the
password files are sensitive and anycorruption will

result in a no login. We had that experience once . you can share the
keys between servers and let there be a single server with the username
, id's and password. Later on this server has to update all the other
servers

"rcee" <4mystudies@gmail.com> wrote in message
news:1133769137.224559.64860@g49g2000cwa.googlegro ups.com...
> Hi
> Through scripts it is very much possible , but beware that , the
> password files are sensitive and anycorruption will
>
> result in a no login. We had that experience once . you can share the
> keys between servers and let there be a single server with the username
> , id's and password. Later on this server has to update all the other
> servers

The OP clearly is not talking about syncing password files directly.
On AIX the user state is just too disperse to attempt this. He has the state
in
a file and wants to distribute that, and have some process on the machines
which then creates the accounts based on this state.

How soon are you needing to do this? I've got a script I've had in
production for month which performs UID/GID conflict identification as
well as synchronization. I'm working on publishing it to OpenSource.
It works beautifully and uses SSH to perform password synchronization
across all servers (allows users to change their password anywhere and
have it propogated to the whole.)

Thanks,

Chris Young
Gun for Hire
614-804-UNIX

On Mon, 05 Dec 2005 15:50:02 -0600, Chris
<chris.young@sigmaintegrators.com> wrote:

> How soon are you needing to do this? I've got a script I've had in
> production for month which performs UID/GID conflict identification as
> well as synchronization. I'm working on publishing it to OpenSource.
> It works beautifully and uses SSH to perform password synchronization
> across all servers (allows users to change their password anywhere and
> have it propogated to the whole.)
>
> Thanks,
>
> Chris Young
> Gun for Hire
> 614-804-UNIX
>
I'm curious.

Hi Chris,

well, I've just started developing. Don't know how long this may take.
What you're describing is exactly what I need. Maybe I can help testing
or writing some lines of code. I wondered why there's still no such
thing around ...

Patrick

Chris wrote:
> How soon are you needing to do this? I've got a script I've had in
> production for month which performs UID/GID conflict identification as
> well as synchronization. I'm working on publishing it to OpenSource.
> It works beautifully and uses SSH to perform password synchronization
> across all servers (allows users to change their password anywhere and
> have it propogated to the whole.)

Patrick <rhodan_nospam_5625@freakmail.de> wrote in news:3vdl7dF15fr56U1
@uni-berlin.de:

> And another question:
>
> I want to reorg the passwd files. For some reasons - most of them
> political - I can't use NIS or ldap. So I collected all users and groups
> and have them set unique UID/GIDs. The are now in a file with the
> appropriate parameters. Is there anything you know of that can do the
> job of creating alle the users/groups with the parameters from the file
> onto distributed machines?
> I started to write a script to do it but wondered if someone have
> already had the prob and has anything ready. That would keep me from
> inventing the same thing another time.
>
> Patrick

check for the C2 files on /etc
ls -al /etc/*C2*



--
Doing AIX support was the most monty-pythonesque
activity available at the time.
Eagerly awaiting my thin chocolat mint.

Nice, I think it will be abondened by same *political* issues as NIS
and LDAP ( the lates supprised me a little bit but then hey, that's not
_my_ network )