How to sychronize user accounts - All time monitor
AIXThis forum is for the discussion of IBM AIX.
eserver and other IBM related questions are also on topic.
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
How to sychronize user accounts - All time monitor
Hi all,
I'm not sure if what i need is possible. I'm trying to sycronize user accounts between the live site and DR site. Unfortunately we do not use any of the well known effective apps (LDAP, Active Directory). We have about 3000 users working for the bank which are required to change passwd every 10 days. How can i make sure that user accounts will stay sychronized at any time. Cron @ every 5 min is my best option? is there a way to monitor passwd file at all time and when the command passwd is called my script will act accortingly?
I tried to use a custom passwd command that will overwrite the /bin/passwd command to suit my needs. (Dissaster!!! it didn't work)
So i'm left with a custom deamon that calls rsync all time and if there is a change it will update. (To much I/O) and i'm not sure what the side effects will be.
I know nothing about AIX, but I have a less-technical idea: can you tell the users to run a different command to change their password? Then you make that command do whatever you need it to do.
There are 5 files that contain all of the information about user accounds in AIX. You **could** copy the files to the DR system on a regular basis to keep the accounts in synch. I've done this for a couple of systems before. Keep in mind, that if this hiccups just a little bit there is potential to have a system you cannot log into so you will want to make this as bullet proof as possible.
I tried it up and it works fine when i include all the files you list.
First time i tried it i couldn't log on to the system (Just like you said!!). Offcourse i had a backup even though i was testing it on the development machine. I think i will follow this solution.
I'm thinking of some alternatives that i have no expirience with.
1. A NIS server (also known as yellow pages). Sounds like a good solution but i'm not sure about security and if it can handle so many users (3000).
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.