account management across multiple subnets

Jeff Anderson jefferya at
Tue Oct 23 16:22:08 MDT 2007

I agree. A cronjob would be the best way to do it.
Have the web frontend add the tasks to a list (could be a simple text
file, database, whatever) and securely push or pull the task list to the
server, and have the cronjob take care of business.
We currently have a setup like that at the byu computer science
department, and it works well. Occasionally, there is an error, but it
is easy to add e-mail hooks for those.

Jeff Anderson

Shane Hathaway wrote:
> Kyle Waters wrote:
>> The problem is that on the remote box they only log in via samba+ldap.  
>> Which I'm told doesn't trigger pam.  Plus I have to run smbpasswd 
>> inorder to configure the ldap account for the samba settings(I'm looking 
>> into a better way of doing this).
> Ok, how about this: have the remote servers run a fairly frequent cron
> job that downloads the latest list of all user account names and acts
> upon any additions or removals.  Download via authenticated HTTPS or ssh
> (sftp) so that people can neither snoop nor alter the download (although
> they might block it).
> If you're feeling gutsy, you can make the servers download only a delta
> rather than the complete list.  That would scale better if you have
> thousands of users, but it's more likely to introduce error.
> Shane
> /*
> PLUG:, #utah on
> Unsubscribe:
> Don't fear the penguin.
> */

More information about the PLUG mailing list