Managing users in a heterogenous distributed network...

spod

Hi all,

Just wondering if anyone had any thoughts/feedbacks on some things I've been pondering lately.

The scenario is this, a volunteer run network of machines for a college net society. A motley assortment of old donated and salvaged hardware, running a variety of os's although we seem to be standardising on openbsd for machines which regular members have access to.

Services we offer to members, webspace with cgi, php etc., shell account, mail alias @netsoc.tcd.ie which forwards to their college mail account etc.

At the minute adding new member accounts is a pain. Have to add user on all machines they have acccess to, as well as setting up relevant mx records etc. on our main server.

It's messy.

Ideally we'd like a centralised database or directory to which we add users. This directory/db will be used for authentication of users on all of our machines, will contain their basic info, details of their home directories on different machines, as well as their mail settings etc.

We've been looking at LDAP ( http://www.openldap.org ).

It seems like a nice solution. Things like being able to allow members to use Netscape or any other ldap compatible mail client to access their mail boxes etc. are nice.

Only problem is no PAM implementation for openbsd the main os we use at the minute, so we can't authenticate against ldap, and integrate all the user info into the system.

Other options include NIS, and/or messy scripts and rdist to share out password files etc.

Anyone have any suggestions on a possible solution I've missed, or any feedback of any kind really?

For now I'm going to stay looking into ldap as it seems the most promising solution, even if it could take a bit of work to get it suitably integrated with openBSD.