Re: [dev] LDAP

From: Andrew Hills <ahills_AT_ednos.net>
Date: Wed, 23 Jul 2014 15:38:49 -0400

On 7/23/14, 3:29 PM, Dimitris Papastamos wrote:
> Are these scripts somewhere publicly available? I'd like to have a
> look if possible.

No, but I'll clean them up a little later this week. They're really
nothing special; all my machines run Linux, so it's just
useradd/usermod/userdel and some fluff. Also, an hourly script that
checks getent passwd against the master for non-system accounts, and
emails me when there's a problem. I was going to try to use cfengine,
but after ten minutes of trying to find even the most basic information,
I just hacked some shell scripts together instead. You could do the same
as or better than me in half an hour. I copy SSH public keys when a new
account is created/machine is added; beyond that, users are responsible
for handling themselves. I thought about creating per-machine access
lists, but then I stopped thinking about it because I didn't need it. Sorry.


Received on Wed Jul 23 2014 - 21:38:49 CEST

This archive was generated by hypermail 2.3.0 : Wed Jul 23 2014 - 21:48:09 CEST