Centralizing Logins

[Benjamin Hudgens]

We are currently building up several servers, all of which will be
hosted here locally.  The thing is, it's going to be more than 25
servers.  Maintaining user accounts on all these bastards is going to be
hell. 

I've managed to get the pam_radius_auth module to work on solaris,
linux, and BSD.  THe problem is that this module is limited to
authentication and that's it.  Is there some method of centralized
authentication that will pass session data AND accounting data?  NIS is
no good for us because of the security issues.  I've looked at NIS+ but
it doesn't seem to be what I'm looking for?

I'm assuming someone else out there has had to do this?  Before I go
writing another PAM module, I want to see if this is going to be
easy

Any help would be great.. Thanks!

Benjamin

About Centralizing Passwords

[Benjamin Hudgens]

I asked this yesterday and got a very limited response so I wanted to
explain myself further.

Is there a client/server protocol that supports centralizing password
AND session information other than NIS.  If I'm not mistaken, NIS
requires that you STILL edit the password file and specify user dirs..
etc.  Perhaps I'm reading this wrong.. 

Regardless, what I'm really needing is some protocal that will pass
session data.  So basically I want all my client servers to 'look' at a
master server's password file to authenticate it's users.  This includes
default shell, home dir, etc..

I'm sure some of you have set up NIS successfully, so maybe you might
point me in the right direction.  If NIS does this, that would be
great.. I can use radius for the password data and NIS for the session
data.. If NIS doesn't, I'm SOL.

SOMEONE has to have done this?  Am I asking in the wrong place?

Thank you!

Benjamin