Although I have LDAP managed users and Kerberos authentication, occasionally I need to make local system accounts on my servers.  With the deployment of Bcfg2 on RHEL 6 surely I could do this.  Well, not without some searching.

I came across this:

That turned out to be a fantastic way to examine the local accounts and create them if needed.  You’ll need a “passwd” Probe that’s not mentioned on the pastebin that does nothing more than “cat /etc/passwd”.

Looking closer, you’ll notice that its not using Red Hat style tools.  Fortunately, it was easy to port.  My version is here:

Mostly, I’ve corrected paths and some command options.  I’m also using “–non-unique” which seems strange.  However, I have over 100,000 accounts in LDAP and the LDAP servers limit queries to 500 responses.  I don’t want useradd to attempt to iterate through all the LDAP accounts.

Previous | Back | Next

comments powered by Disqus