Re: best way to remotely manage user credentials

[Adam McGreggor <lists@amyl.org.uk>]

On Tue, May 13, 2008 at 02:51:54PM +0200, Wojciech Ziniewicz wrote:
> 2008/5/13 Thomas Goirand <thomas@goirand.fr>:
> >  There's more easy way than writing it with a bash script. Use NSSMySQL
> >  and write a small php/python/ruby/perl/whatever-you-like web application
> >  for your users to change the password stored in MySQL. The other
> >  advantage is that it's going to be damned easy to reuse this with
> >  network, and to do backups. You can encrypt the MySQL connection if you
> >  wish to prevent sniffing.
> 
> I tried nss-mysql with no success.
> 
> i have to store and use information that is exactly the same as normal
> ordinary pam . what did not work with nss-mysql was su and passwd
> (users HAVE to use passwd on those systems )
> 
> probably i will write something like master server with mysql database
> that will be bash-style replicated on other servers.

Is https://secure.mysociety.org/cvstrac/rlog?f=mysociety/bin/usersync
any use?