Topic: Distribute Accounts to 2nd SME

[Michael Scholz]

Hello All,

first of all i am very new to Linux but i want to hear your comments about the Script i wrote.
In the moment we are using a comlete Win NT/2000 network but we think about to replace the Win Servers with SME.
But i want to have one Server (lets say a Master) where i enter all the User and Account infos and distribute this infos to the 2nd SME (lets say a Slave).
Because of that i setup the following script.

--------------------------------------------------------------------------------------------

#!/bin/sh


Slave=IP_OF_SLAVE


cat /home/e-smith/accounts | grep -v 'ibay|CgiBin' > /home/e-smith/acc.master # Make a file containing all infos of accounts from Master except "ibay's" of Master

ssh root@$Slave "cat /home/e-smith/accounts | grep 'ibay|CgiBin' > /home/e-smith/acc.slave"  # Save "ibay's" of  Slave

#----------------------------------------------
# Now all necessary files will be transferred to the Slave.
#----------------------------------------------

scp /etc/passwd root@$Slave:/etc/passwd
scp /etc/passwd- root@$Slave:/etc/passwd-
scp /etc/group root@$Slave:/etc/group
scp /etc/group- root@$Slave:/etc/group-
scp /etc/gshadow root@$Slave:/etc/gshadow
scp /etc/gshadow- root@$Slave:/etc/gshadow-
scp /etc/shadow root@$Slave:/etc/shadow
scp /etc/shadow- root@$Slave:/etc/shadow-
scp /etc/smbpasswd root@$Slave:/etc/smbpasswd
scp /home/e-smith/acc.master root@$Slave:/home/e-smith/acc.master

#-----------------------------------------------
# End of Transfer
#-----------------------------------------------

ssh root@$Slave "cat /home/e-smith/acc.master > /home/e-smith/accounts"  # All entrys of acc.master will be put in to accounts of Slave
ssh root@$Slave "cat /home/e-smith/acc.slave >> /home/e-smith/accounts"  # Add the Saved "ibay" information from Slave to accounts


#----------------------------------------------
# If you want to have all User avaible in the LDAP Directory of the Slave do this
#---------------------------------------------

ssh root@$Slave /sbin/e-smith/signal-event ldap-update # LDAP Update

#---------------------------------------------
# That's it !
#---------------------------------------------

--------------------------------------------------------------------------------------------

Before you can do this you have to setup SSH Keys to connect to the Slave without being asked to enter passwords.
I used Peter's contibution to setup SSH Keys. This can be found at
http://www.ifost.org.au/~peterw/

Can somebody tell me if this is OK so far.
I tested the script and it seems that it is working.

But i still have two questions.

1. Does it make sens to use more signal-events at the Slave.
Lest say group-modify, user-modify, password-modify.
(So far it seems to work also without this.)

2. Is it possible to add something in the existing CGI scripts to execute the Script
after a password has been changed or a User has been modifyed.

I am shure that this can be done mutch better (Perl), but remember i am very new with linux.

Greetings Michael

[Nathan Fowler]

I would keep the signal events in the event that an Ibay would need to be created, or a users' home directory.  Good script, I will probably end up using it.

Nathan

[Michael Scholz]

Thanks Nathan !

Id would be nice if you could let me know your experince if you are using it.

[Richard Shebora]

If I use this script to replicate users from my SME file server to my SME mail server will it hurt any existing accounts or email in them.  Are there any adverse affects to be aware of?

Thanks,
Richard

[Michael Scholz]

Rigth now any existing accounts will be affected. The emalis will not be deleted but the existing Accounts will not be visible anymore. You have to create them again manually at the Slave.

But im working on a RPM witch contains a perl Script that will trigger any events at the Master and Slave. With this script it will be possible to create, modify and delete accounts without touching any existing account.

Just let me know if you are interesting in.

Regards
Michael