The Design and Implementation of a Network Account Management System
J. Archer Harris
James Madison University
Gregory Gingerich
Bell Atlantic
Abstract
In many heterogeneous UNIX networks, users require accounts with
attributes that vary by machine. This creates a complex management
job. This paper reports on a software system for creating and
maintaining network accounts.
Commercial and publicly available tools are briefly examined.
Disadvantages of commercial tools are found to be high expense,
difficulty of modification, and uncertainty of availability on
future platforms. NIS and NIS+ are found to lack sufficient
flexibility. Kerberos is determined to be an authentication system,
not a user management tool.
The Network Account Management System (NAMS) is described. It
addresses two key requirements. First, that users be able to have a
single login across machines on a network, creating the abstraction
of a ``network account.'' Second, that these accounts allow for
attributes such as home directory, expiration date, and login shell
to vary by machine.
View the full text of this paper in
ASCII (40,573 Bytes) and
POSTSCRIPT (552,899 Bytes) form.
To Become a USENIX Member, please see our
Membership Information.