recommend secure & efficient Unix LDAP (equiv of Windows AD)

UNIX ID Management/Administration is one of the most tedious job since we have to login interactively to each of the server when there is a request to create/delete a sysadmin (or apps support) user in the hundreds of Unix servers.

We have AIX, Sparc Solaris 10 & 11 & a few Solarix Intel & a few RHEL : almost all of them are physical ie non-VM.

Our compliance privileged user management & access tool is CyberArk (ie sysadmins have to go thru it)

A few options:

a) have a centralized tool like HPSA or Nagios which we could centrally send a "useradd" or "userdel" command
     to the servers : but this is not as good as wintel AD-like solution because accounts are still locally created
     & every 60-90 days have to login manually by the owners to change password.
     Also, in Solaris, root accounts that expire will cause root cron jobs to fail

b) years ago I heard of Sun's NIS+ solution but this can't be used with AIX & RHEL or can it?

c) solution must not have adverse impact or unwieldy to apps like Oracle DB, Oracle Financials,
    TripWire, Netbackup
Who is Participating?
sunhuxAuthor Commented:
Will NIS solution ease the issue of expired root causing root cron jobs to fail in Solaris,
such as allowing us to change root password centrally?
sunhuxAuthor Commented:
Can oracle, tripwire & Netbackup accounts be migrated from local accounts
to NIS accounts without the need to reinstall these apps?
A proven path to a career in data science

At Springboard, we know how to get you a job in data science. With Springboard’s Data Science Career Track, you’ll master data science  with a curriculum built by industry experts. You’ll work on real projects, and get 1-on-1 mentorship from a data scientist.

omarfaridConnect With a Mentor Commented:
Are you refereeing to OS accounts or application / DB accounts?

OS accounts (usernames) can be.
omarfaridConnect With a Mentor Commented:
to answer your other question, users will be managed centrally.
sunhuxAuthor Commented:
I'm referring to OS accounts (eg: oracle that could be found in /etc/passwd)

Internally, some parties prefer to use a Wintel solution;  is there any product that
runs on Wintel that could perform such UNIX LDAP for AIX, Solaris & RHEL?
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.