<div dir="ltr"><div dir="ltr">On Wed, May 22, 2019 at 12:52 PM Ulrich Windl <<a href="mailto:Ulrich.Windl@rz.uni-regensburg.de">Ulrich.Windl@rz.uni-regensburg.de</a>> wrote:<br></div><div class="gmail_quote"><blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left:1px solid rgb(204,204,204);padding-left:1ex">>>> Lennart Poettering <<a href="mailto:lennart@poettering.net" target="_blank">lennart@poettering.net</a>> schrieb am 22.05.2019 um 10:30<br>
in<br>
Nachricht <20190522083028.GA30001@gardel-login>:<br>
> On Mi, 22.05.19 10:02, Ulrich Windl (<a href="mailto:Ulrich.Windl@rz.uni%E2%80%91regensburg.de" target="_blank">Ulrich.Windl@rz.uni‑regensburg.de</a>)<br>
wrote:<br>
> <br>
>> Hi!<br>
>><br>
>> Obviously the owner of a temporary directory cannot be an LDAP user:<br>
> <br>
> system users should really not be located on LDAP:<br>
<br>
OK, but it's a challenge to keep the UIDs in sync on multiple hosts for local<br>
users.<br></blockquote><div><br></div><div>I would suggest managing service accounts either via Salt/Chef/Puppet/Ansible (all of which support creating /etc/passwd accounts) or via centrally deployed systemd-sysusers.d files (e.g. if you already have your own file distribution mechanism).</div></div><div><br></div>-- <br><div dir="ltr" class="gmail_signature"><div dir="ltr">Mantas MikulÄ—nas</div></div></div>