Is there a simpler system for a small local network? For my home lab use case, it is almost sufficient to rsync /etc/{passwd,group,hosts,…..} - I manually sync them because changes are few and far between.
I wanted to set up a central authority - i don’t care about multi master or even resilience to failure in that central authority.
But even a small setup is relatively complicated. I remember yp setup in the early ‘90s looked complicated but it is a piece of cake compared to modern systems. They provide a lot, but they don’t scale down - and it feels to me that they are complicated much more than is required for their feature list.
Take LDAP, for example - it is only “lightweight” compared to the thing it replaced. But it is ridiculously complicated for what it is. It is designed for a bandwidth-scarce, intermittent connection world; for a modern world, I’d just put it all in an SQLite database and rsync it all over the place (and use remote queries, the replicas only used for offline validation).
I would love a simpler system. Everything is pointing me back towards using a Windows server eval instance for this, which feels like a pretty heavy way to manage a bunch of alpine containers. FreeIPA, openLDAP and I think the other one I tried was Keycloak - all were more trouble to configure than they were worth. I'm shocked it never occurred to me to just rsync the passwd files, or SCP them using an update service. Would love a nicer way to manage users across a very small network without needing so much complexity as these other services.