What are my options for centralizing Unix user management

There's several options, but it largely depends on your goals. LDAP is a lot more "light-weight" than you think. It's name is "Lightweight Directory Access Protocol" after all. A lot of it's "bulk" comes in when you add extra stuff to it. Of course, you can use almost anything to centralize authentication when it comes to *nix flavored OSes with PAM. Even a flat-text file if you so choose. Kerberos is another option... Radius... Samba/Active Directory... the list goes on. The biggest question is... how much do you want it to do... and what do you want from it?


Take a look at PAM-MySQL or libnss-mysql. If you feel like being forgiving to LDAP, give nss_ldap a look over.


What's a simple, lightweight method for centralizing user management?

One light-weight method is to simply provision accounts with your configuration management system. For example Puppet is pretty easy to work with, and you can easily use it to create accounts. This probably wouldn't work well if you have a large number of non-technical users.

Right now, I only have 4 accounts I need to get setup on ~50 servers, setting up ldap/nis would be a big pain, particularly since some of the systems are located at remote customer locations.

Since your number of servers is growing, you should almost certainly be seriously looking at a configuration management system if you don't have one already.