There is nothing out there to auto synch this info. I started working on a tool
like that once but it was just reproducing the whole domain structure without
the good benefits so I stopped.
Your issues will be
1. Syncing passwords. You will have to write a custom password filter that
watches for password change notifications and then send those changes to the
other machines.
One subissue here is... Do you set that filter up on all PCs in case the user
tries to change their password on any of them? If that is the case, how do you
dampen the change propogation? I.E. User changes password on PC1. PC1 filter
sends password to PC2-6. An agent there changes the password. Now PC2-6 password
notification filter fires... It sends the passwords to every PC that it isn't...
Never stops, you need something to dampen the propogation.
So your next option is select a master machine to do that change on... i.e. Like
an NT4 domain. Now if that machine is unavailable, no password changes. Also
there is no decent way to force users to only use one machine to change
passwords. If they know their old password they can change it.
2. Permissioning has to be done per machine per user. You can not say set up a
group for these 2 users and then use that group on multiple machines. You have
to go to PC1 and select PC1 user's 1 and 2 and put them in a group G1 on PC1.
Then you would have to duplicate that on every PC if you wanted that common
group methodology.
If you need to do this, your best bet would be to set up a "provisioning" web
site that duplicates whatever you want done to all machines. If you create a new
user it will create the same user on all machines. If someone wants to change a
password they go to the website and change it there which will send the change
to all machines.
Messy.
joe
