Identity Crisis
Having done it for the last 18 years off and on, I can speak with a certain gravitas and authority when I say user provisioning sucks. I'm not belittling it; identity and access management is the foundation for every good network. They are critical for ensuring proper security and controls. Sadly, they're just not all that fun to keep up with all the time. The distributed nature of UNIX and Linux can add real headaches with trying to present a consistent login experience for users and to manage.
That's where Enterprise Directories really can be helpful. These databases can help off-load the adminstrivia that comes with system management and ensure security is enforced where you need it. Directories come in all sizes and flavours. At their most "basic" levels, RHEL can outsource it's security to an LDAP server. Be aware there are some differences between RHEL versions to do this, but here are a few good articles to get you started:
How do I configure Red Hat Enterprise Linux 6 machine as an LDAP Client?
For using LDAP, what of SSSD/nscd/nslcd/sudo should I use for authentication on RHEL6?
"LDAP" can be a lot of things, it could be an openLDAP server, it could be a 3rd party vendor's product, or it could be Active Directory. For those of you that have AD in your environment (ha. a joke, I know) there are some further enhancements and hooks that can be setup:
Introductory concepts when integrating Red Hat Enterprise Linux with Active Directory
How do I authenticate RHEL to Active Directory using sssd?
For RHEL we've got a complete guide to Identity Management that you might find helpful:
Red Hat Enterprise Linux Identity Management Guide
Now for an all Red Hat solution, we have a GREAT Directory Server product that lots of folks use. Details about it can be found here:
https://access.redhat.com/site/documentation/Red_Hat_Directory_Server/
So hopefully some of this data can make your data a little less sucky, and take some of the burden of user management off of your shoulders. Let us know if you're using an Enterprise Directory and if you have any helpful suggestions here for the Community that could help someone else make their lives easier!