Userify Shim: How It Works

  • Home
  • Docs
  • Userify Shim: How It Works

Userify Shim: How It Works

Shim Internals

The Userify Shim (external:github.com) calls the existing Linux utilities, such as adduser and sudo, and so does not make any changes to your core operating system, PAM, or NSS. It's designed to never break or interfere with other system management tools.

Your server nodes periodically contact the Userify server (for example, Userify Cloud, your Userify Express server, or your Userify Enterprise cluster). This poll period is partly randomized but can be adjusted from 5 seconds up to approximately five minutes (it's preset to approximately 90 seconds in Userify Cloud.)

During each poll period, your servers request their latest user lists and public keys from Userify, and then create their local user accounts using standard Linux tools like useradd.

Unlike a directory-backed service, this design is extremely reliable, because locally managed and created user accounts are still accessible even if your Userify server is offline or inaccessible. Even if the connection fails or even if the shim were to completely die, your locally created user accounts are always accessible. The shim itself is similarly designed to be reliable and avoid memory leaks by restarting itself each poll cycle.

Get More Information

Please fill out the form below to receive more information. If you are inquiring about purchasing Userify, please be sure to include your company name, number of servers and users, and the Userify edition that you are interested in.