We have active directory on our internal network, but for obvious reasons I don't allow that from our DMZ which is mostly linux servers. Today i'm only using local users on all servers, but it's getting to the point where it's starting to get annoying when I change my passwords etc. What's the best tradeoff of useability and security here? Do you use a different directory service for DMZ? I'm mostly a windows admin but having an increasing amount of linux servers so I might start taking a look at this.
[link][4 comments]