Is there a standard way to manage user accounts on a Linux cluster?

With a Linux cluster is there a central way to unify user accounts where there is a central machine handling account credentials. But also function in a way where if I take one out of the cluster, I can login with the last known credentials without having to connect to the node handling credentials. So the central point just serves to update users & credentials, but not a required point to always phone home to.

Sounds like you could benefit from a SSH CA.

There are oh-so-many. The oldest and most standard one is kerberos+ldap, which is compatible with Windows AD (since that’s what Microsoft adopted).

That’s a client-side configuration option. The easiest is to just enable the nscd service. The more advanced option is configuring SSSD:

Does NSCD just update user details or can it also create a user if not present. So if I add ‘bob’ to LDAP and the current machine I’m on doesn’t have ‘bob’, if I try to login as ‘bob’, will it create the home folder, etc?

I am also looking for this answer. If anyone know kindly help me to the standard way.

SSSD also lets you use cloud-hosted LDAP services. E.g. if you are using Google Workspace to manage user accounts, you can authenticate SSH sign-ins using their LDAP service (4. Connect LDAP clients to the Secure LDAP service - Google Workspace Admin Help) - then all the user management can be delegated to admin users on the Workspace Admin console or using their Directory API.

Thanks for sharing your ideas about standard way to manage user accounts on a Linux cluster.