Originally posted here by catch
Ok, I'll mark this one up as "it can be done (maybe, the pushed installs is still iffy as is administrator accountability over all these accounts) in theory" unfortunately I could never sell such an answer to operations.

This makes Linux 0 for 2.
What, you can't sell a house of cards built on a foundation of assumption? C'mon, where is the risk.... better yet, where is the risk management. I wouldn't feel too assertive either about placing that in a proposal.

Let's see what I can bring to the party. Your network authentication and management here rides on the probity of the master server/system NIS is on, and its slave. Well, that pestiferous trusted path just keeps riding your ass doesn't it linux? God forbid you give away the super special user credentials to a spoof login. Then you're gonna learn real quick how fast your domain, users, users passwords and master password can be tweaked by a seventeen year old. I don't think I need to remind you, but NIS has been the favorite starting point for many successful penetrations in UNIX alone. God forbid any design flaws in the code of NIS implementations.

I know you were asking about what it could handle, but I just thought I'd throw that in.