About User and Group Accounts

To implement system authentication, Oracle Linux uses two types of accounts: user and group. Together, these accounts store information about passwords, home directories for users, login shells, group memberships, and so on. The information is used to ensure that only authorized entities are granted access to the system. Users without credentials, or whose credentials don't match the information in these accounts, are locked out of the system.

By default, user and group information is stored locally in the system. However, in an enterprise environment that might have hundreds of servers and thousands of users, user and group account information is better stored in a central repository rather than in files on individual servers. User and group information is configured on a central server and then retrieved through services such as the Lightweight Directory Access Protocol (LDAP) or the Network Information Service (NIS). Central management of this information is more efficient than storing and configuring user and group information locally.