This really sounds to me like a problem with one server not trusting the other for administrative tasks. Have you considered running one script as a service, accepting input from the other? For example, have the NAS_SERVER script running at all times accepting input from the MAIN_SERVER on a socket. The NAS_SERVER script takes the variables input and creates the directory structures while the MAIN_SERVER script continues on its own and creates the user accounts.

There are different things you can use to address security, from using SSL and restricting connections to only coming from the MAIN_SERVER and having some special key value sent along also to actually using some form of public key authentication. I only mention it to make sure you think of it before someone starts creating random file structures on your NAS_SERVER.