On Tue, 14 Feb 2006 [EMAIL PROTECTED] wrote: > Andrew D. Fant wrote: > > The talk of NIS servers has raised a question I had been meaning to > > ask. Does anyone know about a NIS/LDAP gateway? Our cluster's > > compute nodes are all on a private network that is isolated from the > > primary network here. Currently, we manage passwords and accounts > > by just copying the password, group, and shadow files from the user > > node to the compute nodes on a regular basis. NIS was not used out > > of somewhat misplaced fears about it's insecurity. We are under a > > mandate now to start using the enterprise LDAP directory for > > authorization and authentication on the cluster. I really don't > > want to have to set up a full-fledged LDAP environment on the head > > node, or change my address space and start routing packets between > > the cluster and the outside world. I've heard rumors that there are > > daemons out there that can connect to LDAP on one side and that act > > like ypserv on the other side and translate and route getpwent() and > > related requests between the two worlds. Has anyone actually seen > > and/or used this beastie? Alternately, has anyone ever set up an > > LDAP proxy for use inside a cluster? The only packet routing we > > have between the outside world and the cluster is currently daemon > > based on the management node, and I dread adding packet forwarding > > to the iptables configuration on the head nodes and becoming a > > perceived competitor to our networking group. I seem to be lagging sadly behind with this email list... The standard tool for this (unless you have Solaris with nis2ldap built-in) is a commercial product from PADL, http://www.padl.com/Products/NISLDAPGateway.html There's an evalutation download. -Bjørn -- Bjørn Tore Sund Phone: (+47) 555-84894 Stupidity is like a System administrator Fax: (+47) 555-89672 fractal; universal and Math. Department Mobile: (+47) 918 68075 infinitely repetitive. University of Bergen VIP: 81724 Support: http://bs.uib.no Contact: [EMAIL PROTECTED] Direct: [EMAIL PROTECTED] _______________________________________________ Beowulf mailing list, Beowulf@beowulf.org To change your subscription (digest mode or unsubscribe) visit http://www.beowulf.org/mailman/listinfo/beowulf
