On Mon, Oct 24, 2005 at 10:10:31AM +0200, Marc Haber wrote:
> And where do system accounts generated by packages on installations go
> to? adduser's interaction with LDAP and NIS is abysmally bad, and
> nobody seems to care.
It is a very bad idea to add system accounts to LDAP/NIS automatically
unless you can come up a way to guarantee that those accounts do not
already exist locally on any other clients using the same LDAP/NIS
server.
If you want to include multiple OSes/distros in the same LDAP/NIS setup
then it is a very-very bad idea to add system accounts/groups to
LDAP/NIS unless you can make absolutely sure that those other
OSes/distros handle those accounts the same way as Debian. I'd really
recommend writing a detailed local account management policy before even
thinking about adding system users/groups to LDAP/NIS. It is definitely
_not_ trivial.
Gabor
--
---------------------------------------------------------
MTA SZTAKI Computer and Automation Research Institute
Hungarian Academy of Sciences
---------------------------------------------------------
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
