-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On 10/30/2010 04:13 AM, Niki Kovacs wrote:
> 2) All the user data are stored centrally on the server, preferably with > quotas (for example max. 1 GB per user). > Others have commented on your other points, but I'm going to add my two cents to this one. This will be the trickiest portion to implement (nearly all of your other needs are built-in to FreeIPA). However, centrally-managed data requires some manual configuration. The classic example would be to set up a centralized NFS server providing the home directories and using automount on each client to connect to them. There are many HOWTOs and guidelines (and your friendly neighborhood RHCE would be able to guide you through this as well). For added security, NFSv4 will also allow authentication via Kerberos (provided by FreeIPA) to ensure that no one can gain access to anyone else's NFS file-share. IPAv2 will have support for centrally-managing autofs settings, but IPA v1.2 currently does not (you can do it manually with direct LDAP tools, but it might be just as easy to do with puppet-managed config files) Having a built-in mechanism for setting up NFSv4 mounted home directories (along with appropriate kerberos credentials) would be a definite advantage for FreeIPA, so I'm going to make a recommendation that we consider that for inclusion in the next version of FreeIPA (be it 2.1 or 3.0). It's too late for feature creep in 2.0, though. - -- Stephen Gallagher RHCE 804006346421761 Delivering value year after year. Red Hat ranks #1 in value among software vendors. http://www.redhat.com/promo/vendor/ -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.10 (GNU/Linux) Comment: Using GnuPG with Fedora - http://enigmail.mozdev.org/ iEYEARECAAYFAkzOnvIACgkQeiVVYja6o6NdigCgoeb4NDNH55Np5/2Tt1zW6Qul k0YAoJjSeGZ6r64UPUE15Drr4qR521uU =cq0K -----END PGP SIGNATURE----- _______________________________________________ Freeipa-users mailing list [email protected] https://www.redhat.com/mailman/listinfo/freeipa-users
