sentinel said: > > > While NIS/NIS+ is pretty decent for authentication, I've run into issues > from time to time which makes me dread that solution. Another reason I've > been persuing LDAP these last few weeks.
mostly depends on your platforms.. if your running fairly modern stuff then LDAP is pretty easy to deploy.. but if your using more obscure platforms it can be more difficult(earlier versions of AIX, HPUX, IRIX etc..). Even FreeBSD does not support NSS, so to use LDAP auth on freebsd you need to have all the accounts created locally on the system(you can use PAM to authenticate the password itself, but the rest of the info must be stored locally). Not sure about Open or NetBSD. There is a commercial NIS<->LDAP gateway which can make deployment easier though. Haven't tried it myself. if your network is entirely linux then I think LDAP is the no brainer choice over NIS/NIS+. Same goes for recent versions of solaris(7-9). I have quite a bit of info on deploying OpenLDAP for auth: http://howto.aphroland.de/HOWTO/LDAP One of the cool features is the host-based "acls", which are described in detail on my site. for my systems, the less RPC crap that is installed the better. I've been running Openldap-based authentication for about a year now without any issues. nate -- redhat-list mailing list unsubscribe mailto:[EMAIL PROTECTED]?subject=unsubscribe https://listman.redhat.com/mailman/listinfo/redhat-list
