Thanks for the reply. We're planning for LDAP now. I have to admit I haven't worked in an LDAP environment before, but there's testing ongoing. We'll likely migrate in pieces at a time, and it will take some time (probably about two versions in Redhat time) before I can depend on it for much in terms of the kickstart trees I'm maintaining. On Tuesday 19 February 2002 05:33 pm, you wrote: > > Two chief candidates are the passwd and shadow files. Depending > > on the type of machine it is, the shadow and passwd files can > > come from different 'Prototype' directories. I'd like to get rid > > of these files altogether as far as the kickstart tree goes > > (along with the /etc/group file), but I'm wondering if this might > > cause issues with missing uid's or gid's, or, even worse, if I > > might later on mistakenly replace a user's uid with, say, a > > future service's uid. > > umm what are you putting in /etc/shadow below the say 500 or 1000 > uid/gid mark? > > My general rule that I follow is: > <500 local system only - mostly accounts needed for the OS to > function > > >500<1000 network-level general/system-use accounts NO USERS HERE > >1000 user accounts > > > > > > If anyone is managing a slightly more complex kickstart > > environment that might have some tips for me, I'd be very happy > > to hear them. > > If you want to maintain the namespace across multiple machines on > the same network look at using nis or ldap for your nss. > > -sv -- Brian K. Jones System Administrator Dept. of Computer Science, Princeton University jonesy@xxxxxxxxxxxxxxxx Voice: (609) 258-6080
