2014-01-28 Laurent Wandrebeck <l.wandrebeck@xxxxxxxxxxxxxxx> > > Matt Garman <matthew.garman@xxxxxxxxx> a écrit : > > > On Tue, Jan 28, 2014 at 3:02 AM, Sorin Srbu <Sorin.Srbu@xxxxxxxxxxxxx> > wrote: > >> The only thing I'm trying to accomplish is a system which will allow me > to > >> keep user accounts and passwords in one place, with one place only to > >> administrate. NIS seems to be able to do that. > >> > >> Comments and insights are much appreciated! > > > > A related question: is NIS or LDAP (or something else entirely) better > > if the machines are not uniform in their login configuration? > > > > That is, we have an ever-growing list of special cases. UserA can > > login to servers 1, 2 and 3. UserB can log in to servers 3, 4, and 5. > > Nobody except UserC can login to server 6. UserD can login to > > machines 2--6. And so on and so forth. > > > > I currently have a custom script with a substantial configuration file > > for checking that the actual machines are configured as per our > > intent. It would be nice if there was a single tool where the > > configuration and management/auditing could be rolled into one. > > > > Thanks! > > Matt > > You'd be fine with IPA which allows you to create such rules. > > HTH, > Laurent. > _______________________________________________ > Indeed, and IPA does this quite well. We use IPA on all servers and workstations. - Sudo information comes from IPA - Autofs information comes from IPA - Host based access control comes from IPA - Central user management/identity It all works really good. _______________________________________________ CentOS mailing list CentOS@xxxxxxxxxx http://lists.centos.org/mailman/listinfo/centos