Re: Seeking advice about auth/home serving

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]



On Thu, Oct 16, 2008 at 7:22 AM, Ross Walker <rswwalker@xxxxxxxxx> wrote:
>
> Basically, in a nutshell what I was trying to get across is:
>
> 1) Keep passwords in local passwd files or Kerberos, using NIS or LDAP for
> passwords is generally not a good idea as there are too many ways these can be
> compromised. I realize one can hack Heimdal Kerberos and OpenLDAP to work
> together keeping Kerberos information in LDAP like Active Directory does, but
> it is a complex unsupported hack that is sure to break at some point if either
> side is upgraded. If that's what you want, go out and buy an Active Directory
> server and integrate it into your Linux environment.
>
> 2) Use of LDAP for most small environments is overkill. NIS for auto-mount maps
> and account information (passwords stripped), is more then adequate here, but
> as the organization grows you may find NIS harder to manage then LDAP, so at
> that time I would migrate from NIS to LDAP. Of course there may be other reasons
> to use LDAP over NIS, such as third party application support where third party
> application configuration information is distributed through LDAP. Of
> course your
> choice will be based on your requirements independant of what anybody like
> myself says.
>
> I hope that helps clarify things.
>

Indeed, and awesomely so.

Many thanks.

mhr
(no grump here :-)
_______________________________________________
CentOS mailing list
CentOS@xxxxxxxxxx
http://lists.centos.org/mailman/listinfo/centos

[Index of Archives]     [CentOS]     [CentOS Announce]     [CentOS Development]     [CentOS ARM Devel]     [CentOS Docs]     [CentOS Virtualization]     [Carrier Grade Linux]     [Linux Media]     [Asterisk]     [DCCP]     [Netdev]     [Xorg]     [Linux USB]
  Powered by Linux