Fedora's SSSD project does this - local caching - but I haven't had opportunity to need it yet.
One very common strategy is to replicate the entries you need from LDAP onto the laptop - if you have sufficient management hooks into it, you can work out a bunch of different ways to do this. (I've been around several different re-implementations of snarf-the-NIS/YP/Kerberos/LDAP/passwd-data-into-files over the years - I'm happy to say that I've seen MOST of them die, by now. :) ) Laptops are a tough thing. It's pretty common for laptops to creep out of the scope of things-that-are-being-managed-tightly-by-staff .... which means you shouldn't do things like replicate directory services data onto them that isn't strictly required. You know? --e On Sun, Nov 2, 2014 at 7:33 AM, Edward Ned Harvey (lopser) <[email protected]> wrote: >> From: Elijah Wright [mailto:[email protected]] >> >> If he doesn't need Windows machines, he doesn't need AD. LDAP is >> fundamentally not very difficult to deal with, it's just slightly >> alien if you've never dealt with it "in the raw" before. > > There's only one issue with LDAP that I haven't heard an answer to - As far > as I know, the LDAP server must be up and reachable in order to work. What > do you do for users that have laptops and travel in & out of the LAN? _______________________________________________ Discuss mailing list [email protected] https://lists.lopsa.org/cgi-bin/mailman/listinfo/discuss This list provided by the League of Professional System Administrators http://lopsa.org/
