On Wed, 8 Jun 2005, Charles Swiger wrote:
On Jun 8, 2005, at 1:53 PM, Ben Hockenhull wrote:
There's no user information on the local system at all, so every operation
that requires UID/GID information had to do an LDAP lookup to get UID/GID
data. So, for example, every piece of mail delivered means an LDAP lookup.
Ick.
You really want to leave the standard system UIDs and GIDs in place, and use
LDAP (or NIS, etc) to augment them with the additional information about
network-wide users and groups.
Is there such a thing as nscd for FreeBSD, and if so, has anyone had
experience using it? I found a lookupd utility that looks promising, but
I'm leery of implementing it in production as it seems like fairly untested
software.
lookupd has been around for close to fifteen years, and has been used with
large user/group databases (50,000+ users). More to the point, the PADL
stuff ought to play nicely with lookupd, since PADL came from the NEXTSTEP
and now MacOS X community where lookupd originated.
I am not sure that lookupd has been used or tested or shaken down as much
with FreeBSD, so the integration with PAM may not be as mature as it's usage
with the nss_ mechanism.
However, if you really want nscd, I'd imagine that you ought to be able to
hunt that down from Sun now that the source code for Solaris 10 is openly
available...?
--
-Chuck
What about caching, as he asked originally? If a laptop user "walks
away" from the network where the LDAP or NIS server is located, will it
cache auth info so the user can still get in?
_______________________________________________
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"