On Tue, Sep 27, 2005 at 04:21:06PM -0700, Martin, Jason H wrote: > Are you sure you want to do this with CFEngine instead of via something > like LDAP?
Not entirely sure, but I'm pretty confident. In particular, the use case where LDAP doesn't work for me is in very distributed circumstances, where there's the odd machine scattered here and there, and the times when I'll have to log into it are when it is probably a bit thin on network connectivity. In that instance, I'd have to locally replicate the LDAP tree onto the machine, which would Suck Very Hard(tm). > An editfiles block for /etc/passwd and /etc/shadow would probably work. I'd considered that, but got caught on the problems of UID/GID allocation (which I could work around with local admin blocks, it is true) and home directory creation, which I'd also have to manage in cfengine in a separate bit of hoohah. It's a definite possibility, though, and I might take another look at it to see if it really is as icky as I initially thought. Thanks for your input, - Matt _______________________________________________ Help-cfengine mailing list [email protected] http://lists.gnu.org/mailman/listinfo/help-cfengine
