Cory Albrecht wrote:
Marc Balmer wrote:
Cory Albrecht wrote:
I'm trying to get my OpenBSD firewall to authenticate normal user
accounts off of an LDAP server running on a different machine.
On a side note, you are aware that you must create the accounts
locally as well for things to work properly? It is not enough
to have the accounts in LDAP only.
So, you're saying that if I had an organization with 100 OpenBSD
desktops (and associated typical file /print/etc servers), that I would
have to create every new login on *each* of those 100 desktops in
addition adding it to the LDAP server every time we got a new employee?
Or would have to remove an account from each individual workstation each
time somebody left?
when you use LDAP, yes this is the only option at the moment. software
exists (non-free) we automates this, but this is a hack, to say the
least ;)
Then what's the point of having a centralized login administration
system? Useless and unnecessary extra work for a sysadmin, IMHO. That
wouldn't exactly be a pro-adoption point.
Does using NIS on OpenBSD also have such a limitation?
no.
