On 11 April 2017 at 02:36, Raymond Wan <rwan.w...@gmail.com> wrote: > > For SLURM to work, I understand from web pages such as > https://slurm.schedmd.com/accounting.html that UIDs need to be shared > across nodes. Based on this web page, it seems sharing /etc/passwd > between nodes appears sufficient. The word LDAP is mentioned at the > end of the paragraph as an alternative. > > I guess what I would like to know is whether it is acceptable to > completely avoid LDAP and use the approach mentioned there? The > reason I'm asking is that I seem to be having a very nasty time > setting up LDAP. It doesn't seem as "easy" as I thought it would be > [perhaps it was my fault for thinking it would be easy...]. > > If I can set up a small cluster without LDAP, that would be great. > But beyond this web page, I am wondering if there are suggestions for > "best practices". For example, in practice, do most administrators > use LDAP? If so and if it'll pay off in the end, then I can consider > continuing with setting it up... >
We have had success with a FreeIPA installation to manage auth - every node is enrolled in a domain and each node runs SSSD (the FreeIPA client). Our auth actually backs onto an Active Directory domain - I don't even have to manage the users. Which, to be honest, is quite a relief. cheers L. ------ The most dangerous phrase in the language is, "We've always done it this way." - Grace Hopper