On Thu, Jan 28, 2010 at 11:21:06AM -0700, Michael Torrie wrote: > > NIS has been obsolete for quite a few years now. LDAP is the accepted > solution. Even for a small number of users it is not bad to set up. > phpldapadmin is a great front-end for managing it. For a large > enterprise Kerberos would be added to the mix as well.
The problem with phpldapadmin is that if you're having _really_ bad problems, you might not be able to start up a web server. LDAP works (and I use it), but I'm always frustrated at how over-engineered it is. It's way harder than it seems like it should be. One thing that can make it a bit easier for a very small site is to use the "files" database. The default BDB backends are, in my experience, very prone to problems like corruption. The "files" backend was written without an ounce of scalability in mind, but if you only have 10-20 machines and 10-20 users, it can make things a little simpler. They main reason I'm using it in my current site is that it's easier to use version control with it. But if you have a medium or large site, don't even consider the "files" backend. > The main problem with NFSv4 and SMB home directories is that you have to > use password-based or kerberos-ticket authentication in order for the > mount to be authenticated and succeed. You cannot ssh in with an RSA > key, for example, as the mount requires credentials. NFSv4 _can_ be kerberized, but this is by no means necessary. You can use it essentially the same way as NFSv3, and overall I've found it to be a smoother experience. The only gotchas are to look into the new "fsid" stuff in NFSv4 and to make sure that the idmapd domain is set up properly. -- Andrew McNabb http://www.mcnabbs.org/andrew/ PGP Fingerprint: 8A17 B57C 6879 1863 DE55 8012 AB4D 6098 8826 6868 -------------------- BYU Unix Users Group http://uug.byu.edu/ The opinions expressed in this message are the responsibility of their author. They are not endorsed by BYU, the BYU CS Department or BYU-UUG. ___________________________________________________________________ List Info (unsubscribe here): http://uug.byu.edu/mailman/listinfo/uug-list
