| 1 |
Morning all, |
| 2 |
We have an enterprise LDAP directory hosted on SunONE Directory Services. For |
| 3 |
various historical reasons, my Gentoo servers are not set up to get user |
| 4 |
information from this directory, but the usernames and uids are synchronized |
| 5 |
between the two environments (actually, we treat the directory as definitive and |
| 6 |
just copy values to the local files when accounts are needed, but that's not |
| 7 |
really important right now). I have just been given a mandate that people |
| 8 |
should be using the same passwords on these servers as they have in the |
| 9 |
enterprise directory. I am not in a position to move the entire environment |
| 10 |
completely over to LDAP, as there is no mechanism to limit access to these |
| 11 |
servers (these systems are restricted access and not open to the entire |
| 12 |
enterprise), and the shell, group, and home directory information is divergent |
| 13 |
from the enterprise and cannot be converted on short notice. |
| 14 |
|
| 15 |
I know that there is an NIS emulation mode for ldap, but is there a more elegant |
| 16 |
way to have a local password file, where logins are checked first against the |
| 17 |
directory, and if there is no ldap entry for the user, falling back to the local |
| 18 |
files? |
| 19 |
|
| 20 |
Thanks, |
| 21 |
Andy |
| 22 |
|
| 23 |
-- |
| 24 |
Andrew Fant | The lion and the calf shall lie | Disclaimer: |
| 25 |
andrew.fant@×××××.edu | down together, but the calf won't | Do you REALLY |
| 26 |
TCCS/USG | get much sleep. | think I can |
| 27 |
Tufts University | W. Allen | speak for Tufts? |
| 28 |
-- |
| 29 |
gentoo-server@g.o mailing list |
Archives