1 |
Morning all, |
2 |
We have an enterprise LDAP directory hosted on SunONE Directory Services. For |
3 |
various historical reasons, my Gentoo servers are not set up to get user |
4 |
information from this directory, but the usernames and uids are synchronized |
5 |
between the two environments (actually, we treat the directory as definitive and |
6 |
just copy values to the local files when accounts are needed, but that's not |
7 |
really important right now). I have just been given a mandate that people |
8 |
should be using the same passwords on these servers as they have in the |
9 |
enterprise directory. I am not in a position to move the entire environment |
10 |
completely over to LDAP, as there is no mechanism to limit access to these |
11 |
servers (these systems are restricted access and not open to the entire |
12 |
enterprise), and the shell, group, and home directory information is divergent |
13 |
from the enterprise and cannot be converted on short notice. |
14 |
|
15 |
I know that there is an NIS emulation mode for ldap, but is there a more elegant |
16 |
way to have a local password file, where logins are checked first against the |
17 |
directory, and if there is no ldap entry for the user, falling back to the local |
18 |
files? |
19 |
|
20 |
Thanks, |
21 |
Andy |
22 |
|
23 |
-- |
24 |
Andrew Fant | The lion and the calf shall lie | Disclaimer: |
25 |
andrew.fant@×××××.edu | down together, but the calf won't | Do you REALLY |
26 |
TCCS/USG | get much sleep. | think I can |
27 |
Tufts University | W. Allen | speak for Tufts? |
28 |
-- |
29 |
gentoo-server@g.o mailing list |