[Date Prev][Date Next] [Chronological] [Thread] [Top]

best practice and account management (passwd)

To: openldap-technical@openldap.org
Subject: best practice and account management (passwd)
From: tangonights@yahoo.it
Date: Wed, 6 Oct 2010 16:23:11 +0200
User-agent: KMail/1.13.5 (Linux/2.6.34-gentoo-r1; KDE/4.4.5; i686; ; )

Hi everybody!

I'm a openldab absolute beginner so..

I started my training with user management, and was wondering if it was a good 
practice to move the whole /etc/passwd to ldap and let nsswitch jusst to 
'ldap' the passwd,group,shadow items

passwd:	ldap
group:	ldap
shadow:	ldap

I tried and I faced some obvious issues like client's boot errors etc. It 
worked but at the cost of a looong timeout..

- Is there any point in moving the whole /etc/passwd and groups, or is maybe 
better to move the root and other 'human' accounts, leaving local just the 
system users and groups?

- was it better to keep the user's home directories (including /root) locally 
on the client, or better to move them on the ldap server, letting them be net-
mounted on the client fs?

Is it theoretically (and practically :-) ) possible to use ldap and remove 
from clients all the account management related binaries (useradd etc.) and 
/etc/passwd and /etc/groups?

maybe naive questions..sorry :-)

bye,
Stefano.

Follow-Ups:
- Re: best practice and account management (passwd)
  - From: Chris Jacobs <Chris.Jacobs@apollogrp.edu>

Prev by Date: Re: High memory usage in provider server
Next by Date: Re: OpenLDAP session authentication
Index(es):
- Chronological
- Thread