[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: How to sync UID/GID?

To: Peng Yu <pengyu.ut@gmail.com>
Subject: Re: How to sync UID/GID?
From: Hallvard Breien Furuseth <h.b.furuseth@usit.uio.no>
Date: Thu, 26 Dec 2013 15:41:01 +0100
Cc: openldap-technical@openldap.org
In-reply-to: <CABrM6wnu1MEOhLgHAcQF-cyLqDodfGgNqRdRLhyFqcNuVJj5TA@mail.gmail.com>
References: <CABrM6wnu1MEOhLgHAcQF-cyLqDodfGgNqRdRLhyFqcNuVJj5TA@mail.gmail.com>

Peng Yu writes:
> (...)
> http://serverfault.com/questions/19323/is-it-feasible-to-have-home-folder-hosted-with-nfs
> 
> I see on the above URL that OpenLDAP can be used to sync UID/GID. But
> it is not clear to how to do it. Could anybody point me some
> directions? Thanks.
> 
> "... as you have to keep the UID and GIDs in sync - use something like
> OpenLDAP ..."

Read those words in context - they're from a reply to the previous
paragraph in that URL:

If you NFS-mount file systems but keep users' UIDs/GIDs of in local files
(/etc/passwd & co), *then* you need to keep these files in sync between
the hosts.  So instead keep the UIDs/GIDs in a single place - OpenLDAP -
and set up your machines to get the users' UIDs/GIDs from there.

You can sync to a backup LDAP server with syncrepl/syncprov, but that's
another matter.

Anyway, configure pam and nss to get user/group info from LDAP.  You'll
likely want to cache LDAP results locally, but avoid the problematic
"nscd" program for that.  sssd-ldap or OpenLDAP:slapo-nssov seem to be
the stuff to look at nowadays, but I have not kept track.  There's
plenty to read about it on www.

-- 
Hallvard

References:
- How to sync UID/GID?
  - From: Peng Yu <pengyu.ut@gmail.com>

Prev by Date: Re: Oracle OpenLDAP PPolicy ppolicy and the hierarchy
Next by Date: Re: Oracle OpenLDAP PPolicy ppolicy and the hierarchy
Index(es):
- Chronological
- Thread