[CentOS] how many people still use NIS?
Don Krause
dkrause at optivus.com
Fri Oct 1 22:43:14 UTC 2010
On Oct 1, 2010, at 2:57 PM, Ray Van Dolson wrote:
> On Fri, Oct 01, 2010 at 02:47:09PM -0700, aurfalien at gmail.com wrote:
>>
>> On Oct 1, 2010, at 2:16 PM, Steve Thompson wrote:
>>
>>> On Fri, 1 Oct 2010, Craig White wrote:
>>>
>>>> As for OpenLDAP being a royal PITA, I suppose that's a matter of
>>>> perspective because I've been using it for at least 7 years now and
>>>> it
>>>> works for me without any problems whatsoever.
>>>
>>> Agreed. I have found that LDAP, in the guise of OpenLDAP, is not very
>>> difficult at all once you have done your first setup, providing, as
>>> Craig
>>> says, you take the time to understand why you're doing what you're
>>> doing
>>> and you properly plan ahead. OpenLDAP also has excellent performance
>>> and
>>> is as solid as a rock.
>>>
>>> Steve
>>
>> Whats bizarre is the NIS/LDAP gateway that padl.com sells starting at
>> $1500.
>>
>> I said screw it and just migrated over to OpenLDAP.
>>
>> Didn't think it was a PITA but then again, all IT is a PITA so non of
>> it is if you catch my drift.
>>
>> I mean if its all a PITA, then its not a PITA cuz PITA is PITA if
>> there is no PITA to compare to.
>>
>
> What bites is if you already have a large AD environment in place along
> with legacy NIS.
>
> It's obviously not efficient to maintain two separate environments with
> many of the same usernames...
>
> AD does have "Unix Extensions" to expand their schema to make it more
> friendly for use as LDAP.. but it's pretty limited really. That and,
> what if you have many legacy Unix clients that can only talk NIS
> easily?
>
> There are packages like LikeWise out there that can make this work
> fairly well -- they even have a free version.
>
> Lately I've been thinking of using something like Fedora Directory
> Server to just sync up daily from AD and provide LDAP and NIS services
> via some sort of shim to older Unix clients who can't handle LDAP.
>
> Note that Samba 3.3.x integrates pretty well with AD via winbind. If
> you can get good external uid mapping going you can even preserve UID's
> from your NIS environments.
>
> It's definitely not as fast as NIS though as far as responsiveness...
>
> Ray
Anybody use OpenDS instead of OpenLDAP? I just ask, because OpenDS is shipped as
part of a large enterprise app we use (PTC WIndchill) and it doesn't seem as bad as OpenLDAP
as far as the management tools go.
--
Don
More information about the CentOS
mailing list