[CentOS] NIS or not?

Darod Zyree darodzyree at gmail.com
Tue Jan 28 14:47:04 UTC 2014


2014-01-28 Laurent Wandrebeck <l.wandrebeck at quelquesmots.fr>

>
> Matt Garman <matthew.garman at gmail.com> a écrit :
>
> > On Tue, Jan 28, 2014 at 3:02 AM, Sorin Srbu <Sorin.Srbu at orgfarm.uu.se>
> wrote:
> >> The only thing I'm trying to accomplish is a system which will allow me
> to
> >> keep user accounts and passwords in one place, with one place only to
> >> administrate. NIS seems to be able to do that.
> >>
> >> Comments and insights are much appreciated!
> >
> > A related question: is NIS or LDAP (or something else entirely) better
> > if the machines are not uniform in their login configuration?
> >
> > That is, we have an ever-growing list of special cases.  UserA can
> > login to servers 1, 2 and 3.  UserB can log in to servers 3, 4, and 5.
> >  Nobody except UserC can login to server 6.  UserD can login to
> > machines 2--6.  And so on and so forth.
> >
> > I currently have a custom script with a substantial configuration file
> > for checking that the actual machines are configured as per our
> > intent.  It would be nice if there was a single tool where the
> > configuration and management/auditing could be rolled into one.
> >
> > Thanks!
> > Matt
>
> You'd be fine with IPA which allows you to create such rules.
>
> HTH,
> Laurent.
> _______________________________________________
>





Indeed, and IPA does this quite well.

We use IPA on all servers and workstations.

- Sudo information comes from IPA

- Autofs information comes from IPA

- Host based access control comes from IPA

- Central user management/identity

It all works really good.



More information about the CentOS mailing list