[CentOS] NIS or not?

[Mauricio Tavares]

On Tue, Jan 28, 2014 at 9:47 AM, Darod Zyree <darodzyree at gmail.com> wrote:
> 2014-01-28 Laurent Wandrebeck <l.wandrebeck at quelquesmots.fr>
>
>>
>> Matt Garman <matthew.garman at gmail.com> a écrit :
>>
>> > On Tue, Jan 28, 2014 at 3:02 AM, Sorin Srbu <Sorin.Srbu at orgfarm.uu.se>
>> wrote:
>> >> The only thing I'm trying to accomplish is a system which will allow me
>> to
>> >> keep user accounts and passwords in one place, with one place only to
>> >> administrate. NIS seems to be able to do that.
>> >>
>> >> Comments and insights are much appreciated!
>> >
>> > A related question: is NIS or LDAP (or something else entirely) better
>> > if the machines are not uniform in their login configuration?
>> >
>> > That is, we have an ever-growing list of special cases.  UserA can
>> > login to servers 1, 2 and 3.  UserB can log in to servers 3, 4, and 5.
>> >  Nobody except UserC can login to server 6.  UserD can login to
>> > machines 2--6.  And so on and so forth.
>> >
>> > I currently have a custom script with a substantial configuration file
>> > for checking that the actual machines are configured as per our
>> > intent.  It would be nice if there was a single tool where the
>> > configuration and management/auditing could be rolled into one.
>> >
>> > Thanks!
>> > Matt
>>
>> You'd be fine with IPA which allows you to create such rules.
>>
>> HTH,
>> Laurent.
>> _______________________________________________
>>
>
>
>
>
>
> Indeed, and IPA does this quite well.
>
> We use IPA on all servers and workstations.
>
> - Sudo information comes from IPA
>
> - Autofs information comes from IPA
>
> - Host based access control comes from IPA
>
> - Central user management/identity
>
      i read that IPA can do multimaster. How well does it do it
compared to openldap?

> It all works really good.
> _______________________________________________
> CentOS mailing list
> CentOS at centos.org
> http://lists.centos.org/mailman/listinfo/centos