In article alpine.LRH.2.02.1110062107400.21755@pfyva-tcf.pfhavk.pbzc.yrrqf.np.hx, John Hodrien centos@centos.org wrote:
...
A good LDAP setup with nested groups, and GSSAPI just beats NIS over the head with a stick in terms of security, and once you've got a good LDAP infrastructure you start to discover just how many tools offer some form of LDAP integration. Extending the schema to suit internal uses is also easy, and querying it from within your own apps/scripts is far from difficult.
Thanks, good perspective.
[ about to display ignorance of LDAP ... ]
So, back to my original example of automount maps (which I've long thought about implementing in LDAP but never pursued), how do you deal with the situation of needing map(s) loaded, without an active user on the system to authenticate the LDAP query with their username/password?
That is, NIS clients bind to the NIS server, and thereby have access to auto.home map or what have you, whether a user ever logs into the client system or not. Automounter is functional and has the map data.
What's the functional equivalent for LDAP automount maps?
Cheers, sr.