On Sat, 2008-08-02 at 20:25 -0400, Ryan Dunn wrote: > On Sat, Aug 2, 2008 at 12:44 AM, MJT <centos at mjt1.com> wrote: > If you are running your lan as a lab to learn, I would suggest > one thing. From > what I have read, it seems you just want to have everything > work together in > a simple manor. > > Since you have windows involved, you might consider having > everything run with > samba. With samba, every system would be able to share and use > shares on > every other computer. > > You could set up a samba server as a domain controller and use > something like > pam_smb, pam_ntdom or libpam-smbpass (i've used libpam-smbpass > on other > systems, but do know if centos makes it available anywhere, it > is the only > one that I know of that allows for update of the password from > Linux) to > allow the Linux boxes to authenticate against the samba > server. > > http://www.freebooks.by.ru/view/SambaIn24h/ch16-03.htm > > In this case, you would not need to set up LDAP which I think > is a bit much > for what it sounds like you are trying to do. Because you > would be mounting > Linux to Linux using Samba, you would not need to worry about > NFS at all. > > If it were just a Linux home network, I would do NFS3 with > (probably a bad > word here) NIS. Yes, NIS is insecure, but so is NFS3. If you > use a firewall > that would block outgoing NIS packets, it should do good > enough for a home > network. > > How this simplifies everything: > > 1: Only one network file system for both windows and Linux, > not NFS for Linux, > samba for windows. > > 2: Allows Linux access to windows shares and printers. > > 3: If you are using libpam-smbpass you do not need to use a > something like > LDAP, but rather passdb backend = tdbsam . > > Your needs may be more complex than what I assumed, but I > wanted to put > forward one way to consider... > > > Thanks MJT. I kinda thought in the back of my head that I would end > up with a solution similar to what you describe (I know I'll need to > learn all about samba anyways). > > In the meantime, I still want to play around with the ldap to see what > all it can do. So the nscd is what will copy the account info to the > local drive so in the absence of the server, the laptop is still > usable? In my setup, I would want the $HOME drives to all be local, > with a folder inside that would be the network share. > > One thing that I've been somewhat confused on is how to tell the NFS > server to only use v4 or v3? Right now I've only got tcp 2049 open in > the centos firewall, so I'm assuming that it is NFSv4, but other than > that, I don't know how to tell the difference. I've look around for > this and haven't found anything. ---- I am of the opinion that nscd causes far more problems than it solves and wouldn't recommend usage. For laptop purposes, you create the same user, same uid, same home directory both as a local account and as an LDAP account so the laptop will function either connected to LAN or not...it's tacky but it will work. This is a good clean recommendation for NFS/Firewall... https://www.redhat.com/archives/fedora-list/2008-January/msg00076.html Craig