[CentOS] Practical experience with NTLM/Windows Integrated Authentication [Apache]

Wed Feb 18 01:06:42 UTC 2009
Ross Walker <rswwalker at gmail.com>

On Feb 17, 2009, at 7:50 PM, Christopher Chan <christopher.chan at bradbury.edu.hk 
 > wrote:

>
>> If you have a lot of hosts that need access to winbind mapped
>> UIDs/GIDs instead of setting up winbind everywhere and having a
>> administrative headache if the RID mapping gets messed up on one  
>> host,
>> setup a winbind to NIS server that puts the mappings into NIS maps  
>> and
>> propagate the information that way. Only real difference on the other
>> hosts is to switch 'winbind' to 'nis' in nsswitch.conf.
>>
> What's wrong with winbind on a ldap backend? I have winbind installed
> everywhere...all pointing to a single ldap instance.

Well yeah you can use ldap too to keep the rid mappings centralized. I  
just think configuring ldap, putting schema together and configuring  
samba everywhere is more work then nis, but to each their own.

-Ross