[CentOS] how many people still use NIS?

Fri Oct 1 22:43:14 UTC 2010
Don Krause <dkrause at optivus.com>

On Oct 1, 2010, at 2:57 PM, Ray Van Dolson wrote:

> On Fri, Oct 01, 2010 at 02:47:09PM -0700, aurfalien at gmail.com wrote:
>> 
>> On Oct 1, 2010, at 2:16 PM, Steve Thompson wrote:
>> 
>>> On Fri, 1 Oct 2010, Craig White wrote:
>>> 
>>>> As for OpenLDAP being a royal PITA, I suppose that's a matter of
>>>> perspective because I've been using it for at least 7 years now and  
>>>> it
>>>> works for me without any problems whatsoever.
>>> 
>>> Agreed. I have found that LDAP, in the guise of OpenLDAP, is not very
>>> difficult at all once you have done your first setup, providing, as  
>>> Craig
>>> says, you take the time to understand why you're doing what you're  
>>> doing
>>> and you properly plan ahead. OpenLDAP also has excellent performance  
>>> and
>>> is as solid as a rock.
>>> 
>>> Steve
>> 
>> Whats bizarre is the NIS/LDAP gateway that padl.com sells starting at  
>> $1500.
>> 
>> I said screw it and just migrated over to OpenLDAP.
>> 
>> Didn't think it was a PITA but then again, all IT is a PITA so non of  
>> it is if you catch my drift.
>> 
>> I mean if its all a PITA, then its not a PITA cuz PITA is PITA if  
>> there is no PITA to compare to.
>> 
> 
> What bites is if you already have a large AD environment in place along
> with legacy NIS.
> 
> It's obviously not efficient to maintain two separate environments with
> many of the same usernames...
> 
> AD does have "Unix Extensions" to expand their schema to make it more
> friendly for use as LDAP.. but it's pretty limited really.  That and,
> what if you have many legacy Unix clients that can only talk NIS
> easily?
> 
> There are packages like LikeWise out there that can make this work
> fairly well -- they even have a free version.
> 
> Lately I've been thinking of using something like Fedora Directory
> Server to just sync up daily from AD and provide LDAP and NIS services
> via some sort of shim to older Unix clients who can't handle LDAP.
> 
> Note that Samba 3.3.x integrates pretty well with AD via winbind.  If
> you can get good external uid mapping going you can even preserve UID's
> from your NIS environments.
> 
> It's definitely not as fast as NIS though as far as responsiveness...
> 
> Ray


Anybody use OpenDS instead of OpenLDAP? I just ask, because OpenDS is shipped as
part of a large enterprise app we use (PTC WIndchill) and it doesn't seem as bad as OpenLDAP
as far as the management tools go.
--
Don