Re: Account / user management
From: Jeremiah DeWitt Weiner (jdw_at_panix.com)
Date: 02/28/05
- Next message: Baho Utot: "Re: DHCP server and client on same mashine"
- Previous message: Damjan: "Re: Has anyone had experience with Slackware 10.x on AMD64?"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Date: Mon, 28 Feb 2005 21:47:38 +0000 (UTC)
Karosei <g.m.rijsdijk@gmail.com> wrote:
> I'm looking for some tips and hints regaring central user/account
> management software for multiple linux servers. I assume it should be
> based on the open-LDAP standard. I hear people talk about idirectory
> from novell ??
I just recently set up an OpenLDAP system for a cluster of Linux
hosts, so I have some familiarity with this. OpenLDAP is free as in
speech and free as in beer. Unless there's some compelling reason to go
with something non-free, why do it?
The May 2004 issue of Sys Admin magazine had some good articles on
LDAP, so you might want to get your hands on a copy if you can. One of
the articles is available online:
http://www.samag.com/documents/s=9142/sam0405a/0405a.htm
My high-level recommendations, just off the top of my head, are:
-Set up at least two servers with replication
-Make sure that every client is actually talking to every server
-Make sure you can get into every host even if LDAP is down
-Use local accounts for things like apache, oracle, etc. so they don't
break if LDAP falls down
-Agree on what UID and GID range that LDAP will use and what range local
accounts will use so you don't have conflicts
-Use autohome; otherwise, much of LDAP's benefits are wasted
JDW
- Next message: Baho Utot: "Re: DHCP server and client on same mashine"
- Previous message: Damjan: "Re: Has anyone had experience with Slackware 10.x on AMD64?"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Relevant Pages
|
