Re: About Centralizing Passwords
Benjamin Hudgens [EMAIL PROTECTED] writes: Is there a client/server protocol that supports centralizing password AND session information other than NIS. If I'm not mistaken, NIS requires that you STILL edit the password file and specify user dirs.. etc. Perhaps I'm reading this wrong.. Yes, you are reading wrong. With NIS you get full passwd,group, alias, ... entries, just like they were local. I consider safety beeing only problem in NIS. And all machines jammed totally if NIS server is down, even logging in as root (local account)... -- M. Tavasti / [EMAIL PROTECTED] / +358-40-5078254 Poista sähköpostiosoitteesta molemmat x-kirjaimet Remove x-letters from my e-mail address
Re: About Centralizing Passwords
You can configure your machines to consult local files first, then NIS by editing the file /etc/nsswitch.conf. Ernest Johanson Web Systems Administrator Fuller Theological Seminary On 8 Jun 2000, M. Tavasti wrote: Date: 08 Jun 2000 08:22:22 +0300 From: M. Tavasti [EMAIL PROTECTED] To: [EMAIL PROTECTED] Cc: debian-user@lists.debian.org Subject: Re: About Centralizing Passwords Benjamin Hudgens [EMAIL PROTECTED] writes: Is there a client/server protocol that supports centralizing password AND session information other than NIS. If I'm not mistaken, NIS requires that you STILL edit the password file and specify user dirs.. etc. Perhaps I'm reading this wrong.. Yes, you are reading wrong. With NIS you get full passwd,group, alias, ... entries, just like they were local. I consider safety beeing only problem in NIS. And all machines jammed totally if NIS server is down, even logging in as root (local account)... -- M. Tavasti / [EMAIL PROTECTED] / +358-40-5078254 Poista s?hk?postiosoitteesta molemmat x-kirjaimet Remove x-letters from my e-mail address
Re: About Centralizing Passwords
hi ya benjamin... what kind of authentification are oyu trying to do ?? - user to get shell account on the server... - a win98/NT user to get to the linux resources... - a linux user that can get to other unix/linux resources users that once authenticated can get emails /var/spool/mail problem... on the mail server issue... - you probably do NOT want (insecure) mail servers to be used the same way as normal home/file servers users that once authentifcated can get to their home dirs from any server anywhere windows users that can get to unix resources like printing to the printers or unix users that can print to printers connected to winnt NIS is useful for sharing files amongst machines... but i do NOT use NIS...i just automounters and mount the needed directories from which ever server they logged in at as far as one machine that has passwd authentification... i tend to dislike it... and rather do some work and cut and paste passwd files...( via scripts ..hopefully doing it securely ) and one day..guess i should go learn what pam does... in detail... have fun linuxing alvin On Tue, 6 Jun 2000, Benjamin Hudgens wrote: I asked this yesterday and got a very limited response so I wanted to explain myself further. Is there a client/server protocol that supports centralizing password AND session information other than NIS. If I'm not mistaken, NIS requires that you STILL edit the password file and specify user dirs.. etc. Perhaps I'm reading this wrong.. Regardless, what I'm really needing is some protocal that will pass session data. So basically I want all my client servers to 'look' at a master server's password file to authenticate it's users. This includes default shell, home dir, etc.. I'm sure some of you have set up NIS successfully, so maybe you might point me in the right direction. If NIS does this, that would be great.. I can use radius for the password data and NIS for the session data.. If NIS doesn't, I'm SOL. SOMEONE has to have done this? Am I asking in the wrong place? Thank you! Benjamin -- Unsubscribe? mail -s unsubscribe [EMAIL PROTECTED] /dev/null
About Centralizing Passwords
I asked this yesterday and got a very limited response so I wanted to explain myself further. Is there a client/server protocol that supports centralizing password AND session information other than NIS. If I'm not mistaken, NIS requires that you STILL edit the password file and specify user dirs.. etc. Perhaps I'm reading this wrong.. Regardless, what I'm really needing is some protocal that will pass session data. So basically I want all my client servers to 'look' at a master server's password file to authenticate it's users. This includes default shell, home dir, etc.. I'm sure some of you have set up NIS successfully, so maybe you might point me in the right direction. If NIS does this, that would be great.. I can use radius for the password data and NIS for the session data.. If NIS doesn't, I'm SOL. SOMEONE has to have done this? Am I asking in the wrong place? Thank you! Benjamin
Re: About Centralizing Passwords
i'm not sure if ldap will store session information but i suspect it will. check out ldap and nss (pam modules to interface to ldap servers). there are packages for both for debian. adam. On Tue, 6 Jun 2000, Benjamin Hudgens wrote: I asked this yesterday and got a very limited response so I wanted to explain myself further. Is there a client/server protocol that supports centralizing password AND session information other than NIS. If I'm not mistaken, NIS requires that you STILL edit the password file and specify user dirs.. etc. Perhaps I'm reading this wrong.. Regardless, what I'm really needing is some protocal that will pass session data. So basically I want all my client servers to 'look' at a master server's password file to authenticate it's users. This includes default shell, home dir, etc.. I'm sure some of you have set up NIS successfully, so maybe you might point me in the right direction. If NIS does this, that would be great.. I can use radius for the password data and NIS for the session data.. If NIS doesn't, I'm SOL. SOMEONE has to have done this? Am I asking in the wrong place? Thank you! Benjamin -- Unsubscribe? mail -s unsubscribe [EMAIL PROTECTED] /dev/null