On Thu, Jan 06, 2000 at 03:29:19PM +0000, Miquel van Smoorenburg wrote: > In article <[EMAIL PROTECTED]>, > Jason Gunthorpe <[EMAIL PROTECTED]> wrote: > >I spent the entire evening today converting VA to LDAP and cleaning out > >alot of cruft. In the process I had to renumber several of CVS repository > >group IDs, I hope this doesn't effect anything but if something goes > >funny, this might be why. > > Hmm - how does this work? I'm not in /etc/passwd, I don't see any > ldap references in /etc/nsswitch.conf, it doesn't use NIS - I should > not exist. Yet every utility knows my name: > > $ id > uid=858(miquels) gid=800(Debian) groups=800(Debian)
Jason has the LDAP for us setup to rsync (via ssh) a setup of passwd.db files to each system. These files are located under /var. Using standard LDAP for NS (with libnss_ldap) means that if that ldap server dies, logins are disabled. Using userdir-ldap (the system that Jason developed) the user information is kept in an LDAP directory (for central and extendable maintainence) and is distributed via db files to each system (for disconnected use and security). -- -----------=======-=-======-=========-----------=====------------=-=------ / Ben Collins -- ...on that fantastic voyage... -- Debian GNU/Linux \ ` [EMAIL PROTECTED] -- [EMAIL PROTECTED] -- [EMAIL PROTECTED] ' `---=========------=======-------------=-=-----=-===-======-------=--=---'
