Dubaisans, I think you are on the right track. You still will need local copies of /etc/passwd and /etc/shadow but they will only be used as a fall back mechanism when LDAP authentication is not available.
-----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of dubaisans dubai Sent: Wednesday, September 27, 2006 2:57 AM To: [email protected] Subject: LDAP in Unix I have 100 + unix servers primarily Linux and solaris. I am new to LDAP. I would like to use Sun ONE Directory server and centralise the user creation. Once I have LDAP based Directory server is the following true? 1. Whenever a new user has to be created I will create on the SunOne server and say it is valid only on this host(s).There is no need to create the user at the host 2. There is no /etc/passwd and /etc/shadow files on the individual hosts anymore or they are not of any importance. All the passwords are stored only in the Directory server. 3. As a later stage I would like to give RSA securID authentication to selected set of high privilege users. Is LDAP and Sun one the right direction?
