Stephen Booth wrote:
[EMAIL PROTECTED] wrote on 27/09/2006 08:57:25:
2. There is no /etc/passwd and /etc/shadow files on the individual
hosts
anymore or they are not of any importance. All the passwords are
stored only in the Directory server.
Those files are still there and can still be used. As well as your LDAP
users (i.e. those whose details are held in the LDAP directory) you'll
have local users whose details are stored in the local files. You can
specify what order they are checked in using the nsswitch.conf file, you
always want the /etc/passwd file to be used in case the machine cannot get
a connection to the LDAP server. Generally if a user has an entry in the
LDAP directory then you wouldn't want them to be in the /etc/passwd file
and visa versa. Obviously the root user has to be /etc/passwd file as
you're likely to need that before the network comes up or if you lose
connection to the LDAP server (e.g. network outage, LDAP is down,
migrating subnets &c).
Stephen
To reduce the risk of being unable to connect to the LDAP server, setup
2 (or more) servers and configure replication, this is *really* simple
with SunONE DS (point-and-click easy).
--jason
