-----BEGIN PGP SIGNED MESSAGE-----
On 10/30/2010 04:13 AM, Niki Kovacs wrote:
> 2) All the user data are stored centrally on the server, preferably with
> quotas (for example max. 1 GB per user).
Others have commented on your other points, but I'm going to add my two
cents to this one. This will be the trickiest portion to implement
(nearly all of your other needs are built-in to FreeIPA). However,
centrally-managed data requires some manual configuration.
The classic example would be to set up a centralized NFS server
providing the home directories and using automount on each client to
connect to them. There are many HOWTOs and guidelines (and your friendly
neighborhood RHCE would be able to guide you through this as well). For
added security, NFSv4 will also allow authentication via Kerberos
(provided by FreeIPA) to ensure that no one can gain access to anyone
else's NFS file-share.
IPAv2 will have support for centrally-managing autofs settings, but IPA
v1.2 currently does not (you can do it manually with direct LDAP tools,
but it might be just as easy to do with puppet-managed config files)
Having a built-in mechanism for setting up NFSv4 mounted home
directories (along with appropriate kerberos credentials) would be a
definite advantage for FreeIPA, so I'm going to make a recommendation
that we consider that for inclusion in the next version of FreeIPA (be
it 2.1 or 3.0). It's too late for feature creep in 2.0, though.
Delivering value year after year.
Red Hat ranks #1 in value among software vendors.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.10 (GNU/Linux)
Comment: Using GnuPG with Fedora - http://enigmail.mozdev.org/
-----END PGP SIGNATURE-----
Freeipa-users mailing list