Morning all,
We have an enterprise LDAP directory hosted on SunONE Directory Services. For
various historical reasons, my Gentoo servers are not set up to get user
information from this directory, but the usernames and uids are synchronized
between the two environments (actually, we treat the directory as definitive and
just copy values to the local files when accounts are needed, but that's not
really important right now). I have just been given a mandate that people
should be using the same passwords on these servers as they have in the
enterprise directory. I am not in a position to move the entire environment
completely over to LDAP, as there is no mechanism to limit access to these
servers (these systems are restricted access and not open to the entire
enterprise), and the shell, group, and home directory information is divergent
from the enterprise and cannot be converted on short notice.
I know that there is an NIS emulation mode for ldap, but is there a more elegant
way to have a local password file, where logins are checked first against the
directory, and if there is no ldap entry for the user, falling back to the local
files?
Thanks,
Andy
--
Andrew Fant | The lion and the calf shall lie | Disclaimer:
[EMAIL PROTECTED] | down together, but the calf won't | Do you REALLY
TCCS/USG | get much sleep. | think I can
Tufts University | W. Allen | speak for Tufts?
--
[email protected] mailing list
