The keyboard of Marcus Watts emitted at some point in time:
>
>
> Thomas Richard Stevenson writes:
>
> > There must be some reason why the different DCE vendors didn't take
> > the NIS approach.
....
> The problem with the NIS approach is that the library (libc.a) has to
> know how to handle the passwd file. That means the protocol used to
> access the passwd file gets wired into every workstation, and every
> program.
That may be the way it is, but not the way it "has to be".
> If you change the protocol, then all the libc's have to be
> changed, and all the programs that use libc have to be compatible with
> whatever the new routines are.
... Or use shared objects ...
> The obvious solution is to make some sort of local machine copy of the
> passwd file.
Rubbish.
It is amazing how essentially the same problem gets solved differently
in different approaches, with both parties claiming that they found the
only way to do it. I see no fundamental difference between validating
users and resolving machine names to IP numbers. It is just that the
network people had the clear view that the solution had to work
globally if it was to be any use, and that a single "authoritative"
database was impossible.
I also do not see why the DNS approach - and most of the software -
could not be used for resolving usernames. Then any machine could
assign system account uid's to its heart's content, with few clashes.
Thomas
* email: cmaae47 @ imperial.ac.uk
