I'd very much like to hear how other mixed AFS/NFS sites
handle uniform login.
We have a few hundred workstations and several servers -
most vendors are represented. Each machine has its own
password file containing a (usually) small number of
accounts. No two password files are the same; it is an
administrative nightmare and machine utilisation is
very poor.
Today, we have just a handful of AFS clients; most
workstations are hooked-up to the servers with NFS.
This balance will change, but we'll always have NFS
with us. More particularly, I expect we'll always have
a few NFS-only clients.
Other relevant pieces of information:
- I am not allowed to use NIS.
- I use AFS login on AFS clients.
- I keep AFS id's the same as UNIX uid's.
In summary:
- I'd like to maintain a central password file.
- It must be served securely (i.e. no uid/gid spoofing).
- Individual users must be able to do the normal 'passwd'
command (but no cleartext passwords on the wire).
- Ideally the service would be replicated.
Apologies in advance if I've missed something really
obvious.
Regards,
Lawrence Albinson
KSEPL, Shell Research
Rijswijk
Netherlands
tel: (31) 70 311 3120
e-mail: [EMAIL PROTECTED]
