On Wed, Mar 19, 2003 at 02:54:47PM +1200, Nick Rout wrote:
> the NZLUG list last week basically concurred that NIS is evil and that
> LDAP is the answer. Don't ask me why, I just wanted you to know that
> there are some challenges still to go.
Log into any NIS machine as a non-priviledged user, and run 'ypcat passwd'
You cannot get passwords out of LDAP, since authentication is done by
binding, not searching and comparing. (therefore, you can explicitly set the
userPassword attribute to writeonly by user, and read/write by ldap manager)
(there's more to it than that, but that's the main drawcard of LDAP vs. NIS)
Mike.
--
Mike Beattie <[EMAIL PROTECTED]> ZL4TXK, IRLP Node 6184
"Sometimes I think that the surest sign that intellegent life exists
elsewhere in the universe is that none of it has tried to contact us."
