Thanks for the background info - good to know.
I guess standardisation and interoperability is another advantage of
LDAP.
But LDAP is just a directory access protocol isn't it? What service
offers the actual directory? Is it part of the X500 compliant breed now
on many platforms?
I guess my question is - what is the full Linux/Unix equivalent of
Windows 2000 Active Directory and Domain structure, and Novell's NDS?
Is there a short answer?
Liane.
>>> [EMAIL PROTECTED] 03/19/03 05:06 >>>
On Wed, Mar 19, 2003 at 02:54:47PM +1200, Nick Rout wrote:
> the NZLUG list last week basically concurred that NIS is evil and
that
> LDAP is the answer. Don't ask me why, I just wanted you to know that
> there are some challenges still to go.
Log into any NIS machine as a non-priviledged user, and run 'ypcat
passwd'
You cannot get passwords out of LDAP, since authentication is done by
binding, not searching and comparing. (therefore, you can explicitly
set the
userPassword attribute to writeonly by user, and read/write by ldap
manager)
(there's more to it than that, but that's the main drawcard of LDAP vs.
NIS)
Mike.
--
Mike Beattie <[EMAIL PROTECTED]> ZL4TXK, IRLP Node
6184
"Sometimes I think that the surest sign that intellegent life
exists
elsewhere in the universe is that none of it has tried to contact
us."
