On Sun, Apr 4, 2010 at 10:26 AM, Leon Towns-von Stauber <[email protected]> wrote: > > ... we aborted a project to extend LDAP to our production systems, > going with local files distributed via cfengine (200-300 hosts) ... > You have to do some minor contortions to manage > passwords and to have different lists of accounts on different systems, > but otherwise it's a lot simpler than LDAP and has been more reliable so > far.
Hi, Leon. I'd like to hear more about your cfengine solution, please. Are you distributing /etc/passwd, /etc/shadow and /etc/group, or have you configured PAM to use some kind of supplementary passwd, shadow and group files which are subject to distribution by cfengine? Best, Aleksey _______________________________________________ Tech mailing list [email protected] http://lopsa.org/cgi-bin/mailman/listinfo/tech This list provided by the League of Professional System Administrators http://lopsa.org/
