LinuxQuestions.org

LinuxQuestions.org (/questions/)
-   Linux - Server (https://www.linuxquestions.org/questions/linux-server-73/)
-   -   ldap or nis ... any pref? (https://www.linuxquestions.org/questions/linux-server-73/ldap-or-nis-any-pref-584470/)

sir-lancealot 09-13-2007 01:29 PM

ldap or nis ... any pref?
 
What else can I ask, the subject say's it.

We have 10 box's here, a VPN tunnel to our 2 racks at our ISP, and rather than ssh with key's all over, we want a single login spot. Since I have not used anything like this in the past, I figured OpenLDAP (in theory) would do it, then someone passed by saying look at NIS.

Have I mentioned I haven't done either, looked a bit, then got into the slapd.conf which became quite a bit, so figured I would consult the best group of people out there (flattery never hurt), asking for ideas, or just some feedback.

I have googled, read, etc. but a lot of the stuff on ldap is 2003, etc. so figured someone here would have some newer feedback. As always, thanks.

marozsas 09-13-2007 03:33 PM

I already try both, and there is not an easy answer (as always). both have pros and cons you need to think about.

I started with nisplus in Solaris and after a while in linux too.
The major problem I faced with nisplus is when the nisserver crash for any other reason, not related to NIS, let say, a drive failure.
Even with one or two nis-replicas the things are problematic. There are delays when one try to login or access a object which depends on NIS. The things becomes worse if the nis-replicas are rebooted. Complete lock-down !

LDAP is more robust in this aspect. Even with the master database out-of-business, the clients can access the backup databases and even changing objects/properties.
The main problem with LDAP is several services/programs does not have a ldap interface/integration. In this case, you need to handle one or more proprietary/legacy user information database.

The Single Sign On still is a Holly Graal I am looking for, specially in an heterogeneous environment (open source/proprietary platforms).


All times are GMT -5. The time now is 03:00 AM.