[Discuss] Moving servers from NIS to LDAP

Jerry Feldman gaf at blu.org
Tue Jul 10 14:53:11 EDT 2012


Our company's servers are moving from the Boston facility to IBM's
facilities, and we will have to replace NIS with LDAP. We don't get to
vote, NIS will be replaced.
Our Boston servers maintain their own NIS and are independent of
corporate NIS. but all users have a corresponding corporate linux login.

While some user names will change and the user ids also, one question if
user access restrictions. If we are going to share LDAP with corporate I
need to set up a way that only members of the Boston team can access the
Boston servers.
I don't know LDAP that well so I am looking for an LDAP solution that
will permit certain users to use certain systems.
Here are some of the methods I am aware of;
1. Use access.conf. This way I can control access on the Boston servers
and virtual machines. This may be the easiest way, and I already have a
way to push files up to all the servers.
2. Use NIS Compat that uses the local password file to allow the network
users.
3. There are several LDAP methods, but I don't know LDAP. Using LDAP
would be better because it could be used for other servers, such as
Development. What I'm looking for is what some of you who are more
familiar with LDAP have used and what might be effective.

-- 
Jerry Feldman <gaf at blu.org>
Boston Linux and Unix
PGP key id:3BC1EB90 
PGP Key fingerprint: 49E2 C52A FC5A A31F 8D66  C0AF 7CEA 30FC 3BC1 EB90




More information about the Discuss mailing list