linux registry (no, not that again!)
Mark Heslep
mark at mitre.org
Fri Jul 30 23:03:36 UTC 2004
Felipe Alfaro Solana wrote:
>On Tue, 2004-07-27 at 19:24 -0400, Steve Brenneis wrote:
>
>
>>Someone will eventually have to answer the question of why this is
>>better than using LDAP, PAM, and/or kerberos. Those are all open
>>standards and well known by a large population of *nix SAs.
>>
>>
>
>I still don't see the point of either using Linux Registry or LDAP over
>plain-text configuration files.
>
Per SF L. Registry:
All key-value pairs are stored in clear-text files
>LDAP is a network service, and thus, has
>its inherent problems: keeping local configuration on the network
>creates problems like poor performance, SPoF, DoS, etc.
>
>Windows uses Active Directory (LDAP + Kerberos, mainly) for
>authentication and to publish Policies and configuration data on the
>network for domain members (computers and users), which are then
>integrated locally and periodically into the Registry of each domain
>member (that's the Applying Policies steps that is performed by WinLogon
>during boot). Domain members DO NOT take configuration data directly
>from the network, but from the local Registry. Trying to gather
>configuration data directly from the network (i.e. LDAP) is a serious
>error, IMHO.
>
>
>
>
More information about the fedora-devel-list
mailing list