[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: interesting problem



Thanks for the reply.  We're planning for LDAP now.  I have to admit 
I haven't worked in an LDAP environment before, but there's testing 
ongoing.  We'll likely migrate in pieces at a time, and it will take 
some time (probably about two versions in Redhat time) before I can 
depend on it for much in terms of the kickstart trees I'm maintaining.

On Tuesday 19 February 2002 05:33 pm, you wrote:
> > Two chief candidates are the passwd and shadow files.  Depending
> > on the type of machine it is, the shadow and passwd files can
> > come from different 'Prototype' directories.  I'd like to get rid
> > of these files altogether as far as the kickstart tree goes
> > (along with the /etc/group file), but I'm wondering if this might
> > cause issues with missing uid's or gid's, or, even worse, if I
> > might later on mistakenly replace a user's uid with, say, a
> > future service's uid.
>
> umm what are you putting in /etc/shadow below the say 500 or 1000
> uid/gid mark?
>
> My general rule that I follow is:
> <500 local system only - mostly accounts needed for the OS to
> function
>
> >500<1000 network-level general/system-use accounts NO USERS HERE
> >1000 user accounts
> >
> >
> > If anyone is managing a slightly more complex kickstart
> > environment that might have some tips for me, I'd be very happy
> > to hear them.
>
> If you want to maintain the namespace across multiple machines on
> the same network look at using nis or ldap for your nss.
>
> -sv

-- 

Brian K. Jones
System Administrator
Dept. of Computer Science, Princeton University
jonesy cs princeton edu
Voice: (609) 258-6080





[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]