* Erik Norgaard <[EMAIL PROTECTED]> [0129 20:29]:
> I forgot:
>
> O'Reilly has a really good book on LDAP "LDAP System Administration" -
> includes a chapter on how to migrate from NIS to LDAP.
IMO that's one of the few bad oreilly books - if you want a really good
ldap tutorial, get
"Understanding and Deploying LDAP Directory Services"
the orielly book is more of a cookbook, but does'nt really explain what's
going on.
> And an honest advantage of NIS: Text files only, and LDAP with pam/nss
> is not supported on OpenBSD if you some day need to integrate with that OS.
Yeah, but NIS is horribly insecure. I doubt Theo would embrace it with open
arms :)
NetBSD is almost finished integrating pluggable nsswitch modules, I doubt
openbsd
will be far behind. No offence to the openbsd crew but if you waited for them
to support
something before using it on freebsd you wouldn't be running much...
The flat file thing is a double-edged sword; it's trivial to dump and restore
a directory (at least openldap), and doesn't have the 'issues' I've had with,
say,
SQL databases, where either you get too much (accidentally try to restore the
system
tables) or too little (forget the users).
And an LDAP directory is useful for much more than just distributed password
files,
and is straightforward to replicate (don't know how you'd do that with NIS) and
fast too.
> Also, LDAP requires you to obtain Object Identifiers if you defnine new
> types, I haven't heard of OID that can be used for private/experimental
> purposes only (like the private ip address spaces).
There's no need to get an OID registered (unlike IP addresses; it's not like
it's routed) but it's free and they'll happily give you one if you ask.
--
'What have you done to the cat? It looks half-dead.'
-- Schroedinger's wife
Rasputin :: Jack of All Trades - Master of Nuns
_______________________________________________
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"
