Quoth guy keren on Tue, Apr 18, 2000:
> btw - does this architecture work for all programs on the system
> transparently? i.e. any program that tried to fetch any NIS map, will be
> refered to taking data via the LDAP server? in other words - are all NIS
> requests routed via ypbind, or they go directly to the (remote) NIS
> server?
All go via ypbind. So this is less of a problem if you're
talking about accounting only. It is possible to emulate ypbind
interface with a program which really connects to an LDAP server.
The main problem is proper authentication, such as RADIUS. YP
authentication is almost like regular passwd/shadow
authentication, except that it distributes encrypted passwords
over the network to everyone who cares to ask for it. A proper
authentication scheme whould use proper encryption and one-time
cookies sent from the clients to the server. I don't know how
LDAP handles it, but I'm afraid it's similar to YP.
Vadik.
--
Prof: So the American government went to IBM to come up with a data
encryption standard and they came up with ...
Student: EBCDIC!
=================================================================
To unsubscribe, send mail to [EMAIL PROTECTED] with
the word "unsubscribe" in the message body, e.g., run the command
echo unsubscribe | mail [EMAIL PROTECTED]
