guy keren wrote:
>
> On Mon, 17 Apr 2000, Gavrie Philipson wrote:
>
> > This may not help you, but if backwards compatitibily is not required with
> > an existing NIS network, I would suggest using LDAP instead of NIS. This
> > works on both Linux and Solaris (using PAM and nsswitch). It is a very
> > elegant solution, and IMHO much more maintainable than NIS.
>
> and ofcourse, if you ever after that need to use a different OS - you're
> stuck.... that is, unless you go and install PAM on those systems, and
> replace all the (relevant) system binaries....
Indeed. But see RFC 2307.
Apple, the Free Software Foundation, Hewlett Packard, JavaSoft,
Netscape, SGI and Sun are all working on solutions to implement it. We
do have to get rid of "legacy" applications some time, don't we?
> btw - does this architecture work for all programs on the system
> transparently? i.e. any program that tried to fetch any NIS map, will be
> refered to taking data via the LDAP server? in other words - are all NIS
> requests routed via ypbind, or they go directly to the (remote) NIS
> server?
There is a commercial solution which includes a daemon that tunnels NIS
requests to LDAP requests. If you run this daemon on your LDAP server,
it looks just like a NIS server to clients that don't support NSS-LDAP.
This is mainly for compatibility with different OSes. Therefore, I
suggested to use LDAP only if all your OSes support it and you don't
have compatibility issues with a current NIS network. See www.padl.com
for more info.
Gavrie.
--
Gavrie Philipson
Netmor Applied Modeling Research Ltd.
=================================================================
To unsubscribe, send mail to [EMAIL PROTECTED] with
the word "unsubscribe" in the message body, e.g., run the command
echo unsubscribe | mail [EMAIL PROTECTED]
