What exactly do you need ?
Do you need only login and related issues, like groups,
password expiration, and all that is related to user management,
or will you also use centralized mount permissions (like you'd
use NIS for mount permissions) ?
I'd use OpenLdap, with a good open/free ldap access tool,
and there a few wonderful such tools, I was introduced to yet
another one (based on eclipse) last week, very powerfull.
I don't think you need kerberos, especially if your comparison
point is NIS. If you're gonna use NFSv4, and integrate mounts
with the directory, then yes.
Use LDAP over SSL or TLS.
If you have a large directory, use nscd. I have a good configuration
for a directory with some 80,000 user objects and a few tens of thousands
of groups (see below). Be sure to disable nscd caching for hosts.
threads 10
max-threads 50
server-user nscd
debug-level 99
enable-cache passwd yes
positive-time-to-live passwd 600
negative-time-to-live passwd 20
suggested-size passwd 32749
check-files passwd yes
persistent passwd no
shared passwd yes
max-db-size passwd 100663296
auto-propagate passwd yes
enable-cache group yes
positive-time-to-live group 3600
negative-time-to-live group 60
suggested-size group 32749
check-files group yes
persistent group no
shared group yes
max-db-size group 100663296
auto-propagate group yes
enable-cache hosts no
--Ariel
=================================================================
To unsubscribe, send mail to [EMAIL PROTECTED] with
the word "unsubscribe" in the message body, e.g., run the command
echo unsubscribe | mail [EMAIL PROTECTED]
