In article <20031216234229.GA6551@snew.com>,
Chuck Yerkes <Netbsd-help@NetBSD.org> wrote:
>Quoting Alan Horn (ahorn@deorth.org):
>> I have used it in networks of several
>> hundred hosts in the past with no problem.
>
>Me too.  Don't you hate it when a box that WAS a slave and
>has gone down comes back?  Months later?  Serving random
>people who happen to have bad luck to bind to it?

You make all the machine slave servers.

>Or the fact that about anyone can get your /etc/passwd info
>with some decent luck.

Not if you use a secure transport for ypfxr, and configure ypbind
to serve only localhost.

>The only thing that justfies using NIS is the threat of having
>to use NIS+.  A stupendous piece of crap.  "Oops, all the NYC
>machines decided to bind to hosts across the WAN so our WAN
>usage has skyrocketed from 10% to about 90% while performance
>has mostly just stopped."  And Sun had no workaround for this
>"oh, is that bad?" behavior.

Writen by summer students for summer students.

>No, other choices where HESIOD for info, Kerberos for auth or,
>post 1998, LDAP.  SASL authentication (or SSL/IPSec encrypted
>paths - or even private networks for a cabinet of infrastructure)
>and I can scale and offer what NIS offers, just better.

Right.

christos