tech-userlevel archive

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]

Re: Bottomline - Going LDAP.

Hash: SHA1

On Thu, 22 May 2008, Anders Magnusson wrote:

>>> - ypserv can exit base system if there is a compatibility replacement
>>> for it.
>> If we have syspkgs working. :-) 
>> Otherwise my inclination would be no.  NIS still has its place.
>> LDAP/NIS shims do have issues.  LDAP is much heavier than NIS,
>> right?  Also there is the issue ypserv bit rotting.
>> Or are you saying your new LADP solution would talk NIS?
>Yes.  That was in the original proposal.  Default small domain system should
>be LDAP+Kerberos, and ypserv compatibility added for those that needs it.
>And to avoid the large overhead of an OpenLDAP server I suggested the use
>of a small simple ldap server that do not need all administrative skills
>to be
>setup and run.

NIS should not go away.  I know of plenty of shops still using NIS, and 
other commercial and free OSes support it out of the box.

I'm generally pro-ldap+kerberos, but NIS is not leaving the world of 
potential NetBSD users anytime soon -- this is not a question like 
sendmail vs. postfix where removing one option still leaves 
interoperability easy.

As long as the base system supports NIS as an option in nss -- with no 
additional installs, I would _love_ to see the capability you discuss in 
the RFC available in the base system.  Whether it should be the default 
post-sysinst configuration is something others can comment on.

After all, nss makes these things easy to supply without messing with 
the defaults, right?

- --
                                Jim Wise
Version: GnuPG v1.4.9 (NetBSD)


Home | Main Index | Thread Index | Old Index