On Sat, Apr 13, 2002 at 11:28:51AM -0700, collver@linuxfreemail.com wrote:
> I also learned that Kerberos is authentication only.  To fully replace
> NIS, I could pair Kerberos with LDAP if I had something like pam_ldap or
> nss_ldap.

Hesiod. The records are stored in DNS. 

NCSU.edu uses Kerberos+Hesiod to support a user base of about 30,000 people.
Other sites are similar in size or larger (or smaller). See the
dns stuff in nsswitch.conf that doesn't deal with hostnames. 

Unless I've messed something up, NetBSD's Hesiod integration is only
about half-way done. I have yet to track down and fix the annoying
little bugs here and there, but "it's on my list". 
-- 
Kevin P. Neal                                http://www.pobox.com/~kpn/

"It sounded pretty good, but it's hard to tell how it will work out
in practice." -- Dennis Ritchie, ~1977, "Summary of a DEC 32-bit machine"