Re: LDAP in Unix
- From: jm <jm@xxxxxxxxxx>
- Date: Fri, 29 Sep 2006 09:59:04 +1000
Stephen Booth wrote:
listbounce@xxxxxxxxxxxxxxxxx wrote on 27/09/2006 08:57:25:To reduce the risk of being unable to connect to the LDAP server, setup 2 (or more) servers and configure replication, this is *really* simple with SunONE DS (point-and-click easy).
2. There is no /etc/passwd and /etc/shadow files on the individualhosts
anymore or they are not of any importance. All the passwords are
stored only in the Directory server.
Those files are still there and can still be used. As well as your LDAP users (i.e. those whose details are held in the LDAP directory) you'll have local users whose details are stored in the local files. You can specify what order they are checked in using the nsswitch.conf file, you always want the /etc/passwd file to be used in case the machine cannot get a connection to the LDAP server. Generally if a user has an entry in the LDAP directory then you wouldn't want them to be in the /etc/passwd file and visa versa. Obviously the root user has to be /etc/passwd file as you're likely to need that before the network comes up or if you lose connection to the LDAP server (e.g. network outage, LDAP is down, migrating subnets &c).
Stephen
--jason
- References:
- Re: LDAP in Unix
- From: Stephen Booth
- Re: LDAP in Unix
- Prev by Date: RE: LDAP in Unix
- Previous by thread: Re: LDAP in Unix
- Next by thread: RE: LDAP in Unix
- Index(es):
Relevant Pages
|
