[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
Re: Migrating passwd users on Cobalt RaQ
On Fri, 2006-04-14 at 02:17 -0700, Howard Chu wrote:
> In particular, it doesn't support write operations so it can't be used
> as an actual management tool. However, Symas (and probably others) have
> built up full-function modules along these lines. The Symas module
> supports not only /etc/passwd, /etc/group, and /etc/shadow, but also the
> TCB databases (e.g. /etc/security) used by AIX, HPUX, and SCO
> OpenServer, giving you fully LDAP-enabled management of native
> Unix/Linux security. (The upside of this approach vs pam/nss is that
> users can always login to a host, regardless of (loss of) access to a
> central LDAP server. The downside is that updating someone's account
> info can take a non-trivial amount of time as it replicates from the
> central server to every managed host.)
>
Yes, I guess the Symas type of approach is what I was thinking. Perhaps
you need to excuse my ignorance, I was thinking the Cobalt GUI would
serve as the only management tool where writes occur to the passwd file
as it works now. Then a local LDAP server with passwd backend could
serve those authentications to my other apps. What would I need to
replicate? My objective is only to get those users to authenticate
against Postfix, IMAP, etc.
But being a demo purpose module, I feel the recommendation on this list
is to migrate the users and be done with it?
--
Robert