From: Robert Brockway <robert@timetraveller.org>
To: Grant Taylor <gtaylor@tnetconsulting.net>
Cc: The Unix Heritage Society <tuhs@minnie.tuhs.org>
Subject: Re: [TUHS] YP / NIS / NIS+ / LDAP
Date: Mon, 5 Nov 2018 13:16:54 +1000 (AEST) [thread overview]
Message-ID: <alpine.DEB.2.20.1811051132410.13752@mira.opentrend.net> (raw)
In-Reply-To: <f99e4c98-d584-d823-a581-0d6c3b9c3420@spamtrap.tnetconsulting.net>
On Sun, 4 Nov 2018, Grant Taylor via TUHS wrote:
> Does anyone have any experience with YP / NIS / NIS+ / LDAP as a central
> directory on Unix?
I used NIS a lot in the 90s and early 2000s. I think it continues to be
underrated. The main gripe people had was lack of security but if all of
the hosts were in the same security domain anyway it wouldn't matter.
Integrated very well with NFS on Solaris & Linux for me back in the day.
NIS+ is awful. Let us not speak of it again.
I did a lot of LDAP around 2007-2010. I got quite good at writing
filters as we were using for a lot more than juse user auth.
Most installations I'm seeing today auth to AD, which is of course now
supported.
> I'm contemplating playing with them for historical reasons.
>
> As such, I'm wondering what the current evolution is for a pure Unix
> environment. Read: No Active Directory. Is there a current central
> directory service for Unix (or Linux)? If so, what is it?
In my experience LDAP is preferred in a pure *nix environment these days.
I've never played much with Kerberos.
There is another option that is largely ignored...
Increasingly *nix systems are managed through orchestration tools like
Puppet or Ansible. One option is to build the user account details from
an AD or LDAP backend on the orchestration server and write it out
locally on the *nix boxes. The *nix boxes just auth locally but still
gain the benefit of dynamically managed users. There are advantages and
disavantages of this outside the scope of this list.
Cheers,
Rob
next prev parent reply other threads:[~2018-11-05 4:16 UTC|newest]
Thread overview: 64+ messages / expand[flat|nested] mbox.gz Atom feed top
2018-11-04 20:51 Grant Taylor via TUHS
2018-11-04 21:46 ` Ben Greenfield via TUHS
2018-11-04 22:45 ` Arthur Krewat
2018-11-04 22:58 ` Mantas Mikulėnas
2018-11-04 23:49 ` Warner Losh
2018-11-05 3:16 ` Robert Brockway [this message]
2018-11-05 6:08 ` Grant Taylor via TUHS
2018-11-05 7:24 ` Mantas Mikulėnas
2018-11-05 7:33 ` Mantas Mikulėnas
2018-11-05 16:12 ` Arthur Krewat
2018-11-05 19:32 ` Grant Taylor via TUHS
2018-11-05 22:43 ` Arthur Krewat
2018-11-06 5:25 ` Grant Taylor via TUHS
2018-11-06 16:50 ` Arthur Krewat
2018-11-06 19:43 ` Grant Taylor via TUHS
2018-11-05 19:27 ` Grant Taylor via TUHS
2018-11-05 19:36 ` Grant Taylor via TUHS
2018-11-05 21:36 ` Mantas Mikulėnas
2018-11-05 23:12 ` Grant Taylor via TUHS
2018-11-05 21:43 ` Ben Greenfield via TUHS
2018-11-06 4:58 ` Grant Taylor via TUHS
2018-11-06 12:59 ` Ben Greenfield via TUHS
2018-11-06 6:53 ` Mantas Mikulėnas
2018-11-06 13:21 ` Ben Greenfield via TUHS
2018-11-06 13:44 ` Mantas Mikulėnas
2018-11-06 14:00 ` Ben Greenfield via TUHS
2018-11-06 13:46 ` Mantas Mikulėnas
2018-11-05 22:34 ` Dan Cross
2018-11-06 5:24 ` Grant Taylor via TUHS
2018-11-06 7:07 ` Mantas Mikulėnas
2018-11-06 17:30 ` Grant Taylor via TUHS
2018-11-06 19:58 ` Mantas Mikulėnas
2018-11-06 22:24 ` Dan Cross
2018-11-07 0:35 ` Grant Taylor via TUHS
2018-11-07 11:37 ` Pete Turnbull
2018-11-07 17:30 ` Grant Taylor via TUHS
2018-11-07 22:01 ` Dave Horsfall
2018-11-08 1:48 ` Dave Horsfall
2018-11-07 23:00 ` Pete Turnbull
2018-11-07 1:03 ` Pete Turnbull
2018-11-06 12:54 ` Ben Greenfield via TUHS
2018-11-05 20:10 ` Dave Horsfall
2018-11-05 3:49 ` Larry McVoy
2018-11-05 6:12 ` Grant Taylor via TUHS
2018-11-05 19:58 ` Dave Horsfall
2018-11-05 22:53 ` Grant Taylor via TUHS
2018-11-06 1:28 ` Dave Horsfall
2018-11-05 15:44 ` Larry McVoy
2018-11-05 18:38 ` arnold
2018-11-05 19:04 ` Larry McVoy
2018-11-05 21:21 ` Noel Hunt
2018-11-07 8:58 ` arnold
2018-11-07 14:05 ` arnold
2018-11-05 20:48 ` A. P. Garcia
2018-11-05 23:07 ` Grant Taylor via TUHS
2018-11-06 1:46 ` Dan Cross
2018-11-06 5:32 ` Grant Taylor via TUHS
2018-11-06 22:29 ` Dan Cross
2018-11-07 0:40 ` Grant Taylor via TUHS
2018-11-07 1:38 ` Arthur Krewat
2018-11-06 3:03 ` Robert Brockway
2018-11-06 5:03 ` David Arnold
2018-11-06 5:34 ` Grant Taylor via TUHS
2018-11-06 23:59 Norman Wilson
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=alpine.DEB.2.20.1811051132410.13752@mira.opentrend.net \
--to=robert@timetraveller.org \
--cc=gtaylor@tnetconsulting.net \
--cc=tuhs@minnie.tuhs.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).