Professional Web Applications Themes

goinf from NIS to LDAP - Sun Solaris

I do netAdmin for an office of about 100 nodes and 30 users. Currently everything is done through NIS, but LDAP has come up in conversation a few times. There are a few features we like, such as Netscape's ability to import LDIF, integration with StarOffice, and a few other technical reasons. My question is posed to those who have done admin for both. Is one (NIS/LDAP) easier to admin that the other? Which is more robust? Which is more quirky? How well to various admin apps such as passwd, usermod, etc play with LDAP? My ears are open for ...

  1. #1

    Default goinf from NIS to LDAP

    I do netAdmin for an office of about 100 nodes and 30 users. Currently
    everything is done through NIS, but LDAP has come up in conversation a
    few times. There are a few features we like, such as Netscape's ability
    to import LDIF, integration with StarOffice, and a few other technical
    reasons.

    My question is posed to those who have done admin for both. Is one
    (NIS/LDAP) easier to admin that the other? Which is more robust? Which
    is more quirky? How well to various admin apps such as passwd, usermod,
    etc play with LDAP?

    My ears are open for warnings, and rants alike.

    Thanks,

    ~Shea M.

    Shea Guest

  2. #2

    Default Re: goinf from NIS to LDAP

    In article <7F%db.4993$f7.334314localhost>,
    Shea Martin <com> wrote:
     

    With only 30 users, I'm not sure the ROI would be worth the effort/pain
    unless the 100 nodes is a mix of platforms including PC and UNIX. It
    won't be as painful as a 3000-seat site, but will still require
    planning.

    Are there noises about integrating application access (mail, web, etc.)?
    LDAP is the directory service of choice for this but if you have older
    Solaris systems prior (Solaris 7 and earlier), you won't be able to
    integrate them into LDAP as easily.

    This could be a major project that you and you management team should
    really plan out. Take a LDAP class so you're up on the technology prior
    to starting the planning.

    --
    DeeDee, don't press that button! DeeDee! NO! Dee...



    Michael Guest

  3. #3

    Default Re: goinf from NIS to LDAP

    ....... 
    .....

    I do agree. Anyway - the integration of Solaris 7 and lower can be
    handled with the PADL nis2ldap gateway, which is easy to configure and
    seems to be stable.
    This could also be a way for a "silent" integration, since all machines
    can stay as nis clients while getting their account information from
    the ldap server. So you can do the rollout step by step. Once having
    the ldap server running (with the correct scheme etc ) its easier to
    populate it as you might think. Be carefull with the differences of
    sol8 and sol9.

    Cheers Robert

    Robert Guest

  4. #4

    Default Re: goinf from NIS to LDAP

    Robert Gruener wrote: 
    >
    > ....
    >
    > I do agree. Anyway - the integration of Solaris 7 and lower can be
    > handled with the PADL nis2ldap gateway, which is easy to configure and
    > seems to be stable.
    > This could also be a way for a "silent" integration, since all machines
    > can stay as nis clients while getting their account information from
    > the ldap server. So you can do the rollout step by step. Once having
    > the ldap server running (with the correct scheme etc ) its easier to
    > populate it as you might think. Be carefull with the differences of
    > sol8 and sol9.
    >
    > Cheers Robert
    >[/ref]

    2 great responces. We a solaris 8 (with the exeception of my test
    machine which runs 9).

    I must admit a large part of the reason that we were looking at LDAP,
    was that my manager and I were interested in learning LDAP. But I just
    finished reading Sun's "LDAP Setup and Configuration Guide". This 80
    teaser taught me only one thing: take a course or buy a REAL book on LDAP.

    I have a feeling LDAP may help us with some things (like finer control
    over (LAN) site access, etc), but I think I may put it on hold until we
    need a 'make work' project.

    ~Shea M.

    Shea Guest

  5. #5

    Default Re: goinf from NIS to LDAP

    Shea Martin <com> writes:
    [...] 

    I have the first edition of this book and it was quite good. I
    haven't read the second edition, but you may want to check it out:

    _Understanding and Deploying LDAP Directory Services_
    Timothy A. Howes, Mark C. Smith, Gordon S. Good
    http://search.barnesandnoble.com/booksearch/isbnInquiry.asp?isbn=0672323168
     

    Well, if you're going away from NIS, it'll also prevent a 'ypcat
    passwd'.

    --
    David Magda <dmagda at ee.ryerson.ca>, http://www.magda.ca/
    Because the innovator has for enemies all those who have done well under
    the old conditions, and lukewarm defenders in those who may do well
    under the new. -- Niccolo Machiavelli, _The Prince_, Chapter VI
    David Guest

  6. #6

    Default Re: goinf from NIS to LDAP

    David Magda wrote: 
    >
    >
    > I have the first edition of this book and it was quite good. I
    > haven't read the second edition, but you may want to check it out:
    >
    > _Understanding and Deploying LDAP Directory Services_
    > Timothy A. Howes, Mark C. Smith, Gordon S. Good
    > http://search.barnesandnoble.com/booksearch/isbnInquiry.asp?isbn=0672323168
    >

    >
    >
    > Well, if you're going away from NIS, it'll also prevent a 'ypcat
    > passwd'.
    >[/ref]
    if you still use yp/nis /etc/security/passwd.adjunct will do !
    the "adjunct" passwd will not show when ypcat passwd,
    solaris 9 on sparc had an bug in this issue, works in Sol 8 though !
    for info see, sun infodoc: ID 2105 from 1996, on howto setup.
    /Jörgen

    Jorgen Guest

  7. #7

    Default Re: goinf from NIS to LDAP



    so what ? you can use a ldaplist passwd, ldaplist -l passwd or ldapsearch,
    etc. . why should one miss the ypcat ?



    --
    ________________________________________
    Robert Gruener - rgruener online.de
    ________________________________________
    Robert Guest

Similar Threads

  1. Help with LDAP
    By denverjaye in forum Macromedia Contribute General Discussion
    Replies: 0
    Last Post: August 11th, 03:32 PM
  2. GAL using LDAP
    By aw in forum ASP Components
    Replies: 0
    Last Post: October 22nd, 06:02 AM
  3. ASP and LDAP
    By Jayashree Iyer in forum ASP
    Replies: 1
    Last Post: August 27th, 02:19 PM
  4. SSH and LDAP
    By Dwayne Holmes in forum Sun Solaris
    Replies: 1
    Last Post: August 5th, 05:11 PM

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131 132 133 134 135 136 137 138 139