Sorry if I'm getting off topic here, but I figure most of you are in the
same boat as me when it comes to the fact that you don't want to have to
set up user accounts on EVERY real server in your farm. When somebody
needs a password reset, I can't imagine having to log in to 5 different
servers to change the password on each of them.
I've done a little bit of research on this, and it seems there are 2
ways of using centralized authentication. They are LDAP and NIS. I don't
personally like either of these, because my main reason for having
multiple servers is actually for redundancy (if one server goes down, I
have others). So what good is it to me if no one can log into the
servers because the central authentication server is down? NIS seems to
have one plausible solution, which is to run 1 master server and every
other server be a slave server, but have each server set as a client to
itself. That way the user accounts are propagating from the master to
all of the slaves, but none of the slaves are relying on any other
server for authentication. They are actually using themselves as their
own authentication server.
Does that sound right? Does anyone have any experience with doing that
kind of a setup with NIS?
My other idea would be simply to rsync all of the necessary files. I'm
running FreeBSD on my real servers so I would just rsync /etc/group,
/etc/passwd, /etc/master.passwd, and /etc/aliases. This way, all of my
machines are using their normal authentication, but they all receive the
newest set of user accounts and password files every minute (if I put
the rsync commands in cron).
What do you guys think? Let me know what you are doing to solve this
problem.
- Doug
_______________________________________________
LinuxVirtualServer.org mailing list - lvs-users@xxxxxxxxxxxxxxxxxxxxxx
Send requests to lvs-users-request@xxxxxxxxxxxxxxxxxxxxxx
or go to http://www.in-addr.de/mailman/listinfo/lvs-users
