[TUHS] YP / NIS / NIS+ / LDAP
gtaylor at tnetconsulting.net
Tue Nov 6 15:34:48 AEST 2018
On 11/05/2018 08:03 PM, Robert Brockway wrote:
> One caveat with LDAP. When I last did this a few years ago many Linux
> systems were set up in such a manner that a failure of LDAP makes the
> systems largely unusable. AFAIK this is still a problem.
> A sysadmin logging in had to wait out a series of timeouts while trying
> to open nsswitch.conf or the PAM config to disable LDAP so the
> underlying problems could be addressed.
I've experienced such pain. It's not fun.
I think SSSD is coming in to vogue as an abstraction layer between the
system and LDAP+Kerberos for this very reason.
Grant. . . .
unix || die
-------------- next part --------------
A non-text attachment was scrubbed...
Size: 3982 bytes
Desc: S/MIME Cryptographic Signature
More information about the TUHS