[Fedora] Re: LDAP vs. NIS+

Ashley M. Kirchner ashley at pcraft.com
Tue Nov 15 04:19:28 UTC 2005 

Aly Dharshi wrote:

> Fedora Directory Server is a good free piece of software that will 
> play nicely on Fedora, Sun and any LDAP compliant system.

    Just from reading the first few pages of the Documentation [at 
http://directory.fedora.redhat.com/wiki/Documentation], I get the 
overwhelming feeling this might be way overkill for what I want (not to 
mention way over my head as well.)  Then again, I have never done 
anything with LDAP, I don't understand it, and don't really know what 
it's potential is.  So perhaps I need to track back a bit here and ask 
for some guidance.  What IS LDAP and what can it do for me?  Is that 
really what I want to use considering what I want to  accomplish 
(hopefully this comes out and doesn't get mangled):

                           [ accounts server ]
                                    |
                                    |
        +---------------------------+-------------------------+
        |                           |                         |
        |                           |                         |
 [ www server ]  <- NFS ->  [ shell server ]  <- NFS ->  [ mail spool ]


    With the 'accounts server' being the one machine where user accounts 
are managed.  The www and mail servers just need to know the UID/GID (I 
think) to function properly, like being able to save files with the 
proper permissions.  And the shell server is the one everyone uses to 
log in on, keep their files and do whatever.

    So, with my limited amount of understanding, I think what I need is 
www and mail being able to replicate the users' permissions based on the 
accounts server, and the shell server being able to authenticate against 
the accounts server.

    (I don't even know if I'm using the correct terms here, so if I'm 
not, feel free to correct me.)

    Tell me Fedora Directory Server isn't overkill, and I'll shut up and 
continue reading.  Tell me LDAP is really what I want to use here, and 
I'll go spend the next several weeks trying to figure it out and learn 
the whole thing - if that's even possible.

-- 
R | I haven't lost my mind; it's backed up on tape somewhere.
  +--------------------------------------------------------------------
  Ashley M. Kirchner <mailto:ashley at pcraft.com>   .   303.442.6410 x130
  IT Director / SysAdmin / WebSmith             .     800.441.3873 x130
  Photo Craft Laboratories, Inc.            .     3550 Arapahoe Ave. #6
  http://www.pcraft.com ..... .  .    .       Boulder, CO 80303, U.S.A.

More information about the users mailing list