Re: policy questions -- uid of users stored non-locally (e.g. in LDAP)
"Robert Sherwood" <foof_deb@hotmail.com> writes:
> I am writing an LDAP-aware adduser script for my own use. I was
> wondering whether there has been any discussion regarding policies to
> avoid uid number clashes with multiple login sources.
>
> This is the scenario I would not want to see happen.
>
> 1. User 1001(alice) added to box A, where accounts are stored in flat files.
> 2. User 1001(bob) added to ldap directory from box b, where no user
> 1001 exists.
>
> 3. box A migrated to nss_ldap, pam_ldap, etc.
>
> I don't know how box A would cope with this conflict, but I'm pretty
> sure it's something I'd like to avoid. Is there any preference for uid
> numbers of non-local account, say starting at 10,000 instead of 1,000?
The transition problem is not easy, and cannot be avoided
however you may choose. Just make the default range be 1000..,
a site can always override it.
--
tv@{{hq.yok.utu,havoc,gaeshido}.fi,{debian,wanderer}.org,stonesoft.com}
Perl poetry: for ($tv) { s/blood/caffeine/ while /blood/ }
Reply to: