[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: policy questions -- uid of users stored non-locally (e.g. in LDAP)

"Robert Sherwood" <foof_deb@hotmail.com> writes:

> I am writing an LDAP-aware adduser script for my own use. I was
> wondering whether there has been any discussion regarding policies to
> avoid uid number clashes with multiple login sources.
> This is the scenario I would not want to see happen.
> 1. User 1001(alice) added to box A, where accounts are stored in flat files.
> 2. User 1001(bob) added to ldap directory from box b, where no user
> 1001 exists.
> 3. box A migrated to nss_ldap, pam_ldap, etc.
> I don't know how box A would cope with this conflict, but I'm pretty
> sure it's something I'd like to avoid. Is there any preference for uid
> numbers of non-local account, say starting at 10,000 instead of 1,000?

	The transition problem is not easy, and cannot be avoided
	however you may choose. Just make the default range be 1000..,
	a site can always override it.

Perl poetry: for ($tv) { s/blood/caffeine/ while /blood/ }

Reply to: