[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: gids assigned non-deterministically

On Tue, Oct 10, 2006 at 12:46:58PM +0200, Wouter Verhelst wrote:
> On Mon, Oct 09, 2006 at 10:16:45AM -0400, Roberto C. Sanchez wrote:
> > I guess that if the deployment were on a new network, it would be easier
> > to affect how the gids are assigned, since you would be looking for
> > issues like that.  However, for an existing network, this can be more of
> > a problem.
> Not necessarily. There is no real need to have system GIDs assigned
> through LDAP. In fact, personally I'd recommend against it.
> PAM has this wonderful feature called "stacking", which means that you
> can perfectly well use system GIDs from /etc/group, while your locally
> assigned GIDs can come from LDAP. I know that's how I did stuff when I
> transitioned my home network to LDAP.
That is fine for a home network.  However, on a network of 1000
workstations, having to specify group memberships on the clients is kind
of a pain.  All I am trying to say is that Debian should not make it
difficult for the admin to implement what he/she wants.  Unfortunately,
the current system does just that.



Roberto C. Sanchez

Attachment: signature.asc
Description: Digital signature

Reply to: