[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: unwanted loading of libnss_nis.so in etch

[Gabor Gombas]
> In theory, it has, you can specify multiple server URIs in the
> config file. In practice the OpenLDAP client libraries do not handle
> failover very well (at least not in the past, things may have
> changed).

Nope, not even in theory.  Sequencial 3 minute timeout per server is
not client side failover.  It is just painful and useless. :)

> Using the compat module for authorization decisions is a gross hack.
> With NIS you don't have much choice but with a well-designed LDAP
> setup you can nicely decouple the authorization decisions from user
> identification.

Not with equally simple notation.  compat is here to stay. :)

Petter Reinholdtsen

Reply to: