Re: unwanted loading of libnss_nis.so in etch
[Gabor Gombas]
> In theory, it has, you can specify multiple server URIs in the
> config file. In practice the OpenLDAP client libraries do not handle
> failover very well (at least not in the past, things may have
> changed).
Nope, not even in theory. Sequencial 3 minute timeout per server is
not client side failover. It is just painful and useless. :)
> Using the compat module for authorization decisions is a gross hack.
> With NIS you don't have much choice but with a well-designed LDAP
> setup you can nicely decouple the authorization decisions from user
> identification.
Not with equally simple notation. compat is here to stay. :)
Friendly,
--
Petter Reinholdtsen
Reply to: