Re: Caching password, user and group on a roaming Debian laptop
On Sat, 10 Jul 2010, Petter Reinholdtsen wrote:
[…]
Hm. Thanks for the information.
> As for deletion of access rights, I have no idea how it is handled. I
> hope it is handled well, but do not really know.
;-) I guess for systems where people have physical access,
if they go up against you you’ll lose anyway.
Funnily enough, I’m considering at the moment to just create
passwd/shadow/group files from a per-machine template (e.g.
for the system users) and data generated from LDAP, since I
hear enough people swearing about *all* of the methods seen
(local LDAP replica would also be difficult for situations
when the laptop’s at a paranoid customer’s network which only
allows http), such as the new nss cache thing and sssd. With
Univention, they use {crypt} for passwords in LDAP, so this
crazy idea could actually work.
> BTW: not sure if you are subscribed to debian-edu@, so I kept you on
> CC.
I’m indeed not, I just read you Plänet Debian posting(s)
and am following things related to what we do somewhat.
bye,
//mirabilos
--
tarent Gesellschaft für Softwareentwicklung und IT-Beratung mbH
Geschäftsführer: Boris Esser, Elmar Geese
HRB AG Bonn 5168 - USt-ID (VAT): DE122264941
Heilsbachstraße 24, 53123 Bonn, Telefon: +49 228 52675-93
Thiemannstraße 36 a, 12059 Berlin, Telefon: +49 30 5682943-30
Internet: http://www.tarent.de/ • Telefax: +49 228 52675-25
Reply to: