NIS and system users
A nasty question...
I inherited a network with several servers installed with the
same non-packaged program. All servers and clients use NIS.
That programs requires the creation of some users and groups
for installing and operating.
My antecessor in the systems' administration created these
users and groups as system ones, all with IDs around 500. Obviously
NIS doesn't seem them, so I am reduced to managing passwords and all
such stuff redundantly, besides creating these accounts all over
again in each new server.
I thought it would be more reasonable to convert all these
users and groups to NISable non-system ones, over ID 2000.
I tried to use usermod to change the IDs, and then I remade
NIS maps. Only that I couldn't log in anymore, su complained about
expired accounts. usermod and passwd couldn't do anything.
Eventually I returned the users and groups to their original numbers,
and everything returned to the usual.
Now I'm thinking about erasing the accounts, and recreate them
from scratch as non-system ones so NIS can deal with them. I will
have to change all files to the new owner IDs, but that was a given
already.
Someone suggested just scratching NIS and going LDAP. I'd
rather Kerberos, but think both are quite unnecessary since I'm not
really worried about security and NIS has been just doing fine.
So, opinions, tips? Would erase the accounts and recreate
them work?
Thanks in advance!
--
Leandro Guimarães Faria Corsetti Dutra +55 (11) 5685 2219
Av Sgto Geraldo Santana, 1100 6/71 +55 (11) 5686 9607
04.674-000 São Paulo, SP BRASIL
http://br.geocities.com./lgcdutra/
Reply to: