[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Centralized user management: what is best?

Mauro Condarelli wrote:

Hi,
I have a small (<8 hosts) lan with mixed Linux (debian) and winXP hosts.
Up to now I managed the debian hosts manually (copying /etc/passwd, /erc/groups, ..., manually), but that is a real pain.
I did recently suffer a severe breakdown so I reinstalled most of the machines.
At this point I would like to setup some centralized way to manage the whole network.
I would like to manage:
- users (<20)
- file servers (2)
- printers (3)
- firewall (ADSL, fixed IP, currently managed with shorewall/webmin)
- mail (currently on a separate host, but I plan to move it to the firewall)

In the past I used NIS, but that is UNIX-only.
I know there's OpenLDAP, but I never used it.
Probably some other package is available.

Question is:
Given the needs, what is the "best" solution?
Should I bother at all? (the main reason I want to install some management is that I began having a lot of permission problems when I moved hard disks from one host to another; I know how to fix them, but I would like to avoid re-doing all that next time...).
Can someone point me in the right direction? I would like to avoid false starts.


Thanks in Advance
Mauro
I think the default answer for Unix is automounting, and I would be surprised if you are not aware of it since you did mention NIS. Is this also something that you consider as "UNIX-only?" (If so, why? My understanding is that it's at least nominally supported by Debian.)
For the XP boxes, the standard solution seems to be a master bootable disk image on a server which is loaded over the network each time the machine boots. (Saves the standard periodic Windows reinstall cycle.) Debian can handle the loading and booting, but I don't know the details.
Of course, both of these solutions together give the user the option of running either Debian or Windows on each machine on the network. (It's only temporary of course, until everyone on the network is weaned from 'Doze. :-)
Reply to: