From owner-freebsd-questions@FreeBSD.ORG Wed Jun 8 00:09:31 2005 Return-Path: X-Original-To: freebsd-questions@freebsd.org Delivered-To: freebsd-questions@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 1CF7416A41C for ; Wed, 8 Jun 2005 00:09:31 +0000 (GMT) (envelope-from tshadwick@goinet.com) Received: from mail.goinet.com (mail.goinet.com [208.207.72.15]) by mx1.FreeBSD.org (Postfix) with ESMTP id C282643D5D for ; Wed, 8 Jun 2005 00:09:30 +0000 (GMT) (envelope-from tshadwick@goinet.com) Received: from mail.goinet.com (localhost.goinet.com [127.0.0.1]) by mail.goinet.com (8.13.1/8.13.1) with ESMTP id j5809K5X013580 for ; Tue, 7 Jun 2005 19:09:20 -0500 (CDT) (envelope-from tshadwick@goinet.com) Received: from localhost (tshadwick@localhost) by mail.goinet.com (8.13.1/8.13.1/Submit) with ESMTP id j5809JVq013577 for ; Tue, 7 Jun 2005 19:09:20 -0500 (CDT) (envelope-from tshadwick@goinet.com) X-Authentication-Warning: mail.goinet.com: tshadwick owned process doing -bs Date: Tue, 7 Jun 2005 19:09:19 -0500 (CDT) From: Tony Shadwick To: freebsd-questions@freebsd.org Message-ID: <20050607190008.G64334@mail.goinet.com> MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII; format=flowed X-Virus-Scanned: ClamAV version 0.85.1, clamav-milter version 0.85 on mail.goinet.com X-Virus-Status: Clean Subject: Laptops, centralized authentication, and "roaming profiles" X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 08 Jun 2005 00:09:31 -0000 I have a question of theory that has been bugging me that I thought I would throw at the list. Presume this configuration: a typical small to medium sized company, we'll say 25 workstations, all running some version of *nix, for sanity we'll presume all FreeBSD, but I see no reason some couldn't be linux or osx. I could set up centralized authentication via NIS or LDAP without too much difficulty. I'm aware of the differences in password schema that must be overcome, but I've learned to deal with this. So now I can go workstation to workstation and log in, no problem. NFS can be set up equally well. No issues. In the scenario with desktop machines, this quite simply isn't a problem so long as you are okay with working on everything across the network. Something about that bugs me though...really. You wind up eating up network resources constantly. :\ Anyway, that's a tangent to the real kicker. Laptops. They don't stay put! (well duh) Okay, so the user can log in to the "domain" if you will when in the office, and sure, NFS will automount, but what happens when the user leaves the office? I've done some quick searching on "roaming profiles" (I actually googled 'linux roaming profiles' with little success). So how should one play this out? I personally am on a Powerbook, and have intentionally set up local user auth. I open and close my laptop to sleep it, leave a network, open it and next thing you know you're on a new network. Now, the fact that you generally only have 1 user per laptop makes this "kind of" okay, but your home directory is no longer centralized, you home directory doesn't get backed up, and now I'm dealing with a user that really isn't auth'ing against the domain, and having to alot permissions for such user, and having to manage local machine uid's and gid's. Ugh! You see the cluttered path my mind is wandering down here? Is there already a solution to this, or is it still someone one must hack for themselves?