From owner-freebsd-questions@FreeBSD.ORG  Thu Jul 22 18:46:59 2004
Return-Path: <owner-freebsd-questions@FreeBSD.ORG>
Delivered-To: freebsd-questions@freebsd.org
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP id C9F2116A4CE
	for <freebsd-questions@freebsd.org>;
	Thu, 22 Jul 2004 18:46:59 +0000 (GMT)
Received: from internet.potentialtech.com (h-66-167-251-6.phlapafg.covad.net
	[66.167.251.6])	by mx1.FreeBSD.org (Postfix) with ESMTP id 9034E43D1D
	for <freebsd-questions@freebsd.org>;
	Thu, 22 Jul 2004 18:46:59 +0000 (GMT)
	(envelope-from wmoran@potentialtech.com)
Received: from working.potentialtech.com
	(pa-plum-cmts1e-68-68-113-64.pittpa.adelphia.net [68.68.113.64])
	by internet.potentialtech.com (Postfix) with ESMTP id BA1F569A39;
	Thu, 22 Jul 2004 14:46:58 -0400 (EDT)
Date: Thu, 22 Jul 2004 14:46:57 -0400
From: Bill Moran <wmoran@potentialtech.com>
To: Kirk Strauser <kirk@strauser.com>
Message-Id: <20040722144657.0000ac03.wmoran@potentialtech.com>
In-Reply-To: <200407221337.27867.kirk@strauser.com>
References: <1090519611.584.1.camel@mgl.magellanhealth.com>
	<20040722142336.70c55f16.wmoran@potentialtech.com>
	<200407221337.27867.kirk@strauser.com>
Organization: Potential Technologies
X-Mailer: Sylpheed version 0.9.12 (GTK+ 1.2.10; i386-portbld-freebsd4.9)
Mime-Version: 1.0
Content-Type: text/plain; charset=US-ASCII
Content-Transfer-Encoding: 7bit
cc: freebsd-questions@freebsd.org
Subject: Re: User Accounts across multiple machines
X-BeenThere: freebsd-questions@freebsd.org
X-Mailman-Version: 2.1.1
Precedence: list
List-Id: User questions <freebsd-questions.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-questions>,
	<mailto:freebsd-questions-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-questions>
List-Post: <mailto:freebsd-questions@freebsd.org>
List-Help: <mailto:freebsd-questions-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-questions>,
	<mailto:freebsd-questions-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Thu, 22 Jul 2004 18:46:59 -0000

Kirk Strauser <kirk@strauser.com> wrote:

> On Thursday 22 July 2004 13:23, Bill Moran wrote:
> > Ray Seals <rseals@vdsi.net> wrote:
> 
> > > I have 15 FreeBSD machines on my network (soon to be around 30) and
> > > want to synch all the machines userid and passwords.  Is NIS still the
> > > primary way to do this or is there a better solution?
> 
> > As far as I understand it, yes.  Although Kerberos seems to be a
> > practical alternative.  With 5.x, there is more support for pam, thus
> > opening up your choices to things like LDAP.
> 
> Note that Kerberos only provides AAA and not directory services.
> 
> I recently (within the last 6 months) replaced my old NIS setup with one 
> based on OpenLDAP.  It works perfectly across my FreeBSD, Linux, and Mac OS 
> X machines.  NIS did the job, but I won't be rolling it out on new systems 
> ever again.

Were you able to make this work well with 4.x machines?  It's been a while
since I tried, but I had problems with nss turning UIDs back into names.

-- 
Bill Moran
Potential Technologies
http://www.potentialtech.com